Contraception On A Chip: Is It Secure?

An implanted chip could give women the power to wirelessly control their own fertility, bringing contraception to millions of women in developing countries and reducing infant mortality and poverty along the way.

The idea of wireless control over an implant, however, brings with it concerns about security and reliability. While any connected device has the potential to be hacked, the team developing the chip has created numerous safeguards to address security concerns.

According to WHO, 222 million women in developing countries would like to delay having children or prevent it altogether, but do not have access to contraception. In 2012, around 80 million women had an unplanned pregnancy and a quarter of those sought an unsafe abortion, according to the Gates Foundation. Existing contraceptives, such as the pill and IUDs (intrauterine devices) can be challenging for many women to access or use correctly.

The new microchip overcomes barriers of access and use. After being implanted under the skin in a quick outpatient procedure, the 0.8 x 0.8 x 0.28-inch chip releases the birth control drug levonorgestrel for up to 16 years and can be turned on and off with a remote control.

It works by opening one of many tiny reservoirs on the chip via an electric current, releasing its load over the course of 30 days. At the suggestion of Bill Gates himself, scientists at MIT developed the technology and licensed it to MicroCHIPS, a medical technology company specializing in programmable drug delivery. The chip successfully treated osteoporosis in a patient in 2012.

Hacking the body

But what are the security implications? Could a hacker access the system and flood a woman’s bloodstream with levonorgestrel, causing miscarriage or even death?

“In every device I’ve evaluated in my career I’ve always found a way to get in,” says Jay Radcliffe of security firm Rapid 7. Radcliffe has worked in information security for 15 years and has firsthand experience of the vulnerabilities of medical devices, having famously hacked his own insulin pump at the 2011 Black Hat conference.

Although a criminal could hypothetically park his car outside a hospital and hack medical devices to “do evil things,” direct attacks on ordinary people’s medical devices are very rare, says Radcliffe. Former Vice President Dick Cheney had his doctors remove his pacemaker’s wireless capability for security reasons.

Viruses and malware aimed at other targets pose a far greater threat, he says. For example, identity theft malware targets mobile phones via Bluetooth, and the infection tends to impair other phone functions.

Such a malware infection could seriously threaten a patient who uses their mobile phone to communicate with their medical device via Bluetooth. In another example, MIT Technology Review reported in 2012 that malware was “rampant” in devices like fetal monitors.

“They’re setting the bar very high to achieve being secure for 15 years inside a person’s body,” he adds, because technological updates mean most security is out of date in a few years.

Making implants safe

“We’ve designed the product with security and safety in mind” says MicroCHIPS President and COO Robert Farra. He says the the tech will have a combination of physical and digital safeguards, and the chip will receive commands from a remote control within a range of just a few centimeters, meaning it needs to be pressed against the patient’s skin.

A hacker would have to contact the patient’s skin to reach the device, and all and the commands are sent by radio frequency rather than by Bluetooth. The short range also makes it impossible for a hacker to “listen in,” he says.

The chip has a micro-clock that remembers when the last 30-day reservoir was opened. Even if that failed, the chip’s battery is not strong enough to melt all the seals at once and release the all the reservoirs at the same time.

Farra also says chips will not break in an accident and release drugs because they are strong enough to resist hundreds of pounds of pressure per square inch. They will be implanted in soft parts of the body that offer cushioning, he adds.

If a chip were to be struck by a bullet and release all its contents at once, the payload of 180mg of progestin is not high enough to cause anything more serious than irregular periods, weight gain and nausea, says Farra.

Focus groups revealed that women in developing countries wanted the power to turn the device on and off themselves, while women in developed countries would rather have their doctor do so. Farra says each chip will have its own password-protected remote control, allowing every woman to check her implant’s status and turn it on and off.

The Gates Foundation has donated almost $5 million to the project, along with other private donors and investors. CNET reported the chip could be on the market by 2018.

SOURCE: MASHABLE