Blog

As implantable devices like pacemakers are increasingly starting to rely on wireless signals to communicate with external devices, newer opportunities are opening up for hackers to exploit critical life-saving equipment. If stricter security measures are implemented, it leaves open the possibility hat at a critical time an authorized physician might not be able to access the device.

Now Microsoft Research is proposing a solution: protect every device with a password, then tattoo the password right onto the patient in invisible UV ink. It’s a hard concept to argue with: cryptography works pretty well, after all, and a device that is password-protected with a random string of characters would indeed be difficult to hack. Such schemes have been proposed before, using identifier bracelets or RFID tags that contain the passcode, but these options aren’t so secure; a patient can easily lose a bracelet, and RFID tags themselves aren’t immune to malicious requests.

But tattoos can’t be lost, forgotten or, depending on placement, even viewed without the owner being aware. Moreover, using micropigmentation technology the tattoos could be invisible, revealing themselves only in the presence of focused UV light. ERs would simply keep an ultraviolet LED-equipped device on hand that allows medical personnel to see the tattoo — which would be inked into the skin at the point of implantation — and enter the password via a keypad or touchscreen.

It’s not an impenetrable security plan, but it beats a lot of the ones that have come before it. It’s possible that someone could get close enough to you to see your tattoo, but chances are if a malicious party has you shirtless and cornered under a UV lamp, you’ve got bigger problems.

Source: Popular Science.