Nymi Band completes first heartbeat-authenticated payment with a wearable device
The Nymi Band, a wearable authentication device that uses electrocardiogram technology, has been used to make the world’s first credit card payment at a cash register verified by the user’s unique heartbeat.
The Nymi Band is worn on the wrist and features two ECG sensors that capture an individual’s ECG wave shape using Nymi’s proprietary algorithms called HeartID. To authenticate, it connects with a companion device like a smartphone or PC.
The first credit card payment using Nymi was made on Friday, July 10, at a gas station using the “Tap & Go” contactless payment capabilities found at many retailers. It part of a pilot project involving TD Bank Group and MasterCard. Throughout the summer, more than 100 TD users in Canadian cities Toronto, Ottawa and Regina will be testing the Nymi Band’s contactless payment functionality using an NFC-enabled version of the Nymi Band.
The ECG sensor reads the faint electrical current already present in the body, and is completely passive. “Aside from the Bluetooth connectivity, it doesn’t actually emit anything and doesn’t actually introduce anything into the body,” said Shawn Chance, Nymi’s VP of marketing and business development. “What it does is it introduces itself as part of a circuit to the electrical signal that is already running through your body that your heart is generating.”
The ECG biometric itself is highly unique, doesn’t change with increases in heart rate, and remains consistent within a person over time, Chance said. “What it does is it extrapolates some of the unique characteristics that are within your electrocardiogram and those characteristics are driven physiologically by things like the shape of your heart and its orientation to other vital organs. There are lots of physical factors that drive that ECG and will cause it to remain consistent.”
The Nymi Band also captures accelerometer data, and can provide visual and haptic feedback to the user with five LEDs and a vibration motor. Its battery is designed to provide five days of typical use before recharging.
Chance said the company is exploring partnerships with other wearables manufacturers. A possible direction could be a smartwatch that includes Nymi’s ECG technology.
The Benefits of a Persistent Biometric
In comparison to a fingerprint or retina scan that might happen during a transaction, the Nymi Band takes a very detailed ECG reading in the first three to four seconds once it is put on, then remains in an authenticated state while it remains on the wrist.
“Persistence of identity removes those transactional barriers and basically makes it a passive experience for the user; you don’t actually have to think about it anymore; it just happens, and that’s a really big fundamental shift in how authentication is currently done.”
Once identity is established, the user could seamlessly interact with multiple devices and services. In an Internet of Things context, this could mean providing one’s unique identity to a connected car or smart home.
But in the financial context, persistence crucially helps make transactions fast and convenient. Chance said, “In the financial space, one of the biggest problems to be solved is reducing fraud in card-not-present transactions. That’s exactly what this deployment allows us to validate. By deploying a continuous wearable authenticator that’s biometrically authenticated, you’re adding not only another layer of convenience, but also a layer of security so that a payment has to be authenticated by the user’s heartbeat.”
Use Cases Beyond Payment
Beyond payments, Nymi is currently exploring use cases for enterprises that need to control access to physical spaces. “The payment pilots use NFC, and NFC can be used for physical spaces,” Chance said, noting it could be a useful replacement for the key fobs often used to restrict areas.
It can also be used to control access to computers as well as sensitive applications and files. A Nymi Band could unlock a device or application when in proximity, and lock it when the authenticated individual is no longer in proximity.
As in the case of many devices like the computer or the smartphone, enterprise adoption helped introduce people to a new technology that later becomes widely adopted by consumers. This same effect could help Nymi catch on.