Microchipping workers is a thing. Should it be?

A Seattle startup sells embeddable microchips so employees can seamlessly log into networks and access secure areas. Is that a step too far?

Illustrations by Eric Nyquist

When he enters his Seattle office, logs into his computer, or walks into his house, Amal Graafstra doesn’t need to dig for keys, find an electronic access card, or even punch in a passcode. Instead, he waves his hand. It’s that simple. Within a second, he’s in.

Graafstra is microchipped.

There’s a slender electronic gadget, about the length of a staple, inside his hand. It relies on near-field communications, or NFC, to let networked doors or other devices know that it’s really him. He needs to be a few centimeters away — about the same distance as it takes for two magnets to connect — from a target for the technology to work.

Graafstra envisions a not-too-distant future in which many people are microchipped — employees who need to access highly secure areas or anyone who needs to validate their identity to read sensitive information or access important files. He says chipping workers could become the next generation solution for corporate security, too. It’s less vulnerable to hacking than passwords, ID cards, or even biometric data such as facial recognition, and it’s completely “frictionless,” he says.

With an implant, which consists of the metal chip and an antenna encased in a sterilized biocompatible glass cylinder, employees won’t be able to forget badges, passwords, or keys, allowing companies to stop putting “so much effort and time into managing those employees who forget their credentials,” Graafstra says. The company’s chips can be implanted by state-licensed body piercers.

Of course, Graafstra has a considerable stake in microchipping workers. He runs a startup called Dangerous Things that sells the technology to other companies. Graafstra says he gave the company such an edgy name to attract the early adopters who typically rush to check out new technologies. In 2016, he says the company sold between 30,000 and 40,000 of its implantable devices. While no more than five companies worldwide have officially offered his company’s products to their workers, he says, that doesn’t mean those firms are the only ones giving implantable chips a whirl.

Graafstra says employees from Apple, Google, and Samsung have made purchases, too, albeit independently from their companies, which have not officially acknowledged interest in the technology. The buyers “are not coming out and saying, ‘we’re implanting employees.’ They’re probably just checking it out and seeing if it’s interesting… . I get the feeling that there are more that are just buying these for their employees, and they’re not disclosing it to the public,” Graafstra explains.

Microchipping gained some national attention this summer after Three Square Market, a Wisconsin-based vending machine firm, offered its employees the chance to voluntarily get chipped with devices made by the Swedish company BioHax International. The company also invited the media to witness as they implanted chips into the hands of about 50 of its employees. With the devices, Three Square Market’s employees can unlock doors, log onto their computers, and purchase snacks with the swipe of their hand.

Other companies may follow suit: Three Square Market partnered with BioHax International to be its exclusive US distributor. Three Square Market CEO Todd Westby told one radio interviewer that various companies, including health care groups, have expressed interest. “If you’re a technology company, things like this are actually exciting,” Westby told CNBC in August. “We don’t look at it as being too weird. We initially decided to do it just because we thought it was … I guess you could say ‘cool, something different.’ ”

Despite the wide-eyed enthusiasm from Westby and Graafstra, not everyone is as excited about the potential for microchipping workers. The issue of privacy, for one, is a major concern. “It’s another dimension to the same data privacy conversation of how much information does this thing have on it,” says Jamie Winterton, director of strategy at Arizona State University’s Global Security Initiative, an interdisciplinary research group. “How is it accessible? Is the data encrypted? What kind of data is collected, and how long is it stored?”

And can workers trust employers not to track them after hours? “My hope would be that the only data being collected is, ‘Yes, this is you and you’re swiping in and out of the building,’ ” she says.

Beyond privacy concerns, there’s the question of whether the convenience and security of an implanted chip is just too creepy or a step too far in the employee-employer relationship. Andrew Challenger, vice president of the Challenger, Gray & Christmas employment and outplacement firm, says the “invasive” nature of the device will limit its appeal. “It would surprise me if this is a trend that caught on,” said Challenger, whose firm tracks various workplace trends.

Microchips aren’t even necessary because everyone is carrying a smartphone, says Challenger. Most of those contain radio-frequency identification encoded memory chips that electronically store information “without the need for surgery.”

Microchipping shouldn’t raise privacy concerns, says Graafstra. Once implanted, the device only “powers up and does its job when it’s being presented to a reader,” he says. “Being able to actually have a cryptographic token inside you that is not going to be vulnerable to [attack] is going to become much more critical, I think.”

While implantable devices “are more secure than devices with keyboards attached to them,” that alone can’t keep all bad actors at bay, says Steve Morgan, founder and editor-in-chief of the Cybersecurity Venture market research firm.

“At some point in the chain-of-command, there are people [who] are granted access or illegally gain access to every digital device — software and hardware of every type. This includes implantables,” writes Morgan in an email. For example, newly discovered vulnerabilities that could affect patients with implantable cardiac pacemakers have highlighted how embedded technology isn’t fail-safe. “The biggest risk that society faces is being lulled into a false sense of security, and believing that the latest and greatest innovations are hack-proof,” Morgan says.

In addition to Graafstra, the four other employees of Dangerous Things have been implanted with one of the electronic gadgets. They’re inserted in their hands, in between the thumb and pointer finger; in their arm, just above the wrist; or in the meaty part of the hand that’s below the pinky.

What does it feel like to get chipped? Westby of Three Square Market said this to CNBC: “[I]t feels like basically somebody stepping on a pinky toe with a dress shoe on.”

CXO Magazine is a new publication founded at Northeastern University to chart the ideas, events, and people shaping the future of work. Learn more.