Question 1

What is SkinID?

Accepted Answer

SkinID is a unified authentication platform that uses a subdermal NFC cryptographic implant as a universal identity anchor. It is not just a password manager. It replaces passwords, access cards, keys, PINs, and tokens with a single scan of your hand. SkinID works across digital services (websites, apps) and physical environments (doors, offices, secure facilities). It is a Swiss product.

Question 2

How is SkinID different from a password manager?

Accepted Answer

Password managers store and auto-fill credentials, but they still rely on a master password and don't address physical access. SkinID goes further: it embeds a cryptographic root of trust directly in your body, enabling both digital authentication (passwords, passkeys, FIDO2) and physical access (doors, offices, smart locks) in a single unified system. Your body becomes the authenticator. Nothing to remember, carry, or lose.

Question 3

Why is SkinID Swiss?

Accepted Answer

Switzerland is globally recognised for privacy, precision, and security, from banking to healthcare to technology. SkinID is designed, developed, and hosted entirely in Switzerland under the Federal Act on Data Protection (FADP). For a product that becomes part of your body, trust in the origin matters. Swiss engineering means rigorous standards, transparent governance, and a legal framework built to protect individuals.

Question 4

What is the implant?

Accepted Answer

The SkinID implant is a DESFire EV3 NFC cryptographic chip (roughly the size of a grain of rice) encased in biocompatible glass (Schott 8625). It supports AES-128 mutual authentication, making it virtually impossible to clone. The implant is placed beneath the skin of the hand using a sterile injector. It contains no battery and is powered passively by the NFC field when scanned. SkinID provides the implant, the software, and the installation: everything you need is included in one kit.

Question 5

Is the implant safe?

Accepted Answer

Yes. The implant uses biocompatible glass (Schott 8625) that has been used safely for decades. Tens of thousands of people worldwide have had NFC implants since 2013, particularly in Nordic countries. The implant contains no battery, no moving parts, and no active electronics when not being scanned. It is MRI conditional (safe up to 3 Tesla). Installation is performed by trained professionals at certified pharmacies, piercing studios, or tattoo shops.

Question 6

What chip does SkinID use?

Accepted Answer

SkinID uses the DESFire EV3, the most advanced NFC cryptographic chip available for implants. It supports AES-128 mutual authentication, meaning both the chip and the reader verify each other before exchanging data. This makes cloning virtually impossible without the secret key. The chip communicates via ISO 14443 (NFC-A), is compatible with all major access control systems, and is encased in Schott 8625 biocompatible glass. The implant is included in every SkinID kit.

Question 7

How much does the implant cost?

Accepted Answer

The SkinID kit (implant + professional installation + software access) is priced at CHF 100-150. This is a one-time purchase that serves as your permanent entry point to the ecosystem. Basic authentication is free. Advanced features like enterprise management, secure sharing, and priority support are available via subscription (CHF 10-20/month).

Question 8

How secure is the implant?

Accepted Answer

The SkinID implant uses DESFire EV3 with AES-128 mutual authentication. Both the chip and the reader verify each other before any data is exchanged. The implant can only be read within 1-3 cm of your hand, and cryptographic keys can be revoked and replaced at any time. This provides a level of security that passwords, cards, and even biometrics cannot match.

Question 9

How do I get started?

Accepted Answer

1) Order your SkinID kit online. 2) Get your implant installed at a certified pharmacy, piercing studio, or tattoo shop. 3) Download the SkinID app (Mac, Windows, or iPhone) and install the browser extension (Chrome or Safari). 4) Open the management panel and scan your implant to create your account. 5) Start adding passwords, registering passkeys, or connecting door access systems.

Question 10

What devices are supported?

Accepted Answer

SkinID works on macOS (native app + Chrome extension), Windows (native app + Chrome extension), and iPhone (native app with built-in NFC + Safari extension). For desktop, you need a USB NFC reader (ACR122U recommended, ~$25-35). On iPhone, the built-in NFC reader is used directly, no additional hardware needed.

Question 11

Can I import from another password manager?

Accepted Answer

Yes. SkinID supports CSV import from Chrome, Bitwarden, 1Password, LastPass, and Dashlane. The format is auto-detected. Go to the management panel, click "Import CSV", and select your exported file. All imported passwords are immediately encrypted with your per-user key.

Question 12

Can SkinID open physical doors?

Accepted Answer

Yes. The NFC implant is directly compatible with DESFire-based door access systems used in offices, apartment buildings, gyms, and secure facilities. Major compatible systems include Salto, HID Global, Assa Abloy, and Dormakaba. Your implant can be enrolled in these systems just like a standard access card, but it's always with you and can never be forgotten or lost.

Question 13

How is my data encrypted?

Accepted Answer

SkinID uses a zero-knowledge architecture: every credential and FIDO2 private key is encrypted with a per-credential key derived (via HKDF-SHA256) from a 32-byte vault wrap key that lives on the chip in your hand, inside an authenticated DESFire EV3 file. The actual encryption is ChaCha20-Poly1305 AEAD with associated data binding the ciphertext to its user, site, and credential ID. Without your chip in the reader field, we hold nothing but opaque bytes. Read the full architecture at skinid.ch/security.

Question 14

What happens if I lose my chip?

Accepted Answer

You have three independent recovery paths. (1) Backup chip: if you provisioned a backup chip at signup, tap it to swap into primary. (2) Printable Shamir key: a paper printed at signup encodes your vault key via Shamir Secret Sharing; enter it on a fresh chip and you're back. (3) KYC + multi-operator approval: last resort. Proof of identity, a 7-day cooling-off period, and approval from two senior operators at SkinID. The recovery is then sealed and a fresh chip provisioned. Documented in our legal terms.

Question 15

Can SkinID staff read my passwords?

Accepted Answer

No. The vault wrap key that decrypts your data lives only on your chip. We never persist it. Even with full access to our database, our staff cannot decrypt your credentials. Operator destructive actions (account recovery, key rotation) require two distinct senior operators to approve, with the entire workflow audit-logged. We can serve you ciphertext, transition account state, and process recovery requests; we cannot read what's inside.

Question 16

What happens if SkinID gets hacked?

Accepted Answer

An attacker with full database access reads ciphertext only. Without the chip's vault key, the data cannot be decrypted. We additionally store nightly backups encrypted with a public key whose private half lives off-server. Operator sessions are SameSite=Strict cookies on TLS 1.3 with HSTS preload, hashed at rest, with idle and absolute timeouts. All destructive operator actions require multi-operator approval. We commit to publishing post-mortems and notifying affected users within 72h per GDPR Article 33 and Swiss FADP standards.

Question 17

What if SkinID shuts down?

Accepted Answer

If SkinID winds down operations, we commit to: (1) at least 6 months' notice; (2) an open-source, self-hostable migration path so you can keep your chip working without us; (3) export of your encrypted credentials in a portable format, decryptable with your existing chip. Your chip is yours. We never want it to become useless because of our business decisions.

Question 18

What is FIDO2 / passkeys?

Accepted Answer

FIDO2 is a passwordless authentication standard supported by GitHub, Google, Microsoft, Apple, and hundreds of other services. Instead of a password, a cryptographic key pair is used: the private key stays on SkinID (encrypted), and the public key is registered with the website. When you sign in, SkinID proves you own the private key by scanning your implant. Passkeys are phishing-resistant: there is no password to steal, no code to intercept.

Question 19

How is SkinID different from biometrics?

Accepted Answer

SkinID's cryptographic keys can be revoked and replaced at any time, giving you full control over your identity. Biometrics like fingerprints are permanent and tied to specific devices and platforms. SkinID works across all platforms and environments, including physical door access, making it a truly universal solution.

Question 20

Can SkinID be deployed in an organisation?

Accepted Answer

Yes. SkinID is designed for enterprise deployment. Organisations can enroll employees with implants that provide unified access to digital systems (SSO, workstations, internal tools) and physical infrastructure (offices, labs, secure areas). This eliminates credential-based breaches, reduces IT support costs for password resets, and provides centralised identity management across all access points. Enterprise subscriptions are available for at-scale deployment.

Question 21

Does SkinID work offline?

Accepted Answer

Digital authentication (passwords, passkeys) requires a connection to the SkinID server. However, physical door access works independently: the implant communicates directly with the door reader via NFC, with no internet connection required. This makes SkinID reliable for physical access even during network outages.

Frequently Asked Questions

About SkinID

The implant

Privacy

For you and your team

Getting started