{"id":58822,"date":"2014-05-06T14:30:44","date_gmt":"2014-05-06T18:30:44","guid":{"rendered":"http:\/\/rbach.net\/blog\/index.php\/"},"modified":"2022-03-19T14:52:27","modified_gmt":"2022-03-19T18:52:27","slug":"security-from-the-heart","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/security-from-the-heart\/","title":{"rendered":"Security From the Heart"},"content":{"rendered":"

\"Security<\/a>We have all heard the horror stories of password management<\/a><\/strong>. Users choose the same weak passwords<\/a>, trade them for chocolate bars<\/a>. They keep track of them on post-it notes<\/a>. Firms are negligent in managing weak passwords<\/a>. Help Net Security<\/em><\/a> wrote about the latest innovation in passwords from Canadian security start-up Bionym<\/a><\/strong>.<\/p>\n

\"Bionym<\/a>Bionym created Nymi,<\/a><\/strong>\u00a0a bracelet\/wristband containing an ECG (electrocardiogram<\/a><\/strong>) sensor that “reads” the unique heartbeat pattern of the wearer. The bracelet will use the ECG to authenticate into electronic devices; cars, computers, smartphones, TVs, etc.<\/p>\n

\u201cIt was actually observed over 40 years ago that ECGs had unique characteristics,<\/em>\u201d Bionym CEO Karl Martin pointed out<\/a> to Tech Hive<\/em><\/a>. \u201cWhat we do is ultimately look for the unique features in the shape of the wave<\/strong> that will also be permanent over time. The big breakthrough was a set of signal-processing and machine-learning algorithms that find those features reliably and to turn them into a biometric template<\/strong><\/em>.\u201d<\/p>\n

When you clasp the Nymi<\/a> around your wrist it powers on. By placing a finger on the topside sensor while your wrist is in contact with the bottom sensor, you complete an electrical circuit. After you feel a vibration and see the LEDs illuminate, your Nymi knows you are you and your devices will too. You will stay authenticated until your Nymi is taken off,<\/em>” it’s explained on the firm’s website.<\/p>\n

3-factor security<\/h3>\n

\"NymiThe Nymi functions on a 3-factor security system<\/strong>. To take control of your identity you must have your Nymi, your unique heartbeat, and an Authorized Authentication<\/a> Device (AAD). The AAD could be a smartphone or device registered with their app.<\/p>\n

No details about the bracelet’s security have been share on the site. Ars Technica’s<\/em><\/a> Dan Goodin has pumped Martin for information and, so far, the news is good. Elliptic curve cryptography<\/strong><\/a> is used to ensure data traveling between the bracelet and the device is not monitored or intercepted by attackers. ECC also encrypts the handshake performed between the bracelet and the devices being unlocked.<\/p>\n

\"perform<\/a>“The Nymi also has motion sensing and proximity detection that allows users to perform remote, gesture-specific commands<\/strong>, creating a dynamic and interactive environment,<\/em>” it is explained. “A simple twist of the wrist can unlock your car door<\/em>.”<\/p>\n

When it arrives, Nymi will offer three-factor authentication<\/a>. The wristband itself, your unique cardiac rhythm, and a mobile device, like a smartphone or tablet. The Nymi hardware acts as a secure token<\/a> that ties into the biometric. The wristband will need to check in with your smartphone or tablet at the beginning of the day.<\/p>\n

rb-<\/em><\/strong><\/p>\n

The thing that excites me most about Nymi is its potential to get rid of\u00a0passwords. I think the password has a limited shelf-life. Once wearable computing<\/a> takes off, payment processing will be integrated with biometrics on the wearable devices, there will be no need for passwords.<\/em><\/p>\n

\"Nymi<\/a>Bionym’s Martin stated, \u00a0 \u201c[Killing the password] is one of our goals,\u201d noting that the Nymi will be compatible with the FIDO Alliance<\/strong><\/a>.<\/em><\/p>\n

FIDO, which stands for Fast IDentity Online<\/strong>, was created by PayPal<\/a> and Lenovo<\/a>\u00a0(LNVGY<\/a>)\u00a0and now counts Google<\/a>\u00a0(GOOG<\/a>)\u00a0and Microsoft<\/a>\u00a0(MSFT<\/a>)\u00a0among its members. The alliance has set out to create the next-generation standard for identity verification.\u00a0<\/em><\/p>\n

 <\/p>\n

Ralph Bach<\/a>\u00a0has been in IT long enough to know better and has blogged from his\u00a0Bach Seat<\/a> about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn<\/a>,\u00a0Facebook<\/a>,\u00a0and\u00a0Twitter<\/a>. Email the Bach Seat\u00a0here<\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

Canadian security startup Bionym created Nymi a bracelet containing an ECG sensor that reads your heartbeat to authenticate into our iDevices<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[2292,2099,1452,2101,2100,536,92,2098,1524,82,421,2097,1594,4],"class_list":["post-58822","post","type-post","status-publish","format-standard","hentry","category-security","tag-2292","tag-authentication","tag-biometrics","tag-bionym","tag-fido-alliance","tag-goog","tag-google","tag-karl-martin","tag-lenovo","tag-microsoft","tag-msft","tag-nymi","tag-paypal","tag-security"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/58822","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/comments?post=58822"}],"version-history":[{"count":16,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/58822\/revisions"}],"predecessor-version":[{"id":131332,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/posts\/58822\/revisions\/131332"}],"wp:attachment":[{"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/media?parent=58822"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/categories?post=58822"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rbach.net\/index.php\/wp-json\/wp\/v2\/tags?post=58822"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}