PayPal Password Pill

PayPal are considering a pill that can be eaten instead of typing in a password. The idea is that instead of having to type your password, you would instead eat an inedible pill that would be powered by your stomach acid. This pill would then use some sort of biometric authentication and transmit your password to an external sensor that would authenticate you. The inedible pill would then pass through your body safely.

The good thing about the Pill is that it allows for 2-factor authentication. 2-factor authentication is the idea that you can further secure a system by forcing the user to present something they have and something they know in order to authenticate. Something they know is their password, something they have could be a USB key or fingerprint, etc… The benefit of 2-factor authentication is that if one part is stolen (such as the password), the attacker still can’t break into the system.

While the pill has the advantage that its biometric, I can’t see any advantage over using fingerprints at this stage. The negative of using the pill is that you need a stock of them, they could go off if they’re beyond their use by date and you might be in a situation where you need to authenticate but don’t have a pill but do have your fingers. Why not just use fingerprints?

I imagine the hardware would initially be costly and of course there’s an on-going cost of authenticating transactions. Over all, I love the innovation, but think that even if the pill came in other forms such as a biscuit or candy, making people eat something containing electronics will be a hard pill to swallow for many PayPal users.

I know the Password Pill sounds like an April Fools prank, and granted the news did come out in mid April 2014, but is published in the following news sources: BBC, Wall Street Journal, Daily Mail. Unfortunately, I couldn’t find anything from PayPal’s website about this technology.