Data security is a heavy burden for business. That is particularly true in today's increasingly mobile, distributed workforce. And as the recent Heartbleed debacle pointed out, password technology is deeply fallible. However, new wearable technologies are being developed that will help companies simultaneously keep their data safe and allow their employees anytime anywhere access to key systems and information.
One of the wearable tech companies attempting to solve this problem is Bionym, a spinoff of the University of Toronto that is currently making a product called the Nymi. The Nymi is a small, wearable device that uses electrocardiogram (ECG) to authenticate user identity. In effect, the Nymi turns a person's own heartbeat into a unique key that can be used to unlock any conceivable device. I talked to Bionym President, Andrew D'Souza, about the Nymi, its unique differentiators, and the role it could play for enterprise in making it easier for people to be simultaneously productive and secure.
Andrew D'Souza, President of Bionym, shows off the Nymi
Yury: Tell me more about how the Nymi works?
D'Souza: The Nymi is a wearable device that measures your heartbeat and uses it as a unique biometric to identify you. You put it on once a day, touch it with your opposite hand for a few seconds, it measures your heartbeats, it confirms that you are wearing it, and then it's able to communicate that identity to whatever system or service you use.
If you think about all the proxies we use for identity, badge numbers, pin numbers, multi-factor security tokens; they're all points of friction for our employees and for our customers. We are hoping that the Nymi means the end of things like passwords and pin numbers, and even things like car keys, house keys, credit cards, and boarding passes. We think that a wearable device that's paired with your biometric can be a much easier, more secure form of user identification.
The real unique part of what we're doing with the idea of putting biometrics into a wearable device is this concept of persistent identity. Even with the iPhone with its fingerprint reader, every time I want to access my phone or access an application that's enabled by the touch ID I have to put my fingerprint down. Whereas with the Nymi, you put it on once and until you take it off you're still authenticated.
Yury: BeyondCurious is a digital innovation company that helps large enterprises use technology to disrupt themselves before they are disrupted. So we want to know what wearbles are going to mean for enterprise. For example, what might this concept of persistent identity mean for the travel and hospitality industry?
D'Souza: One thing persistent identity could enable is that you could know who your customer is before they tell you. If you think about an airline, until I walk up to the counter and I give them my passport or my information, they don't know that I'm a frequent flyer or where I'm going. But imagine if an airline could know my identity and flight information as soon as I walk in the door. A device like the Nymi could help take service to the next level.
The Nymi authenticates your identity using your own heartbeat
Yury: Can you give me an example of how persistent identity could help people in the work place?
D'Souza: Probably the most broadly applicable example is proximity-based device access: I sit down at my laptop and all my accounts unlock; it knows that it's me; I get up and walk away, it locks again. And I can log in from anywhere. The company or the system is 100% confident that I'm sitting in front of that terminal or holding that mobile device or tablet.
Yury: What about applications for the automotive or consumer electronics industries?
D'Souza: Automotive is really interesting both on the consumer side and the enterprise side. From the consumer perspective, persistent identity could make it possible for me to access my vehicle, and have it remember my preferences, where I'm going, and what I was listening to. That becomes really interesting in a fleet environment. What if I can just jump into any vehicle and it knows that it's me, it knows where I'm going and all my information?
You can apply that same model to consumer electronics. So, I can go to a bank of phones or tablets and it has my accounts, my information, it knows that I'm holding it. It would load my apps and my e-mails because it knows it's me. I can take my identity and my preferences with me securely and have the devices and the environment react to me.
Yury: That's a really fascinating vision of the future. I can imagine a persistent identity device making a Zipcar experience much more seamless and personalized, for example. That could even have ramifications for autonomous vehicles. And I can actually imagine the credit card companies paying people to wear a device like the Nymi to deter fraud.
D'Souza: Yes, the way this will probably play out is companies - credit card companies, banks, or car companies, or airlines - will basically give these away, buying them for their most valued customers. But what's important is regardless of how you get a Nymi, it'll work throughout the ecosystem. So, if I get it from my airline, I can still connect to my car, can still use it with my personal credit card, etc.
Yury: Do you think this technology is going to take off first with consumers, or with enterprise and why?
D'Souza: I think there are probably more immediate applications in the enterprise. There's a huge opportunity to save people time and mind share by enabling employees to focus on what they're doing and not have to shift focus to log into systems. But what we're very conscious of is that we don't want this to be a shackle; we don't want this to feel like, "Well I got this from my employer and I have to put it on when I get to work and I take it off as soon as I leave and it tracks me." We want it to be a perk.
For this platform to work really well, it's got to cross enterprise and consumer. It's got to be something I put on in the morning so I can access the things I need and value in my personal and professional life, like my house key, car key, my personal accounts, my credit card, my badge card at work, my computer station, etc. Ultimately, the it's my identity. And I trust it.