Nymi Bracelet Turns Heartbeat into a Password

Forget fingerprints, your cardiac rhythm may be the future of unlocking private information

  • Share
  • Read Later

As recent hacks into news outlets have shown, cybercrime is becoming increasingly problematic and a concern for online privacy. According recent estimates, more than 90 percent of passwords will be vulnerable to hackers, so experts implore netizens to constantly refresh passwords and replace old standbys with a complex combination of numbers, symbols and case-sensitive characters. But what if you could seamlessly control all pins and passwords with something as unique as a heartbeat?

Bionym_Nymi_colors_stacked

Nymi

A new bracelet from Toronto-based company Bionym Inc. is creating a cuff that tracks a user’s heartbeat and has potential to control devices in substitute of old-fashioned passwords. The bracelet, Nymi, is currently just a prototype, but works by registering a user’s electrocardiogram (EKG), which is the same tool doctors use to measure heartbeats, and encodes it into the bracelet. Unlike fingerprints or retina scans, other examples of biometrics, EKGs are not easily forged or lifted.

(MORE: Building a Better Password)

When an individual puts on the bracelet, it syncs with a smartphone app, which confirms a match in heartbeat and authenticates a user to all devices locked by the bracelet. According to the promotional video, the cuff has potential to control computers, tablets, and banking accounts, unlock car doors or even pay for coffee by waving a hand at the register. The system uses Bluetooth Low Energy to wirelessly connect to devices, and contains an accelerometer and gyroscope to recognize gestures and proximity to devices.  

Taking off the Nymi results in resetting the heartbeat identification, as it will not work until another EKG measurement is taken and authenticated. Losing a bracelet means it cannot be used again since the system is in sync with the owner’s heartbeat.

Though the bracelet is not available yet, Nymi is slated to ship in 2014, and is available for pre-order for $79 for the first 25,000 customers and $99 for all others. It will work with Android, iOS, Macs and Windows systems. 

MORE: Your Ears: The Next High-Tech ID

15 comments
daneshvar
daneshvar

@krishna_kamath actually that heartbeat pattern as password was the reason I wondered whether our heartbeats are REALLY unique or not.

bugmenotbugmenot
bugmenotbugmenot

This MIT article demonstrates that someone's heartbeat can easily and precisely be read from a simple video:

http://web.mit.edu/newsoffice/2012/amplifying-invisible-video-0622.html 

Each pulse causes a faint change in skin tone. This change is invisible to the naked eye, but software can easily detect and amplify the color change.

The heartbeat lock may work against someone who casually steals your bracelet-key, but a smart motivated thief can unlock it if he points a camera at you for a minute or two. It's also definitely possible for a skilled hacker to unlock it without your heartbeat, but I can't say how easy or difficult that would be without knowing the exact design.

So this is somewhat more secure than a basic key, but don't consider the heartbeat aspect to be reliably effective.

jonesjc
jonesjc

@SuzanBartee A chip in the hand would be really convenient. No more reaching for keys.

nymiband
nymiband

@SuzanBartee Hey Suzan, we are not into chips. They seem far too difficult to remove. It limits options.

Horsem4n
Horsem4n

while the video makes it unclear by saying that it continuously check verification, the article suggests that the bracelet only verifies the user when they first put it on making changes in heartbeat inconsequential. as in, you will not become unverified just for taking a jog or becoming involved in a car accident as long as you don't don the bracelet at that time. the bracelet only becomes locked when a verified user takes it off. which it will then need to be verified again once a user picks it up. 

the rest of the video is just hyperbole. a vision of the future possible uses of the device. apps to control you phone computer and tablet are easy enough, but they will need support from the business, car manufacturers and hotels to do the rest shown in the video.

i don't think these things are hack proof though as the makers suggest. either they do continuously verify puls signatures and become unreliable or the signals these emit will be able to be tracked and recorded with the same tools used to remotely hack cell phones. then just make a mock device that emits the same information and assume the identity of the target person. worst part is, the target person can't change his password.

i really hope thats not the case though.

wddatft
wddatft

@daniel_okc Very cool as long as your heart beat is regular!! Wouldn't want to use it after a workout when my heart is beating fast! :)

NadiaJaha
NadiaJaha

I was really hoping we'd have jet packs in 2013 but this'll do!

krishna_kamath
krishna_kamath

@daneshvar It is an interesting question. But, the real question is how secure the tech is? Is is really hard is to fake our heart beat?

SuzanBartee
SuzanBartee

@jonesjc I really think if they put their heads together they could come up with something. #2013

SuzanBartee
SuzanBartee

@nymiband Hmm. Perhaps you just need a little more time in R&D to perfect your chip?