Ask Hackaday: Can Paper USB Business Cards Exist?

swivel business card

The swivelCard Kickstarter campaign recently received a lot of press coverage and makes some impressive claims as their goal is the development of USB and NFC business cards at a $3 unit price. While most USB-enabled business cards we featured on Hackaday were made of standard FR4, this particular card is made of paper as the project description states the team patented

a system for turning regular paper into a USB drive.

As you can guess this piqued our interest, as all paper based technologies we had seen until now mostly consisted of either printed PCBs or paper batteries. ‘Printing a USB drive on regular paper’ (as the video says) would therefore involve printing functional USB and NFC controllers.

Luckily enough a quick Google search for the patents shown in one of the pictures (patent1, patent2) taught us that a storage circuitry is embedded under the printed USB pads, which may imply that the team had an Application-Specific Integrated Circuit (ASIC) designed or that they simply found one they could use for their own purposes. From the video we learn that ‘each card has a unique ID and can individually be programmed’ (the card, not the UID) and that it can be setup to open any webpage URL. The latter can even be modified after the card has been handed out, hinting that the final recipient would go to a ‘www.swivelcard.com/XXXX” type of address. We therefore got confused by

Imagine giving your business card with pictures, videos, presentations, and websites for the recipient to interact with!

paragraph that the project description contains.

This leads us to one key question we have: what kind of USB drive can make a given user visit a particular website, given that he may have Linux, Windows, Mac or any other OS? They all have similar USB enumeration processes and different key strokes to launch a browser… our wild guess is that it may be detected as storage with a single html file in it. Unfortunately for us the USB detection process is not included in the video.

Our final question: Is it possible to embed both USB and NFC controllers in a thin piece of paper without worrying about broken ICs (see picture above)? NFC enabled passports have obviously been around for a long time but we couldn’t find the same for USB drives.

Possible or not, we would definitely love having one in our hands!

Edit: One of our kind readers pointed out that this campaign actually is a re-launch of a failed indiegogo one which provides more details about the technology and confirms our assumptions.

72 thoughts on “Ask Hackaday: Can Paper USB Business Cards Exist?

    1. That is what I was wondering too. There aren’t a lot of big businesses that will allow that. And they shouldn’t. You’re infinitely more likely to get your point (whatever that may be, video, document, etc…) across with a QR code or just a url. And it won’t cost anymore than a normal business card. I do appreciate the coolness of this, but most corporations, from my experience, disallow this anyway.

  1. > Our final question: Is it possible to embed both USB and NFC controllers in a thin
    > piece of paper without worrying about broken ICs (see picture above)?

    I would call it cardboard, not paper. The simple mechanics necessitate that it be at LEAST 1.2mm thick so when doubled over as pictured to insert it will be 2.4mm thick to fit into the USB slot, probably has to be slightly more since there’s no solder on the pads, 1.3, 1.4 mm even. It would be quite strong.

    As for the technology – I have a whole Linux computer with 802.11N inside a fully functional SD Card (FlashAir), so I don’t think it’s really very difficult to slap a flash drive in a bit of cardboard. I think actually if you found one of those ultra small USB drives and pulled it apart, you could probably make one of these yourself.

    1. I agree with your analysis. And it’s not like the card would need to survive hundreds, or even dozens of insertion cycles. Chances are it would only be used once, maybe twice. Should one occasionally fail to survive even that, no big deal. The USB bit is just an attention getting gimmick. Your website address is still printed on the card, for those truly interested in doing business with you.

      “I have a whole Linux computer with 802.11N inside a fully functional SD Card”

      My amazement that this is possible still hasn’t worn off. Miracles and wonders.

    2. The indiegogo page states: “Proprietary intelliPaper cardstock is half a millimeter thick”.

      So they expect you to stick a 1mm thick male USB into the socket and make a proper electrical contact. I don’t know how that will work.

      1. 0.5mm paper is thick enough that when folded over double, unless you go nuts creasing the heck out of the fold, will presumably have enough spring action to make a fair contact.

  2. What’s wrong with this? There’s even Arduino clone soldered on a piece of paper, no wonder if someone flashed it with some sample USB or NFC sketch. I don’t see much problem in pure technical feasibility.

      1. on windows: you just have to register it as a keyboard, win+r = run, type whatever webpage you want to go to with www and enter. Opens in default browser.
        I would assume it is possible that the usb devide knows what OS is has been registered to somehow to do specific commands for each.

        1. Update:
          Below, @Andreas has an interesting idea of having the USB device impersonate a keyboard to feed the attached OS the appropriate hot keys to launch the browser. That may work as long as the OS doesn’t require you to approve the addition of the USB impersonated keyboard.

  3. It is pretty simple to get a computer with a known operating system to open a desired URL whenever you insert a USB device. It is merely a matter of letting said USB device impersonate a keyboard and enter a shortcut to open a URL. Having this happen cross platform is a bit trickier, but can probably be done by fingerprinting the operating systems response to different kinds of USB devices to determine whether Windows or Mac style shortcuts should be used. (Linux is probably another can of worms as you never know what kind of desktop environment that is in use, but you can always target say KDE, standard Gnome, and Unity and cover most of the use-cases.)

    If you are interested in defending against this, make sure that random USB devices are not authorized to communicate with the system by default. (See http://www.irongeek.com/i.php?page=security/plug-and-prey-malicious-usb-devices for more information.)

    1. CMD + space + safari + enter will get the spotlight helper in Apple OSX to launch Safari but I don’t know if you can reliably impersonate a keyboard without some sort of question & answer dialog. I think I’ll give it a try though.

      I guess you’d have the device query the machine it’s attached to and spit out the appropriate keystrokes.

  4. The capabilities and functionality details explain how the card works, they indicate it is a read only USB drive with a html page on it that uses javascript to direct users on to the intended webpage.

        1. Ya’ll need to quit being asses about spelling and grammar. If ALL you pull out of a HAD article is a spelling error, you’re doing it wrong. I never notice errors because I actually read them for their content. Ya’ll should try that sometime.

          1. Content? Often the summary is wrong as well.

            HAD is a commercial operation, not some random kids blog, so they don’t get a free pass with the sloppy editing (plus claiming to be journalists, being degree qualified etc).

            Posters, on the other hand, are entitled to be as wrong & sloppy as they like.

      1. Brian’s right on this one. Mat and I were talking about this Kickstarter for a few hours while he was doing the write-up. I previewed the post both after Mat had written it and after Brian had edited it. Brian caught it and changed it to “piqued,” else I would have.

        Sometimes things go wrong. In this instance, every effort was made in terms of editing. I’d say this is about as excusable as it gets in that regard.

  5. If I were trying accomplish this same feat, exactly as described, I would use a technique similar to what’s used in smart cards, All the electrical bits hidden directly under the contacts, embedded in a small pit carved out with a CNC machine. I work in the security industry, and I have seen RFID and NFC tokens of all sizes down to a square centimeter, so its not inconceivable that an RFID/NFC chip + coil could fit in the space provided. With every thing hidden under the contacts, and scoring the correct areas needed to make the fold, there is no reason in my mind this could not be accomplished with paper based media using existing smart card manufacturing technology.

    On the other hand… It seems overly complicated. Simply using a business card sized, 2.4mm thick piece of plastic with existing smard card manufacturing techniques to imbed your USB chip and contact plus a simple die cutter to create a small removable piece at one end that the end user breaks off to allow the USB contacts to be inserted would be far easier to produce. It would probably be cheaper since smart cards generally sell for less than $3.

    As far as loading up software via USB automatically without user interaction, one need only look to Sandisc and their line of USB thumb drives that load proprietary software that has the ability to install and run its own DLL files to fool the computer into thinking it has more HDD/optical drives than physically exist. Yes this generally only applies to windows based systems, but let’s be honest, with the current market being dominated by windows based machines, why bother worrying about Linux or Mac when the probability of your USB business card reaching a non windows machine is relatively low, especially in a corporate or business environment. Its a simple matter of ensuring the card is still readable as a standard USB storage device on non windows machines, thus enabling these systems to access the data stored if the user manually opens it.

    One last note, I think it is a very bad idea to incorporate rewritable flash into the card. I can see far too many plausible scenarios were somebody adds malicious code after the the card is made or handed to a potential client or customer. It would be far safer to use WORM based flash and then write zeroes to any unused sectors to prevent later modifications.

    1. If someone has sufficient physical access to your belongings that they can load malicious software on a business card *after* it was given to you, and *before* the one time you’re likely to use it, then they have other and better options available.

      On the other hand, if you were to load your own business card with software that demonstrates an exploit in a harmless way, I could see that landing you some security related business or a job.

      1. I didn’t mean somebody taking your card and modding it, I meant somebody who finds or is given one and modding it to do something malicious and then giving to somebody else or putting it back were they found it for its original owner to find. Besides, if you’ve ever been in an office were multiple people work and have their desks in the same room, which is not uncommon amongst lower level staff, then you would know that getting access to peoples personal space/items is a simple matter of waiting for them to leave the office for lunch, doing the deed, and replacing the card before they hot back. Besides I’ve been known to leave lots of business card in my desk drawers at work. Venders give them out like candy and I almost always toss them in a drawer.

        1. The whole point of a gimmicky business card is to get you to check out the gimmick immediately. By the time it’s in a desk drawer, it is forgotten and never to be used again, making tampering with it pointless.

          Your scenario might be a fun cliche in a movie. You know, the type where the villain leaves the hero unattended in some nefarious but ultimately escapable trap, when he had the opportunity to simply shoot him…

          But this is real life. If you have access to their desk, you have access to their COMPUTER. Load the malicious software and leave. If that’s not feasible for some reason, I bet they have a standard memory stick laying around, which they will be far more likely to use than a business card.

          1. In all honesty, that’s exactly how I would go about it. Load up some code on somebody elses storage device, put it back were I found it, and wait for the code to call home as soon the victim plugs in the storage device. saves me the trouble of trying to bypass security, and lets the victim do all the work for me. And if you want a prominent example of just such an occurrence, all you have to do is look up “Sony root kit” in Google. And if you assume nobody is dumb enough to use the effected DVDs your wrong, that particular root kit virus still turns up trying to call home all the time.

            And maybe the USB business card isn’t the best target, but maybe that’s whats available. Lets be honest, you could leave it on the floor somewhere and some poor fool willing to shove anything into a computer just for the novelty of seeing if actually worked.

  6. Haven’t we gotten beyond the point where we willingly shove anything in our USB port?
    The whole point of tech business cards was to demonstrate skill. What image does this present?

    1. I agree, I most certainly would not plug one of these in if some bloke I’ve only known for a few minutes to an hour just willy nilly tossed me one and suggested I plug it in on pure faith that he’s an honest guy.

      No, I think if this takes off in any form they will be quickly banned in most medium to large business as a legitimate external threat to individual computers and internal networks alike. The terminals and PCs we use were I work already have the USB ports disabled for anything and everything. We literally use PS/2 keyboards and mice for every PC and terminal on property. Hell, even the DVD drives are disabled. Something like USB business cards would be handled in much the same way people handle hazardous waste and biological contaminants, thrown away, quarantined, or burned out of simple mistrust of the person handing it out.

  7. Would this comply to USB specifications? I don’t think so. Also, I don’t like the fact that the contacts are exposed while its plugged in, increasing the risk of short circuit. I assume the spacing between the contacts and the contact themselves are all paper so I’d be scared that moisture sets in the card and shorts something.

    It’s a cool idea, but at 3$ a piece, you’re not gonna buy a few hundreds to give to just about anybody, for them to reach a URL. If I was given one, I’d probably tear it apart and reach the guts before I would plug it in a computer. I hate carrying business cards around anyways, I either just enter the contact in my phone instead of leaving with the card or just take a picture and save the info later.

    Why did they want 300 000$ on indiegogo but only 10 000$ on kickstarter? Like another user said , its seems its just disguised advertising.

    1. There are many devices that connect via USB that don’t actually meet USB spec. USB devices are so ubiquitous that its virtually impossible to enforce any real physical standards, not that anyone ever really tried. In my days in the military, I used cables with some of the most bizzar connectors on them that actually turned out to be running a simple USB signal. My favorite was a five pin circular connector with a outer locking ring that worked the same way as a standard radio coax locking ring we used to connect our firing computers to our digital network radios. That connect or was so rugged it would literally pull the the whole ten pound radio out of its mount if you accidently pulled too hard on it.

      My point is that USB should be looked as more of a signal standard rather than a physical port specification. All that matters is weather the connector your using cleanly passes on the signal. After that its really a matter of asthetics/usage requirements that determine what connector you end up using.

  8. Why not simply buying a bunch of cheap 1GB USB drives to give away and store his stuff there? Not much more expensive and certainly more useful than a card with an ASIC. Personally I wouldn’t plug such a card in my computer with the possibility of frying a USB port.

    1. Because that’s boring, might as well print a web address on a business card.

      The info is unimportant, it’s a gimmick that gets you remembered (and rapidly passes it’s use-by date when everyone does it).

      Using a QR code (as previously mentioned) is pointless because no-one uses them (ya gotta install an app yada yada), NFC just as useless as it’s not widespread (iPhone etc) and who has a non-phone reader?

      My current card is laser etched glass, I make similar things for friends.

        1. ‘Amazingly’, I found a 32-GB USB 2.0 drive for around $10 on N**E** that tested to actually have that rated capacity (well, 31GB + wear leveling/bad sector substitutes) and it’s the size… of a USB Bluetooth dongle. In other words, less than 2 millimeters past the plug. It might as well have been micro-USB! I haven’t broke it down yet, but I bet they used something like QFN and placed it under the insulator part of the plug that the 4 pins sit on. Amazingly, you will find 128MB USB drives for sale, still.

          1. There are some of those really tiny USB drives that have a Micro SD inserted between the USB contacts and the outside of the connector shell. Some have a notch in the shield so you can pull the card out and swap in another, or you can buy the adapter without a card.

            I have a Verbatim 4GB one. The card seems to be glued in or there’s just not enough give to get anything between it and the metal to pull it out.

            Dunno if the width of the Micro SD was intentionally made to exactly fit inside a Type A USB plug or if it’s a happy coincidence.

            http://www.amazon.com/Mobile-microSDHC-Memory-Reader-Works/dp/B002K7EJDK

  9. Yes they can, if your company is stupid enough to be willing to plug in a random USB device
    Hell where i work they have to supply us with usb dongles we cant even use our own!

    1. why does your company leave precious corporate assets on your internally accessible network? would be the more pertinent question. So REALLY their primary point of defense is to tell people “don’t do this” ? bail now before they blame you for something

  10. Too bad java was such a failure

    The original idea of java was that one could put code on devices like this and have it run anywhere.

    A big thanks to Microsoft for killing off java and replacing it with something far far less portable,

  11. Regarding the quote “Imagine giving your business card with pictures, videos, presentations, and websites for the recipient to interact with!”, I see nothing in that sentence that suggests that when inserted, anything automatic occurs with regard to launching a browser on a web sites. The web site to interact with could be nothing more than a cached web site stored in flash with a name like “click-me.html”.

  12. I supported the Agic Silver Ink pen on kickstarter and they delivered it with ‘USB business cards’ which are literally just glossy photo paper. You fold over the end to make it a bit thicker.

  13. I really wanted to make a business card like this when I was finishing my art degree and was looking for creative ways to distribute my portfolio. Ended up abandoning the idea for all the reasons listed ..

  14. I have a friend that works at the company, and he’s given me several of the sample USB cards. They are pretty cool, but I am still dubious about the concept of plugging a random USB stick into your computer.

  15. Stocking the new innovative Invisi-Gard 316 marine grade stainless
    steel Security & the far more affordable 7mm Security,
    Coastwide as well provide a great deal of window
    dressings including the very Well-known Roller Blind, Verticals, Venetians and Timber Blinds along with an array of awnings for your outdoor entertainment areas.
    They give your home personality, and they act as a conduit of visual information to and from the
    outside world. Revamping your home by replacing old furniture with a new
    one is a good example.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.