No-brainer alphanumeric passwords are child’s play for hackers and bots to hack. Voice signatures and password-emitting pills, tattoos and skin implants, well, not so much. At least not yet.
The race to replace too-easy-to-crack password-based user authentication with something more bulletproof -- or altogether impossible to breach -- is on. Corporate heavies like Apple, eBay, Google and Microsoft are predictably leading the charge, but dozens of smaller startups are making some exciting strides, too.
Here are three disruptive startups shaking up the high stakes user authentication game with bleeding-edge biometric tech:
With Bionym’s Nymi Bluetooth bracelet on your wrist, the key to unlocking all of your connected doodads and devices lies within your heart. (Seriously. We’re not just trying to be cute.)
The Toronto-based startup, co-founded by Karl Martin in 2011, created the world’s first wearable user authentication technology that uses the one-of-a-kind electrical activity thumped out by your ticker via electrocardiogram cardiac rhythm recognition to make sure you’re really you.
The wristband, which looks a lot like fitness tracker Fitbit Flex, wirelessly communicates your unique ECG to your nearby connected gadgets and systems -- your smartphone, laptop, car, home security system, etc. -- in a way that lets you and only you unlock them.
If you lose your Nymi, your heart will go on, but the wristband won’t. It doesn’t work without your distinct ECG input. So, if someone steals it, they won’t get very far.
Bionym pledges to keep Nymi users’ private data private. Their information will be stored locally, though the company said it might eventually offer an opt-in cloud storage option.
To get your pulse wrapped in a Nymi, you’ll have to pre-order one. They aren’t scheduled to ship until “late summer/early fall” this year, Martin said. The first 25,000 are available for $79.
For a closer look at the Nymi on the go, check out Bionym’s demo video.
Your face is your password with KeyLemon’s user authentication tool. Until someone can actually steal your face, KeyLemon’s facial recognition and speaker verification tech combo seems to be pretty darn secure.
The Martigny, Switzerland-based startup, a 2008 outgrowth of the Idiap Research Institute, lets people use their mugs (technically the visual patterns of them) to log into their desktop and laptop computers.
To start, users have to first accept KeyLemon’s “sharing camera” from a web browser. The webcam software works with their device’s embedded video camera. Next, users create a face model, when FaceLemon captures a sequence of images via webcam.
The company said it now has more than three million registered people who use its product to securely “access their devices, online services and financial transactions.” It also offers authentication solutions to online education providers, e-commerce websites and hardware manufacturers.
KeyLemon’s tool is available for Mac and Windows operating systems for $39.95.
Watch the video below to see someone build and verify a KeyLemon face model in a matter of seconds:
Password fail -- losing or forgetting passwords -- is a common problem. According to Aliso Viejo, Calif.-based Arkami, up to 60 percent of people can’t remember all of their passwords. The company’s Kickstarter-launched product, myIDkey, solves that problem, putting all of your important passwords literally at your fingertips.
Arkami's myIDkey is a voice-activated, fingerprint-scanning Bluetooth- and Wi-Fi-enabled USB password storage drive.
The $249 portable biometric device securely stores, displays and manages your online and offline passwords (internet banking passwords, home security system PIN numbers, etc.). You can also store up to 16 GB of confidential digital documents, images and videos on the military-encryption grade drive.
To upload passwords, myIDkey users enter them on a free companion Android or iOS app. To access them, they swipe their finger on the device’s fingerprint scanner, then say which one they’re looking via voice search. The desired info then appears on its backlit OLED screen.
If the three-inch-long, 14-gram password depot is lost or stolen, or if there are multiple failed attempts to access the data it holds, myIDkey automatically self-erases your data.
Here’s a video that shows how myIDkey works: