Privacy by Design
We started this company from day one thinking about how to unlock the security of biometrics while protecting user privacy. This is what we came up with.
Biometrics on the Nymi Band
Fingerprint
During enrollment, the Nymi Band fingerprint scanner will capture an image of your print to generate a mathematical template based on its unique features.
The mathematical template is generated and your fingerprint image discarded (it is never stored on the device or elsewhere).
The mathematical template remains within protected memory. It never leaves the Nymi Band. Therefore, your biometric data remains in your possession at all times. This design is unlike almost all other biometric authentication solutions, which store data centrally and increase risk of hacking and stealing.
Electrocardiogram
Optionally, organizations can enable Liveness Detection, an additonal electrocardiogram (ECG) signal check, during authentication. Similarly, ECG data is never recorded nor stored on the Nymi Band.
The 7 Principles of Privacy by Design
Proactive not reactive; Preventative not remedial
Privacy as a default setting
Privacy embedded into design
Positive-sum, not zero-sum
End-to-end security - full data lifecycle protection
Visibility and transparency - keep it open
Respect for user privacy - keep it user-centric
What it means to Nymi
People should not have to sacrifice their privacy to access the benefits of technology.
The principles of Privacy by Design provide a framework for how technology should be approached to reduce privacy risk for the end user. With these principles, we pioneered a safer way to utilize the security benefit of biometrics by minimizing the amount of personal data that is processed and retained in our solution. We also deviated from the status quo that centralizes storage of biometrics, and instead, designed a way for people to remain in possession of their data at all times with a wearable form-factor.
Doing things the right way can mean deviating from the popular way.
The increasing complexity and threat landscape of the digital world gives us reason and resources to find better ways of doing things. A multi-factor wristband authenticator is an innovative approach to connectivity in the workplace that allows organizations to better navigate several intersecting issues: security, compliance, productivity, user experience, privacy, health and safety, and more.
Most importantly, receiving these benefits can be done in a way that minimizes risk to people who use our technology, protecting their autonomy at all stages. Technology is transforming the way we work, and Nymi is creating solutions that ensure technology works for us.
There are significant benefits to people and organizations who embrace technology. However, it is increasingly challenging to find solutions that protect user privacy as a fundamental design requirement.
Nymi has always recognized user privacy as a design requirement as fundamental as other more obvious requirements, like security, compliance, and usability. In the end, we’ve built a solution that mitigates risk to the end user and puts people’s interests first in principle and in practice.
Visibility & Transparency
Protecting user privacy also means providing people with visibility and transparency.
People must be able to check that companies are handling their personal information in a secure and trusted manner, aligned with established privacy policies.
At Nymi, we work with companies to ensure there is visibility and transparency about what, how, and why any personal information is processed or stored.
Furthermore, our secure workplace wearables enter some of the most highly regulated environments and comply with strict GDPR law.