Format

Send to

Choose Destination
J Am Med Inform Assoc. 2006 Nov-Dec;13(6):601-7. Epub 2006 Aug 23.

The security implications of VeriChip cloning.

Author information

1
Beth Israel-Deaconess Medical Center, Boston, MA 02120, USA. jhalamka@caregroup.harvard.edu

Abstract

The VeriChip is a Radio-Frequency Identification (RFID) tag produced commercially for implantation in human beings. Its proposed uses include identification of medical patients, physical access control, contactless retail payment, and even the tracing of kidnapping victims. As the authors explain, the VeriChip is vulnerable to simple, over-the-air spoofing attacks. In particular, an attacker capable of scanning a VeriChip, eavesdropping on its signal, or simply learning its serial number can create a spoof device whose radio appearance is indistinguishable from the original. We explore the practical implications of this security vulnerability. The authors argue that:1 The VeriChip should serve exclusively for identification, and not authentication or access control. 2 Paradoxically, for bearer safety, a VeriChip should be easy to spoof; an attacker then has less incentive to coerce victims or extract VeriChips from victims' bodies.

PMID:
16929037
PMCID:
PMC1656959
DOI:
10.1197/jamia.M2143
[Indexed for MEDLINE]
Free PMC Article

Supplemental Content

Full text links

Icon for Silverchair Information Systems Icon for PubMed Central
Loading ...
Support Center