By cash or heart?

Overwhelmed by the increasing number of passwords for electronic devices and PINs for bank cards we have to remember, as well as frustrated by growing amount of access cards we have to carry, we are more willing to use solutions and keys based on biometric technologies. At present, we use fingerprint readers, in a moment face recognition will become common – MasterCard has just introduced “selfie pay” service, and Google is testing Hands Free payments – and the next big thing in data security will be ECG analysis performed by wearables.

Until now, many interactions in secured workplace made by employee accessing various devices, applications and physical spaces has required on-demand authentication and handling of frustrating passwords, PINs and keys. All of these items, physical or logical, may be stolen or compromised.

The Nymi Band designed for the enterprise redefines this experience by moving to a persistent authentication model. The wristband authenticates users identity using his or her electrocardiogram (ECG), which is a unique and secure biometric.

Nymi Workplace

In the contrary to fingerprints and facial recognition, electrocardiograms cannot easily be captured without cooperation from the person, as measuring ECG requires direct or very close contact with the user. Here latent samples are not left behind on contact surfaces (unlike fingerprints), and can not be photographed (opposed to a face).

Nymi Band uses HeartID technology that leverages an individual’s unique electrocardiogram for authentication. Like a fingerprint, the ECG is unique to an individual, with additional benefits such as resilience to replay attacks and spoofing.

Before the first use, a user creates and encrypts a biometric template that is stored locally (it is never transmitted to a database or cloud) for future instances of authentication. Thereafter, the band reads ECG only when the user authenticates each day, or whenever he or she decides to put the device on a wrist. Nymi does not collect usage data or personal information of any sort, and Nymi Enabled Applications cannot collude in any way to identify its user.

When the device is authenticating the user, it’s looking at the shape of his or her ECG wave, not the heart rate, extracting unique and consistent features that are a result of human physiology. Mild variations in heart rate caused by activities such as moderate exercise, consuming caffeine or taking medication do not impact HeartID’s ability to authenticate the user.

The Nymi Band works properly also when the user has irregular or faster than normal heartbeat.

Medical heart conditions such as cardiac arrhythmias, arterial fibrillations, or implants (e.g., pacemakers) do not impact HeartID’s performance. During the authentication process, the system is able to ignore low-frequency anomalies and can still correctly identify the enrolled user. If an individual experiences a severe cardiac event that significantly alters their ECG, he or she can update their biometric template using a secure process. HeartID can use this updated template to recognise the individual.

The existing Nymi Band is not a continuous heart monitoring or medical device, and cannot be used to diagnose medical conditions. Though, it is possible that future generations of HeartID could expand to include medical capabilities.

Nymi Workplace2
Nymi’s ECG sensor incorporate two electrodes located on the top and bottom of the module. One electrode touches the wrist, and one is exposed on the top side of the Nymi Core. ECG data can be captured when the user wears the Nymi Band on one wrist and touches the top electrode with the opposite hand.

Once in an authenticated state, the Nymi Band creates a Personal Authentication Network around the user, continuously communicating a secure, digital identity credential via Bluetooth Low Energy (BLE) to individuals enabled apps.

The Nymi Band’s functionality is only enabled when it’s clasped on user’s wrist, after he or she has authenticated to the device. When the band is removed from the user’s wrist, the device is deactivated, and cannot be used until the authorised user re-authenticates to the device.

It contains haptic feedback motor and LED lights to give various types of notifications. The rechargeable battery has 5-day battery life, and a full charge takes approximately two hours.


Nymi & MasterCard

Canadian company Nymi Inc. has already been partnering with leading financial institutions to bring to life the world’s first wearable, biometrically-authenticated payment using one’s ECG. In May 2015, MasterCard began piloting Nymi’s technology in Canada, United States and Ireland to increase convenience and security inside and outside of its offices.

Nymi and Mastercard’s partnership transcends payments to continue paving the way towards the workplace of the future, where authentication is both seamless and secure.

Over 250 pilot participants were provided with NFC-enabled Nymi Bands. Once authenticated, these pilot users were able to make payments at existing contactless terminals in Canada, the US and in Europe. The Nymi Band’s secure Bluetooth communication was also used for locking and unlocking computers without the need for a password.

Nymi Credits TrendNomad
The Nymi Band was shown in MasterCard’s booth at Mobile World Congress that was held in Barcelona from 22 to 25 February 2016. Photography by

Nymi Band is not only a security or convenience tool, as it opens a much broader range of possibilities. It can unlock physical doors in buildings and cars equipped with digital locks, as well as it can be used as a virtual alibi and geo-presence validation in the judicial system.

Naturally, Nymi will be used for applications such as activity tracking (e.g. pedometer, sports, fitness, etc.) and gesture recognition (e.g. for turning on a light). This level of personalisation makes the Nymi Band ideal for service industries (i.e. hospitality and tourism) and retail stores.

In fact, most people will not put on their wrist something just to be their authentication device. Nymi’s functionality will have to be integrated into multifunction smartwatches or smartclothes to be widely accepted.

If you are a developer, you can download free SDK and begin developing applications for the Nymi Band. If you are an entrepreneur looking to implement the Nymi Band for your business, you can contact Nymi’s team here.

Do you like the article? Then buy me a coffee! You can donate a small sum of money using your PayPal account or credit card. All donations will finance my journeys to fairs, festivals and conferences devoted to design and new technology – this is where I find news for my blog. Just click the button below to perform a secure transaction. Thank you for your support, it will help me to take a step forward and write new posts.

More articles