We love the idea of heartbeat authentication, but will it be the solution to the death of the password? After testing many users, here are our answers
Halifax is currently testing a device that lets you use your unique cardiac rhythm to log into its banking services. The trial involves users wearing an ECG (electrocardiogram) band that records heartbeat rhythms, and uses them to authenticate the user. The idea is to use something unique, personally identifiable and unlike a password or fingerprint, incredibly hard to fake: your heartbeat.
The technology, known as a Nymi Band, uses Bluetooth to pair with a companion app for Windows, Mac, iOS and Android. In order to work, it first has to record a person’s ECG to the band and link itself to the app. ECG data is captured when the customer wears the band on one wrist and touches a sensor on the top of the band with their opposite finger.
But will the technology catch on?
Even if Halifax may mandate their customers to use the ECG band, when it comes to ID systems, there is a clear demand for something universally trustworthy, easy and effective. People are pretty set in their ways, and with something like this, it takes time to reprogram their behavior. While there is no doubt that we are verging on the death of the password, people don’t want a million different ways to authenticate themselves for all their different services. Just like the FIDO protocol, users don’t really care what happens in the background; they just care about a service that is easy to use, trustworthy and reliable. We love the idea of heartbeat authentication, but will it be the solution to the death of the password?
One solution to rule them all?
Our extensive testing has shown us that that there is more to the online ID solution than just security. Users want instant convenience to adopt a new technology. We hope that devices and solutions like this one become commonplace, as it makes our online world far more secure. In reality, though, it is likely that consumers will demand something more simple. Nymi will no doubt be a hit among those who truly understand the implications of protecting their data, but sadly we’ve found that the majority of the population care more about convenience.
Don’t get us wrong, we think the Nymi band is great, and we love coming across other businesses looking to make a difference in the online identity world. In fact, we implore startups like Nymi to continue innovating, testing and trying a whole range of solutions so that we can find something for everyone, and end our crazy reliance on insecure passwords.
We have looked for data and forms of access that are unique, can be used for identification and authentication, yet are impossible to fake. Instead of the biometrics route, we’ve looked at the online footprint of web users, and found that the years of history and data we leave behind in our social profiles, interactions and services used add up to a ridiculously complex, yet unforgeable set of data that we’re able to instantly assess to verify who any user is.
For users, it is an instant process that involves a simple click of a button: the familiar sign in with Facebook. We believe we’ve found the ultimate combination of convenience for users to power uptake in the community, and unique data that can’t be replicated fraudulently.
Perhaps we’re just one more brick in the wall of online ID solutions, but we’re confident we’ve got a pretty strong solution, and whether we’re part of a repertoire of options and services, or the frontrunner, our key concern is to ensure that there are solutions, and that key services (from banks to email accounts) are using them to make the internet a safer, and more trustworthy place. So we applaud Nymi and Halifax, and hope to see other service providers continue to harness the new technology available, to test and trial until we find something with wide appeal, and to continue in the crusade to make the online world a more trustworthy one.
This post was originally published on Veridu‘s blog.
Featured Image Credit: Kaspars Grinvalds / Shutterstock