PayPal venture to make you swallow your password could change perception on biometric tech

Science fiction movies of the 1980s had already begun to portray people using devices to navigate city streets and pinpoint where they were. Much like today’s Apple Siri, characters would ask it questions, only to have them answered by a disembodied computer.

Science fiction writers surely thought of these technologies as an impossibility. So why can’t we imagine a world where people buy products by waving a hand near a sensor?

After all, it’s part of a script writer’s job description to prepare us for the eventuality of connected humans. In Casino Royale, James Bond had a homing microchip implanted under the skin in his left arm. It not only helped MI6 keep track of him, but also monitored his vital signs.

The notion that people might turn to implants for added security, given how many passwords are compromised and devices stolen, may not really be a far-fetched idea at all.

Read more about technology:

• British facial recognition company Realeyes secures €3.6m to understand your feelings
• 6 smart products that are not afraid to take charge
• Google’s latest patent suggests robot with interchangeable personalities are on the horizon

In BBC Future, British journalist Frank Swain explained how he removed the RFID chip from a smartcard used to pay a fare on the London underground in order to embed it under his skin. “The machine barriers would fly open with a wave of my hand, as if I was some kind of technological wizard,” he suggested.

He may have been unsuccessful, but it has been done before. In 1998, British scientist Kevin Warwick had himself implanted with an RFID transmitter to prove the concept of controlling doors and lights by walking nearby. By 2000, Warwick was able to interface his implant with his own nervous system.

With such possibilities in sight, PayPal’s LeBlanc has claimed that traditional usernames and passwords are dead.

He suggested that obvious password choices make our identities too easily hackable. Then there’s the fact that no matter how many times people are asked to change passwords, “123456”, “password”, “12345678”, “qwerty” and “abc123”, are still among the most used.

50 most-used passwords exposed

LeBlanc pointed out that dependence on passwords has become too complex since people are required to come up with “unique combinations consisting of uppercase and lowercase letters, a number and a symbol in the eight-character sequence”.

Furthermore, the more accounts you have, the more passwords you will need. This inevitably leads to people creating passwords that are easier to recall.

“As long as passwords remain the standard method for identifying your users on the web, people will still continue to use ‘letmein’ or ‘password123’ for their secure log-in, and will continue to be shocked when their accounts become compromised,” he said.

While there are other methods that can be used to increase login security, such as fingerprints, used by Apple for its iPhones, these can lead to false negative results, where valid users can’t log in, and false positives, where invalid users can log in.

LeBlanc suggested that the answer lied in being able to use brain implants, heartbeat monitors and vein recognition.

PayPal has recently outlined a range of biometric solutions that could potentially replace the password. For starters, what about ingestible authentication devices, which worked on batteries, that would be powered by stomach acid? It would be able to detect glucose levels and other internal features.

Read more about passwords:

• For British business, is the password a past word?
• Bad password habits cost businesses £130,000 a year
• Worst and best policies revealed: Top sites included

He explained that the data could then be encrypted and “beamed out to an external receiver”. Leblanc added that technology had become so advanced that it allowed “true integration with the human body”.

Another procedure being developed is a wireless silicon chip that can be inserted in the body. This chip monitors the electrical activity of the heart, and can relay it through wireless antennae to “wearable computer tattoos”.

A PayPal spokesperson said: “We have no plans to develop injectable or edible verification systems. It’s clear that passwords as we know them will evolve and we aim to be at the forefront of those developments. We were a founding member of the FIDO alliance, and the first to implement fingerprint payments with Samsung. New PayPal-driven innovations such as one touch payments make it even easier to remove the friction from shopping. We’re always innovating to make life easier and payments safer for our customers no matter what device or operating system they are using.”

Security company Kaspersky announced in February 2015 that it had partnered up with BioNyfikento to research the potential for smart implants.

“The technology is already happening,” said Hannes Sjoblad, co-founder of BioNyfiken. “We are seeing a fast-growing community of people experimenting with chip implants, which allow users to quickly and easily perform a variety of everyday tasks, such as allowing access to buildings, unlocking personal devices without PIN codes and enabling read access to various types of stored data.”

In fact, Intel research claimed that by 2020, users would be able to browse computer documents and surf the internet through he power of their mind. This would be made possible via sensors implanted in people’s brains.

As more applications emerge, we could well see implantable chips and edible technology becoming more common.

But Leblanc stressed that several of these technologies still have a long way to go, which may be good given that they may not yet be deemed socially acceptable.

By Shané Schutte

Share this story