Now, to be fair, some delegates at the 2016 cryptocurrency conference Consensus were sceptical when I shared my preferred strategy for securing my digital dosh, which was to convert the security key into a QR code and have it tattooed onto my scrotum. You could see them questioning my grasp of the relevant risk models and questioning my confidence in the technology. I was not dismayed by their negative reaction. In fact, I had suggested this approach to managing privates keys (sic) before and had toyed with the idea of patenting this breakthrough in cyber defence but sadly never got round to it. Now I am kicking myself about it, because I was delighted to read in the New York Times that numerous people of an innovative bent have indeed had QR code tattoos and… guess what, they work.
The problem with scrotum-based QR codes though is that you have to take your clothes off to use your cryptocurrency wallet, which might we the sort of the thing that people do in El Salvador (although as I recall from my last visit, most people there were fully-clothed) but it’s often a bit chilly in Woking. On reflection, I thought that a better plan might be to have an RFID chip injected somewhere more accessible and store my keys there.
Well then… RFID chip implants or QR code tattoos? What is the right choice for the discerning cryptocurrency enthusiast on the go? In truth I am somewhat conservative, so I am still using my Bitbox USB hardware wallet but perhaps I should be more happening and down with the kids on this one. Let’s look at the pluses and minuses.
On the plus side of implants, can be read passively and at a distance, can generate digital signatures and can store a reasonable amount of data. On the minus side, if you are kidnapped by a El Salvadorean drug cartel they will cut it out of you and send it as proof of capture to your nearest and dearest along with a Bitcoin random demand.
On the plus side of QR, everyone uses QR codes. There are two reasons for this: COVID-19 and Apple. A couple of years ago, Apple changed the iPhone software so that you could scan QR codes with your iPhone camera and not have to run a separate app. At a stroke, gazillions of people gained the ability to automagically enagage in contact-free transactions, while shortly afterwards along came the pandemic and the demand for contact-free transactions for everything, not only shopping. It’s not all down to Apple, of course. The cameras in mobile phones have improved across the board so that QR codes can be scanned clearly from a safe distance so that consumers can stand a couple of metres away from the point of sale and buy without using cash. On the minus side, QR codes are insecure and easy to copy.
This means that they are a security problem and the pandemic has indeed presaged a variety of scams.
Inject And Win
While I am very enthusiastic about the prospects for payments wearables (I am the non-executive Chairman of Digiseq, which personalises wearables of many kinds), the British-Polish startup Walletmor has launched a “wearable” that goes a step further than the bracelets, rings and key fobs that we all know and love. They are launching a biopolymer payment device that can be implanted just under the surface of the skin.
Not a wearable, but an injectable. And for the low, low price of €199, you get an implant is the size of a small safety pin and about half a millimeter thick, comprising a chip and a metal sheath that acts as an antenna. The device was created by VivoKey Technologies Inc. in Seattle to comply with the ISO 10993 standard for “biocompatible” medical devices. Implantation is painless and takes only 15 minutes, they claim. Currently, there are over 50 recommended Walletmor professional implant installers in the European Union, including traditional hospitals, clinics and aesthetic medicine laboratories.
The device itself is a prepaid EMV card that is linked with an iCard wallet. According to Walletmor there are already 200 people across the UK, Germany, Poland and Scandinavian countries using the implant.
What an interesting new idea! No, wait… what an interesting old idea.
Ten Years Ago
A decade back I can remember writing about rumours that Google and a number of other organisations had formed a study group to look at the idea of offering people free injectable NFC chips in return for special offers, coupons, additional loyalty points an a variety of value-added services around Android NFC phones. I thought this was quite interesting because the idea of making Android more attractive than iPhone/iPad by making the owners part of the much-talked about “Internet of things” was a pretty wild approach. But who knows? Stranger things have happened. Anyway, I noted that Katrina Michael, associate professor of the University of Wollongong’s school of information systems and technology, and author of scientific paper “Towards a State of Uberveillance”, said subdermal chip implants in humans could be commonplace within “two to three generations“.
Why would anyone want one of these? Well, for example, suppose that I take my URL “www.dgwbirch.com” and encode it in some way (you can see an example here) and add that to my chip, then anyone who taps me with a Android could read it (even if it was under my clothes) and have it added to their bookmarks immediately. Some people might want to have their Facebook “Real Name” coded into the chip, but I thought at the time that for rather dull middle-aged businesspersons (such as myself) the LinkedIn profile would be better. Who knows – the point is that surveys have shown that whatever the Privacy International’s of the world might think, people liked the idea: a survey of Germans at the time found that a quarter were happy to have a chip planted under their skin for very trivial uses for example to pass gates more quickly at a discotheque for example and to be able to “pay for things more quickly in the supermarket“.
The advantages are obvious. You would never have to remember a wallet, an ID card, a bus pass, whatever, because it would be permanently embedded in you. It is not difficult to see why Big Tech, never mind Big Government, might want to implant chips in people, but looking back on this stories what strikes me is that they were contemporaneous with stories about the imminent demise of QR codes: for example, Google sending out window decals with NFC chips to participating businesses in after dropping support for QR codes.
Back then, I could see that not everyone was as enthusiastic about the chipping as I was. I’m not an expert on the Book of Revelations, so I don’t understand the theological objection to tracking at 13.56GHz as opposed to optical wavelengths, but it should be noted that there are people who believe that the chips are a mark of the beast and are against implants. In biblical prophecy, this is a number written on the forehead, to mark those controlled by an evil power. To be fair, neither Google nor WalletMor nor anyone else was talking about having the chips implanted in the forehead: when I was trying to persuade a company to implant a chip in me, I was imagining that fleshier areas would be more appropriate. In that was another five years back.
Fifteen Years Ago
I had been reading a global survey by Unisys that found that 69% of Europeans supported the use of biometrics for identification purposes. As far as I could tell, it wasn’t out of deep-seated concerns about security and a balanced, but informed, perspective on biometric technology: it was because of laziness: 83% of those supporting biometrics cited convenience, not security, as their main reason for wanting the technology. This was a point that I made repeatedly in client work at the time and when the iPhone’s TouchID came along I think it proved this point conclusively: biometrics int he mass market are a convenience technology not a security technology.
Anyway, what caught my eye in the survey was that it found that rather than use PIN, ID cards or biometrics, one in 10 Asia-Pacific consumers said at the time that they would prefer to have a chip implanted in their body!
I’d looked this before, back in 2004, because at the time everyone’s current favourite case study for this sort of thing was the Baja Beach nightclub in Barcelona, where patrons had been offered the choice between a card and a chip and some of them chose the chip. Those chips (which were VeriChips, produced by Applied Digital Solutions) had been approved for use in humans so I decided that I would try to have one injected live on stage at an event but the companies that I spoke to refused to do it (something to do with insurance, if I recall) which I was at bit disappointed about.
The chips were the size of a grain of rice (1.2mm wide and 12mm long) and at the nightclub they were injected (by a “medically trained” person, according to the New Scientist) under the skin in the upper left arm. As I said (rather wittily, I thought, although the joke’s pretty thin now) in a presentation to the International Association for Biometrics (IAfB) back in September 2004, you really can’t leave home without it.
If I were the sort of person to go to nightclubs in Barcelona I would definitely have opted for the chip. After all, chipped clubbers could jump the entrance queue, reserve a table and use a VIP lounge. The waiters had handhelds to scan the chips to charge drinks to your bill: what could be more convenient, especially when you’re wearing clothes with no pockets. Or no clothes.
In summary: I don’t have a point, except to say that actually I would prefer to have a chip containing revocable credentials injected into my arm than have privacy-invading facial identification systems installed everywhere.
Snippings 