Skip to content
The Nymi lets you securely and seamlessly engage with your world through ECG (heart pattern) authentication and motion sensing.
Video Source: Bionym Inc.
what is the exact name of the sensor used in nymi ?
how ECG signal doesn’t change ?what is the feature in ECG that is unique and doesn’t change from one person to another
Log in to Reply
Bionym has not provided technical details on their sensor or how the closed-loop ECG authentication works, aside from this general description: http://bionym.com/tech/. We will post further information when available.
@ Editor:What do you mean when your saying ” what electrodes”? In your post above, you refered to two links. I scanned the first link and it refers to needing two electrodes, in order to reject the strong signals generated by electromagnetic fields. Most common being the 60 cycle hum from AC electricity.
Then in the paragraph below the links you wright ” Im actually skeptical that without common mode rejection( which requires two ELECTRODES), a single electrode (the device itself) Can filter out the ambient power line and other signals.
It has to have two electrodes or it couldn’t possibly work. It actually has three electrodes. Two on the bottom, and one on top. I don’t need to be a bioengineer to understand that the way the ECG signal is propagated through living tissue is not the same as say metal to metal contact. It still can be replicated. It depends more on the type of sensor or electrode that they use. The question is the anti skimming and spoofing tech. It doesn’t seem that difficult to circumvent. For an average robbery, yes. For organized crime and really valuable items. I’m a little skeptical.
It’s not that I don’t find the device to be practical. It’s seems like it could be very convenient. I’m just saying that they are promoting it as having a higher level of security. People could become complacent that it was more secure than it is. If you are entrusting it with things in valuations of hundreds of thousands of dollars, it’s a powerful incentive to hack this device. As tech evolves it will become easier and easier to do just that
“It has to have two electrodes or it couldn’t possibly work. It actually has three electrodes.”
No, it only has one electrode on the bottom and one on top. See http://bionym.com/tech/. I’m unclear on how the Nymi works; three electrodes are normally required for common mode rejection. I’ll find out if they are willing to say (unlikely).
“[the ECG signal] can still can be replicated. It depends more on the type of sensor or electrode that they use.”
The Nymi is not detecting an ECG signal. It’s detecting a signal in the body at the wrist, which is a spaghetti jumble of multiple frequencies, phase timings, and amplitudes generated by the unique set of tissue impedances and conformations, etc. of the individual’s body from various signals, including EMG and EEG. The ECG itself is modified during transmission to the wrist and buried as just one part of the complex signal, with billions of variations that change every day.
I don’t know what the Nymi actually does. They don’t say, of course. Ideally, they would logically be sensing a specific set of parameters, picking out a discrete set of frequencies, timings, phase relationships, and amplitudes converted via fast Fourier transform to digital signals and then running all that in a DSP via a set of filters through a unique algorithm to serve as a “key,” which changes every time the user activates the device, and is further encrypted. There’s no way I can imagine to replicate such an incredibly complex signal without having a full duplicate body with all daily changes constantly replicated (in which case we are into science fiction with an uploaded/cloned body). Even if they had the algorithms for signal detection and processing, and the encryption algorithm, they still would not have the detected and processed body signal. How well they do all that is an unknown. I’ll try to find out more details.
I’m not looking to flog a dead horse but, the stray electrical fields encountered in the day could overwhelm the sensor. Seems more likely that there are two on the bottom and Thet they are being misleading.
As for the spagetti jumble. Yea, that’s what I was referring to in Tge other posts. The phasing and subsequent amplitudes attenuations of the bodies tissues is very analogous to the complex interactions of sound waves , propagating in acoustic instruments. We run across the same issues when processing sound. Each successive electrical processing circuit blurs the phase relationships of the harmonics, in the sound waves being processed. In audio there are components designed to restore these phase relationships.
As for feeding tha appropriate signal to the device, of cours you would have to use the individuals body, sampled at the appropriate place. That’s why I included the Mission impossible scenario.
We really don’t need to persue this further. I don’t dislike the device. I just wouldn’t ascribe it as total security. To me that would be unwise for extremely valuable commodities. As I have stated before.
I am sure as there are more smart watches this same functionality will just be built in as it it with laptops and fingerprint scanners. I don’t like the idea of one more bracelet to wear… maybe they make a paper thin sensor you can put on the belly of any watch you own already…. ? Coolest thing for me in the video was the glowing door handles that pop out… upgrade my car with those please.
I did like the hand gestures to act like turning on a key, or maybe they can detect a thumbs up or down to allow for Yes/No answers on info screens, etc. Maybe they can speed that process up a bit, or offer more hand gestures in the future.
One other comment, it seemed the bracelet fits loose… I can see that would drive some people crazy… rather have this device built into a watch. If you are picking up movements in the bracelet you can’t have it fitting too loose. Also why did he take it off at night? (is it recharged this way?).
I didn’t like the self-consciously silly gesture of the “thumbs up” to open the car door. Why not make it so it detects your identity as soon as you touch the handle? But perhaps this was done for the sake of giving it an understandable visual.
When the music stopped abruptly at the end of the video, I thought his computer screen was going to read:
“Sorry Steve, you just had a heart attack.”
“Deleting Steve’s account…”
Surely i can record someones cardiac rhythm and replay it back
Bionym states (http://bionym.com/tech/) that Nymn has as “3-Factor system” and “an integrated hardware-based secure element prevents digital skimming and spoofing.” That could likely be done by encrypting the ECG signal (it’s more than rhythm; that’s just my simplified headline) and storing it in digital form. Their description is vague, probably for proprietary reasons. I’ll try to find out more.
For example: does it make users more vulnerable to criminals, who might force someone to put their hand up to an ATM machine (yes, they could also force someone to punch in their pin, but the victim could claim to forget it)?
The encrypted signal isn’t the weak link. Copy someones cardiac patterns for the desired individualities, then steal the bracelet. Feed the bracelet the signals and your in.
Bri, There is no way to “feed the bracelet,” which is only relevant to a known physiological substrate (a specific human body and wrist). But more important, there is no simple “signal.” Assuming Bionym has competent bioengineers, they are using “cardiac rhythm” as simplified language for the general public. The ECG is actually a complex signal with energy distributed by harmonics across frequency and time domains (doctors only see a highly simplified display). Location of the electrode on the body and signal processing (filtering, amplification, sampling, FFT conversion, etc.) radically changes the characteristics of the signal (timing, harmonic power spectral density as a function of time, etc.). This is all before encryption, which can further chose specific aspects of the signal to encrypt. Note that the user has to update signal acquisition daily to account for physiological changes, making it further inaccessible.
Here’s some basic info on the subject that may help explain more:
I’m actually skeptical that without common-mode rejection (which requires at least two electrodes), a single electrode location (the device itself) can filter out the stronger ambient power-line and other signals. I hope to discuss this with Bionym engineers.
On page three they speak of the interference from close proximity electrical fields. That in order to record the ECG signal they must first footer out this noise, typically a 60hz signal. They describe it as a 50hz signal. It may be European? Anyway they use a differential amplifier to basically phase cancel it, becaus it appears the sample to both electrodes.
The ECG signal is derived from the differences between Tge electrodes. It’s a two point sampling system that sums both information. What’s to stop someone from doing exactly the same thing? Even if the device shuts off and locks out if the contact between the skin and electrodes is broken, a conductive mimic could be slipped between. All it needs to do is maintain the fields supplying the electrodes. It’s all just electric fields, as is evident from the interference from other stray fields. I’m not sure which parameter of signal filtration from body tissues, that they are looking at. Different frequencies get phase shifted by different amounts as electromagnetic signals pass the various materials. That’s what makes a rainbow as light passes through a prism.
Those alterations are recordable. They are subject to Fourier analysis. That’s one of the things that Rays keyboard does to emulate natural sounds. Instead of recording dense samples at high sample rates, it looks for those alterations and represents them mathematically, at a fraction of the data density that sampling creates. The distortions and phasing of signals is not mysterious. It’s still just data sets. They can be replicated.
For general public day to day security, I don’t think criminals would go to those lengths. If you could steal millions, it doesn’t appear to be that hard to hack. The material to slip between the electrodes snd skin might be a little exotic, but the rest is just simple signal processing. I’d be a little Leary of this one. Great and convenient for low value activities. A little too vulnerable for corporate secrets or high value activities. I do think multiiple biometric security systems have good potential for awhile. Soon even those will be easily hackable.
Another way to look at it could be illustrated by the differences between a stratevarious violin, and a regular one. For a musician playing the two. One is more responsive and has better tonal characteristics. All of those differences are because of the same temporal alterations of the harmonic overtones. As you play the instruments, they will sound different under different circumstances. The strings are the same. The notes you hit are same. The ” body of the instrument attenuates and reinforces different overtones, and each of the these resonates and is drawn out by other frequencies created by the notes that you play.
I’m supposing that that’s whst they are looking at in terms of the heart beat. It’s like the notes on theviolin. As your heart beats faster, it’s creating a higher frequency. As it pumps harder , it’s creating greater amplitude. The body of each individual will react yo those changes differently, just like the violins.
The problem is we can replicate the sounds of all the great violins. In a similar manner it would be possible to replicate these individual variations. I don’t think the bracelet is a constant contact device. If it fits loosely, it can’t be. The potential for mimicking the signals is too great. It doesn’t seem to be that hard a problem.
No, there is no way to replicate the complex processing, based on those simplistic analogies. Replication would require reverse-engineering the device itself, a major challenge — of course, some folks are probably already working on a back door. :)
Bri, your comment is too vaguely written to respond to. “The ECG signal is derived from the differences between Tge electrodes.” What electrodes are you referring to? All processing is done inside the device, not with an external system, and only works if the user is wearing it. This is hard to explain unless the reader has studied bioengineering.
Re lack of common-mode rejection (to reduce ambient electrical noise): I just noticed that at the beginning of the video, the user authenticates his identity by touching what is apparently a second electrode with his finger while sitting down (baseline matching), which would verify that it’s the same user by comparing the user’s (processed) ECG with the value currently stored in the bracelet (while perhaps also updating the baseline?). Very clever. So the device is apparently not actually detecting ECG in real time, which also eliminates the need for high-speed live processing (not practical) and for compensating for variations in ECG signals with exercise, emotion, etc. I’ll verify or correct this after after interviewing their engineers.
Yes and note that you can extract a heart rate from a video.
A little more info might be helpful. I gather that there are fingerprint type variations for each individuals heartbeat. What stops someone from getting that information from other sources? People misplace their watches all the time. Access to everything you own and do is going to be entrusted to a wrist watch type device?
Please log in to post a comment.
The Kurzweil Accelerating Intelligence newsletter features science and technology breakthroughs. It also lists new blog posts, events, videos, and books.
Read current newsletter