Modernizing Authentication — What It Takes to Transform Secure Access
Kind of like a Ferrari without an engine, cool devices like smartwatches get boring pretty quickly without compelling apps to drive the user experience.
That is why Canadian startup Nymi sells a software development kit (SDK) on its website for $149, said the company's founder and CTO, Karl Martin. It began selling the SDK late last year "to kick start a developer ecosystem," he said, after launching its concept of a wearable band that uses biometric technology to identify the wearer in 2013. "At the end of the day, the usefulness of our product is dependent on integrations and partnerships."
The current SDK is available for Android, iOS, OS X and Windows. Nymi will release an updated version, SDK 3.1, next month.
An enthusiastic early adopter is MasterCard, which partnered with Canadian financial institutions including TD Bank and RBC Royal Bank to conduct contactless payment pilots last November. MasterCard is one of the Toronto-based startup's investors, along with Salesforce Ventures, Export Development Canada, Ignition Partners and Relay Ventures.
Last month MasterCard rolled out a program that will enable payments on a number of devices, including key fobs, rings and Nymi bands. "This program eliminates the boundaries of how we pay by delivering a secure digital payment experience to virtually anything – rings, fitness and smart bands, car key fobs, apparel, and whatever comes along next," said Ed McLaughlin, the company's chief emerging payments officer, in a statement. Capital One has signed on as the first card issuer.
Painless, Persistent Authentication
Nymi also has a big future in the enterprise, Martin said, adding that "an interesting intersection of needs" should drive its adoption there.
"Enterprises have a need for painless multi-factor authentication that works on multiple platforms," he said. "From an IT perspective, you'd like to ask users to authenticate frequently but you can't because of the inconvenience factor. The Nymi band is a wireless peripheral authenticator that meets this need. It has a persistence component, so you do not have to authenticate over and over again."
Nymi's biometric technology uses a heartbeat to provide continuous authentication. When he founded Nymi (then called Bionym) in 2011, he "did not have the concept of a wearable authenticator" but simply planned to license the biometric technology, Martin said. "It took a couple years to realize the opportunity around putting the technology in a wearable form factor to provide persistence."
To demonstrate this capability, Nymi developed an application for Windows and OS X that allows those wearing the band to unlock their PCs and Macs without entering passwords. Companies can purchase the SDK, which includes a band, download the unlock app and then develop proprietary integrations for it, Martin said.
One possible enterprise use for the band is access control to physical facilities. A company called Brivo Labs developed an app for this purpose that works with the Nymi band.
Gearing up for Growth
In total, Nymi has delivered more than 3,000 bands to customers.
In the past year, Nymi has raised $14 million. Last month it hired a new CEO, enterprise security veteran John Haggard. Martin said Haggard will focus on helping Nymi sell its product into the enterprise as a "complete packaged solution" that will also include software components that will help customers deploy and manage Nymi devices.
The long-term strategy, Martin said, is to embed the Nymi authentication technology into third-party wearables.
"It could be used in a multitude of form factors. People like choice and the element of personalization you get with wearables," he said. "The band is our go-to-market vehicle, and we may continue to make other form factors as an option. But we do not see other wearables as competitors unless they come out with wearables embedded with persistent authentication. We see other devices as great opportunities for vehicles for our technology."
Ann All is the editor of Enterprise Apps Today and eSecurity Planet. She has covered business and technology for more than a decade, writing about everything from business intelligence to virtualization.