“They can steal your credit card, but they can’t steal your heart.”
That’s the “unofficial motto” that Yehya Awad and his team have been kicking around for PulsePay, a heart rate-based method of online consumer authentication that was the winner of the Vantiv challenge at the latest HackPSU (which took place on April 9).
PYMNTS recently connected with Awad, Hozaifa Abdalla, Xiaoyu Zhou, Hansel Lobo and Kenneth Schnall to learn more about what inspired their winning innovation, how it all came together during HackPSU and the potential real-world applications for the technology moving forward.
The PulsePay team went into the hackathon event at Penn State University with an open mind about what exactly they would spend the 24-hour limited timeframe developing.
Their approach, explains Abdalla, was to first “attend a lot of workshops.” The one that he says stood out to the team was Vantiv’s, which presented “a real-world experience where they had a real-world problem” — that being to authenticate an online consumer without him or her having to enter credit card information.
The keynote speaker at the Vantiv workshop was Shawn McCarthy, senior leader of portals and APIs at the company. His remarks related to fraud and payment systems inspired the PulsePay team, says Awad, to “work on something that was related to the Internet of Things … to connect some kind of device that could be used in a beneficial way.”
That device turned out to be the Nymi Band, which the team decided to use — along with the Vantiv API — to build a “a really awesome … really secure … authentication system,” remarks Awad,
Once the PulsePay team had settled on that concrete idea — a step that Awad views as “the most important” part of any hackathon — they had about 20 hours left to turn it into a reality.
And there were some problems right away. One appeared so substantial, in fact, that it nearly caused the team to give up.
The in-development prototype of the Nymi Band that the team was given to work with didn’t “work with Mac at all,” explains Awad, and his entire team was working with either Mac or Linux devices.
The solution, he shares, was for the team to “right then and there buy Windows, download and install it.”
But then another obstacle soon arose, that being the need for a platform upon which to best demonstrate PulsePay’s use of the Vantiv API — something that was not provided.
To solve for that, explains Zhou, “we actually designed a whole shopping system” — an eCommerce website that “kind of resembled Amazon,” adds Awad, for the sole purpose of displaying PulsePay’s functionality in practice.
That demo commerce site that the team designed on the fly obviously worked, given that their technology came away from the Vantiv challenge as the winner.
Referring again to McCarthy’s speech — in which he spoke of how the already big issue of security in payments in general becomes even bigger when it moves into the IoT — Lobo attests that PulsePay can solve “the need for a seamless way to authenticate payments” in that ever-expanding field.
As very few behaviors are more literally “natural” than the process of a person’s heart rate, Lobo explains that the team found it to be an ideal basis to “open a great application of the Nymi Band and use that for authentication.”
The PulsePay team sees a number of future potential applications for their technology, such as expanding into other heart monitoring devices, like smartwatches. They also see a way that it can be used so that a consumer wouldn’t have to enter his or credit card into any specific website, while still getting authenticated across the board.
An overall goal that the team is working towards centers on speed of payment, with Zhou specifically drawing the comparison to what Apple has done with Touch ID.
On the whole, Awad looks back on PulsePay’s successful performance at HackPSU as a “massive learning experience” — and a great one at that, with everyone on the team now looking forward to where they can take their technology next, both at other hackathons and in the real world.