A Cincinnati company is requiring any employee who works in its secure data center to be implanted with a microchip.
The video surveillance company CityWatcher.com injected two of its employees in the triceps area of the arm with the VeriChip, a glass-encapsulated RFID, or radio-frequency identification, tag, according to Liz McIntyre, co-author of “Spychips: How Major Corporations and Government Plan to Track Your Every Move with RFID.”
CityWatcher.com’s Network Administrator Khary Williams spoke with McIntyre by phone Wednesday after the company announced it had integrated the VeriChip VeriGuard product into its access control system.
The tag can be read through clothing from a few inches away.
The highly controversial device is being marketed as a way to access secure areas, link to medical records and make purchases like a credit card.
As WorldNetDaily reported, when former Secretary of Health and Human Services Secretary Tommy Thompson joined the VeriChip Corp. board of directors, he pledged to get chipped and encouraged Americans to do the same so their electronic medical records would be available in emergencies.
But McIntyre and co-author Katherine Albrecht contacted VeriChip Corp. in December and were told the chipping never took place.
VeriChip spokesman John Procter said Thompson had been “too busy” to undergo the procedure, adding that he had no clear plans to do so.
CityWatcher’s Williams said a local doctor already has implanted two of the company’s employees with the VeriChip devices.
“I will eventually” receive an implant, too, he added.
Meanwhile, Williams accesses the data center with a VeriChip implant housed in a heart-shaped plastic casing that hangs from his key chain.
He told McIntyre he had no reservations about having the procedure and would do it as soon as time permits.
But McIntyre says she’s worried that CityWatchers – a government contractor specializing in surveillance projects – would be the first publicly to incorporate the technology in the workplace.
CityWatcher provides video surveillance, monitoring and video storage for government and businesses, with cameras set up on public streets throughout Cincinnati.
The company hopes the VeriChip will bolster its proximity or “prox” card security system that controls access to the room where the video footage is stored, said Gary Retherford of Six Sigma Security, Inc., the company that provided the VeriChip technology.
“The prox card is a system that can be compromised,” said Retherford, referring to the card’s well-known vulnerability to hackers.
He explained that chipping employees “was a move to increase the layer of security.”
“It was attractive because it could be integrated with the existing system,” he said.
McIntyre points out, however, researchers have shown the VeriChip to be vulnerable to hackers.
Security researcher Jonathan Westhues showed last month how a hacker can clone a chip and theoretically duplicate someone’s implant to access a secure area.
Westhues believes the VeriChip is not secure and “not good for anything.”
“No one I spoke with at Six Sigma Security or at CityWatcher knew that the VeriChip had been hacked,” said McIntyre, author of a chapter titled “Hacking the Prox Card” for Simson Garfinkel’s recent “RFID: Applications, Security, and Privacy.”
“They were also surprised to hear of VeriChip’s downsides as a medical device,” he added. “It was clear they weren’t aware of some of the controversy surrounding the implant.”
Albrecht says that while CityWatcher.com does not require employees to receive the chip to keep their jobs, the company is establishing an unsettling precedent.
“It’s wrong to link a person’s paycheck with getting an implant,” she said. “Once people begin ‘voluntarily’ getting chipped to perform their job duties, it won’t be long before pressure gets applied to those who refuse.”
Albrecht believes the VeriChip will be hard to sell when people learn of the security flaws, combined with a general squeamishness about implants.
“Obviously, nobody wants their employer coming at them with a giant hypodermic needle,” she said. “But when people realize it takes a scalpel and surgery to remove the device if it gets hacked, they’ll really think twice. An implant is disgusting enough going in, but getting it out again is a bloody mess.”