The Nymi and our unmediated future

By Cale Guthrie Weissman , written on September 3, 2013

From The News Desk

I hate thought exercises with technology, where you posit a logical end of a new technology. Apple's Siri means we'll talk to all our computers like we're Scottie on Star Trek. The Segway scooter will change how we travel within cities. I'm still waiting for robot maids, drone dry cleaning delivery, flying cars, and moving sidewalks.

With some new technologies, though, that's all you can do -- like wearable technology, which has been rife with speculation from the get go. Because, you know, wearables wearables wearables.

What will the world be like when everyone wears Glass-like technology? When the MYO armband is finally released, what sort of control will it unlock? How much of our hidden potential can we deduce from devices like Fitbit? They're questions worth asking, but also getting boring. That is, until a new wearable is released, which takes the phenomenon a step further.

Well, here we go: Now there's a wearable that authenticates devices using your heartbeat. The Nymi, born from a Toronto-based lab called Bionym, is a wristband that identifies wearers using an electrocardiogram (ECG) sensor. You wear it, the device recognizes you, then you can authenticate other devices. It's the latest answer to the password quandary by making your body the passcode.

According to Bionym's CEO Dr. Karl Martin, the future of authentication rests in the realm of wearables.

"We're putting identity on the body," he says.

Nymi offers several practical uses. If you have something that needs unlocking -- be it an app, a mobile payment, a car, etc. -- you can use the device for that. You don't need to enter any information, the device knows it's you because you are wearing the wristband and it senses it. Say sayonara to passwords and log in information. Just breathing or having a pulse means you're authenticated.

My conversation with Martin took a turn for the weird, however, when we explored other potential forms of identification. Take, for instance, the rumors that the upcoming iPhone will use fingerprint technology. As Martin sees it, that's one step too many. Why should I have to lift my hand and place my finger on my phone? That's just too burdensome. Instead, the phone should just know I'm me.

If you're marketing a product you need to orchestrate a problem to alleviate. What's weird about Nymi is that it is an impressive and useful app, but the orchestrated problem is endemic in our society. We're becoming lazier, and Nymi's goal is to aid this.

Passwords, at least to me, hold a two-fold function: They protect your information, while also reminding you that your information is protected. The process of accessing it is a good way to reflect on why information should be secure. In some ways, I think authenticating should become more convoluted -- not less -- to instill the importance of security. Maybe that's just me, though.

Right now Nymi can only be used for unlocking apps and non-iOS smartphones, but once the developer program is well underway, imagine the potential. Your front door will open automatically. You'll pay for dinner with the wink of an eye. You'll breeze right through airport security just being you. It is precisely this potential that scares me about such devices.

Of course, passwords are pesky and annoying, and the world would be a better place without them. My fear is not that without passwords we will instantly become lazy and inept. My fear is that the be-all-end-all for Nymi is the erasure of the authenticating process. For example, if you want to make a mobile payment or unlock your car, the authentication will be your presence; there will be no mediating step. You can call me old, but I think the process of allowing access to this kind of secure information is necessary as a sort of intellectual barrier. As a way to pause and remind yourself that, yes, you are doing this. You don't need to have a million passwords, but I think you need something. It seems to me that Nymi wants to remove this something. That's a bit frightening when you think about it.

Not to mention the fact that the authentication will be based on our own biology. This opens a whole can of worms about hacking and whatnot. Martin, of course, stressed to me that all of the biological information was encrypted with a cryptographic chip. If accessed, according to him, "your data would look like complete noise." But that still doesn't negate the fact that the data is based on your own personal makeup. This is a brave new step toward, dare I say it, the singularity. Or at least something oddly parallel to it.

Imagine the dystopian possibilities for these sorts of biological encryption programs -- software that can tell if you are lying based on your heart-rate, a sort of pocket lie-detector test; or imagine an app that can detect physical attraction based on the body's response. Using biology to enable security opens the body itself up to security infiltrations.

We are entering the WALL-E future, when we just sit on our ass and do nothing, and our bodies -- not our actions -- dictate what happens. Welcome.