RFID Implants and preventing malicious cloning

Happy Post-Holidays and Pre-New Years, everyone.

I’ve been interested in biohacking on and off for a few years, but haven’t “taken the plunge” just yet, if only because there’s hasn’t been good reason (beyond basic technological curiosity, of course) to do so.

With the New Year upon us, however - I’ve just started a new job where I’m about to be assigned a HID ID badge, and I’m thinking that this is my time to take the leap and pop a chip into my hand.

This desire is muted somewhat, however, by a recent obsession over physical access security, which has lead my down a rabbit-hole of YouTube videos on security companies that perform physical penetration tests (shoutout to Deviant Ollam and his excellent videos - if you’re not familar, definitely check it out).

One thing that has stood out to me is the risks associated with a malicious attacker/bad actor cloning an RFID badge from around 18" away, then using that to gain access to whatever access control systems said RFID is intended to protect.

This has lead to me wondering about securing an implanted RFID tag.

With a traditional badge, I can (not that most do) slip the badge into an RFID shielded device/pocket/etc when it isn’t in use. I can leave it at home in a secure location when not in use, etc.

With an implanted chip - I’m carrying my credentials 24/7 - which is the point, but also is a new risk and attack vector if someone wants to clone my chip.

How does one account for and mitigate this risk? Do I need to sew some anti-RFID materials into my winter gloves? Or perhaps into my pants pocket and keep my hand in my pants at all times?

My examples are a bit tongue-in-cheek of course, but it is a topic that came up with some of my new co-workers. They have easy options with a traditional RFID badge to just leave the device behind or pop it into an RFID blocking wallet if they are worried over security.

With an implant, both of those countermeasures seem to be gone.

Love to hear what you all think about the risks and how to best minimize them going forward.

Thanks in advance!

There’s gonna be people to talk about electronic security, I’m not one of them, it’s just not my area.

But… It occurs to me you may be overlooking a pretty major security feature. Stealth and the art of concealment. I don’t know the tech necesssary for a long range read on a chip, but I’m guessing that it’s running at the edge of the performance envelope. As such it would likely need to be fairly targeted.Anyone trying to scan in the vicinity of your wallet / pockets is not likely to pick up something in your hand. Unless of course you happen to put your hand near your pockets.

Obviously this only works if your chip remains concealed which is not completely possible if in use, but might defeat an attack by someone not familiar with you or who has not targeted you specifically.

Just my random thoughts.

Oh, and make sure to put your body in the possible line of sight when scannning so that no one notices your secret ability.

Security by obfuscation is never a good thing to be the sole security measure, but the very small read range of implants is certainly a consideration. A card could be read at a “more than personal space” range with high power readers. If someone is going to get close enough to you to get a read off your implant without you knowing, you are likely either unconscious or dead. lol.

RFID blocking gloves is an interesting product idea though.

So curiousity compelled me, and I googled RFID blocking gloves.

Unbeleivable how many popped up. Apparently EMF shielded clothing is a thing. Looks to be more in the tin foil hat kind of market, but they are clearly available.

Not practical. But maybe if you were going to some kind of hacker convention, where getting a read might be more of a sport… Still, not much for practicality.

Read up, and you’ll discover reading ranges farther than 5" are not practical with RFID or NFC implants, and certainly not discreet. In other words, unless you’re asleep or someone cuts off your hand, there’s almost no chance someone will come up to you and read your implant without you noticing. Also, if your system exploits more than the UID, cloning the entire content of a “dumb” chip is even less likely, as the data transfer rate is painful slow and would take many seconds. As for full-blow encryption processor chips, they work by challenge/response, so they’re impossible to clone.

Of course, there’s always the man-in-the-middle attack: for instance, your friendly gym owner registering your chip’s UID in their security system to grant you access, then cloning your UID into another tag to gain access to your workplace and steal stuff. The security system at my company exposes the UID to the manager of the system as a hex number, so I know it’s definitely doable for a technically-minded person. Still, not terribly likely if you deal with trusted people/organizations.

If you’re very concerned and you use your implant to log into computers for example, then use two-factor authentication - i.e. your implant’s data combined with a PIN code or a password - and don’t use it for anything else. But really, what I mean is, while there’s always the possibility of misuse or hacking, it’s just not very likely. No need to get paranoid.

I’m not worried in any truly serious way, but it did become a topic I’m curious about of late, specifically in a couple of the videos I’ve watched from Deviant Ollam - he and his team were able to modify a Prox reader (I believe) into a capture device. They slip it in a backpack with a power supply so that it cant be seen, and then spending a few seconds withing 18" of a target is enough to capture their RFID info. (The example shown in the video is sitting down at a bench next to someone for a couple seconds, then “getting a phone call” and moving away again).

In a case like this, security through obscurity doesn’t work, because merely being close to the target is all it takes. It doesn’t matter (to the best of my limited knowledge) where the tag is. It’s just getting picked up for being “in range”.

So it’s really a mostly theoretical/mental exercise than anything else, I suppose.

It’s also worth noting that Deviant Ollam (I’m pretty sure) and his wife have implanted chips (hers is demostrated in the occasinoal video) - and since they’re familiar with the potential for these attacks since that’s his living - it seems like it’s pretty reasonable to assume what you’ve said - the risk is pretty low.

There’d have to be a motivated individual targeting my company (and as a subset, me) to really make this a concern in any practical way.

But its still something that is tickling my curiosity all the same.

Please use something that supports challenge-response authentication process (like DESfire EV2, they also come in glass and are listed as xDF2) to open your doors. It’s impossible to ‘clone’ these.

Everything else is security through obscurity.
I know it’s almost impossible to read the implanted one from large distance.
I know it’s easier to break the door sometimes.
I know the hacker must know what chip do you have, the implantation spot, etc, to have it cloned.
I know regular robbers only know how to break mechanical locks (give them few years to evolve btw).
It’s still security through obscurity, no excuse.

Security through obscurity is always bad.

Never use your chip’s UID as a main access factor for valuable property.

Avoid using NTAG216 memory as an access factor even if your memory is protected by password (it could be sniffed by waving pm3 near your reader).
And yeah, PACK is also not safe.

Use secure tech if you want some security.

If only I were in charge of such decisions.

As it stands, we’re at the mercy of what the building managers have installed - and good luck telling them to change things.

Now, if/when I set something up for home this will be a good thread to return to.

Well, if the building managers install insecure tech, then you’re not responsible for bad things that happens to them as a result.

Having said that, there are hundreds of millions of RFID access systems out there, and you don’t commonly hear about cloned cards used for breaking in. It’s not to say it doesn’t happen, but if it was that insecure in real-world usage, it’d have been replaced long ago. Hell, credit cards are much more insecure and they’re still in use…

Since implants are probably harder to clone than badges and access cards, and almost impossible to steal, I’d say whatever security RFID access cards provide is easily matched by their implant counterparts.

I am talking about systems you manage by yourself of course. About your own flat/house especially.
When it comes to office buildings, it’s just their own responsibility

They usually have security staff (don’t know the proper word) to protect people and goods, btw. And they also have a main door that is locked at night properly. That’s why they still use old and insecure techs like EM-Marine badges inside.

I’d say an implant is more secure as the read rage is much closer due to the spiral receiver. and the fact that someone would have to know you had the chip in the first place to try and clone it

If you really want a true unclonable implant go for an xDF2 with DESFire EV2 chip and put it into private mode. In private mode the UID of the chip will be randomized for each read / iso14443a session. Each AID can be AES or 3DES keyed to protect the contents.