NPR Story
10:45 am
Tue July 2, 2013

Heartbeats Could Replace Passwords

Originally published on Wed July 3, 2013 7:22 am

The average person has 30 to 50 accounts requiring a password, but uses only about five different passwords. And the most common password is still “password.”

Security experts say people should use a different password for each account, with each password at least 14 characters long.

Instead of memorizing all those passwords, what if the key to unlocking everything could be linked to something unique about you — like the rhythm of your heart?

That’s what biometric researchers in Toronto have come up with.

Like fingerprints, heart rhythms are unique. The peaks and troughs mapped out by an electrocardiogram are affected by the heart’s unique characteristics, including size and shape.

A company called Bionym is working to make passwords obsolete by using a person’s heart rhythm as a biometric pass code.

“We put this into a wristband so that when you put it on, it knows that it’s you,” Bionym CEO Karl Martin told Here & Now. “And then it can communicate your identity to systems in a secure manner around you.”

  • If you could replace all of your passwords with something biometric, like your fingerprints or heartbeat, would you? Tell us on Facebook or in the comments.

Interview Highlights: Karl Martin

Privacy concerns

“We’ve designed the system so the user has complete control over their data and their identity. Everything requires opt-in. They know where their data is going, and they can revoke that if they want.”

How it could be breached

“If you compare it to say fingerprints, you leave your fingerprints everywhere. It’s really not that difficult for somebody to get your fingerprints. But for somebody to get your cardiac rhythm, you’d actually have to have to be touching a sensing surface of some sort. You’d have to be unaware, so that somebody is doing this without you knowing it.

What happens if you die

“That’s a problem that we don’t solve. And I would say that’s actually a major problem with the digital world everywhere, whether it’s your passwords you took with you, or your biometric that you took with you. I think concepts of digital wills and how you manage that are things that really need to evolve. And certainly, when you’re tying your data to a biometric of your beating heart, I think that problem becomes more obvious, but it’s definitely not a new one.”

Guest:

Copyright 2013 WBUR-FM. To see more, visit http://www.wbur.org.

Related Program