Wearable Tech World Feature Article
October 24, 2013

Bionym - Biometrics and Heartbeats as a Means to Password Security

Wearable technology has many uses, ranging from fitness and health monitoring to smart glasses and smartwatches. Some devices are more sophisticated than others - and provide sensors that can read and capture a variety of biometric measurements. Now startup Bionym has come along and added a new wrinkle to the possibilities - how about a device that can use a person's own electrocardiogram (ECG) - using cardiac rhythm recognition - to validate and authenticate one’s identity?

That is exactly what Bionym set out to accomplish, and towards that goal has developed a new device that it refers to as the Nymi. The new device, which in truth doesn't look much different than your typical health monitor device, has two electrodes - one that is placed underneath, directly on the wrist and one on top of the device. To authenticate using ECG information, a user attaches the Nymi to one's wrist, and then uses a finger to touch the top electrode - which completes an electrical circuit and creates an electric current.

A user only needs to validate their identity once, until the Nymi is removed. The closed loop of the system then keeps the Nymi in an authenticated state. The key benefit to this is that it completely eliminates the need to constantly re-authenticate - as is the case with fingerprint scanning and basic PIN request types of authentication.

Once the device has authenticated the user and has itself become authenticated, the Nymi then communicates the user’s identity using Bluetooth Low Energy (BLE) to any desired device - a smartphone, a vehicle, an electronic lock…and eventually to larger smart environments with potentially numerous devices. The Nymi will also BLE to more generally communicate with the world and uses it to sense how far away it is from devices - proximity detection.

The more philosophical goal of the Nymi is to allow users to interact with the world as people rather than as numbers. The Nymi also provides an integrated accelerometer and gyroscope, which allows it to pick up user movements and allows for simple, task-specific gesture recognition. Taken together, motion sensing works in unison with proximity detection and the Nymi's identity authentication to ensure only the actual person authenticated to do so can remotely access whatever collection of devices a user needs to engage with.

The ability to use identity in conjunction with motion control opens up a dynamic, interactive world. And through these combined capabilities, the Nymi certainly offers the potential to significantly enhance any number of possible areas - banking, gaming, smartphones, social media, exercise, in-home interactions with numerous potential devices - to name a few.

Uncompromised Security and Privacy

The benefit of the Nymi's new and exciting ECG authentication is that it is highly secure but in fact doesn't compromise convenience - something that is a key issue in why many users typically seek to disable or sidestep authentication technology. The Nymi delivers a 3-factor system that can ensure that you and only you have access to your Nymi and that you control of your identity. To access the Nymi you must first have possession of the wristband. Second, you "must possess your unique heart rhythm," and finally, you must have access to the Nymi secure application on a registered smartphone. Once you've authenticated, you will remain authenticated so long as the wristband is not removed. It certainly can prove to be an interesting device across numerous health, business and consumer environments.

It is well worth noting that an integrated hardware-based secure element prevents digital skimming and spoofing. The very nature of using a unique ECG to validate an identity is more secure than using other biometrics. Your cardiac rhythm is protected inside your body, making it almost impossible to steal, mimic or circumvent. In comparison, a fingerprint is left on every surface a user touches. And keep in mind that as soon as the Nymi is removed from the wrist it immediately becomes unauthenticated - this is another key security feature.

Finally, with identity privacy is a massive deal of course. The team at Bionym is very concerned with privacy and embraces Privacy by Design. Users are in complete control of their identities and personal data at all times. No device or person can recognize a user's identity without explicit opt-in. This is controlled right down to the hardware level and is enforced by the embedded secure element.

All in all the Nymi is a very interesting device. We will be keeping an eye on its ongoing development and real world deployments.

Edited by Alisen Downey

Comments powered by Disqus

Featured Video

Dedicated to Wearable Tech: Mobile, Sports, Fitness, Audio, Fashion, Design

Featured Podcasts

The Business of Wearable Computing: An Interview with Brand Finance An interview with Edgar Baum, Managing Director North America with Brand Finance, the world’s leading brand valuation and strategy consultancy. Mr. Baum specializes in marketing ROI and financially quantified brand strategy.
Getting Attention for Your Wearables Joe Daniels of Loeb & Loeb discusses how wearable tech entrepreneurs can gain exposure for their ideas and what to do once they've won attention from potential investors.
Wearable Success Rides on Actionable Intelligence Lux Capital's Adam Goulburn focuses on the traits sought by investors as they consider wearable startups, such as how well their software turns collected data into actionable intelligence.
Wearable Tech Startup Strategy CRV's George Zachary talks wearable startups and how they can secure the attention of the right investors as the seek to become the next great thing in wearables.
How to Win the Wearable Tech Funding Game Donatella Giacometti speaks with Canary Ventures' Alex Goldberg about what the investment community looks for in startups, such as the many new wearable tech companies that are emerging.

Wearable Tech World Media Sponsors