Blood money: PulseWallet lets you pay with your veins

pulse lede

“Spread your fingers.”


“Remove your hand.”

Just like that, a machine called PulseWallet scanned the veins in my right hand and charged my credit card.

PulseWallet, or palm scanners like it, might soon call your local Starbucks home and provide one more way to pay for your Pumpkin Spice Latte.

PulseWallet is a credit card terminal and register with a built-in biometric palm reader. Inside the reader is an infrared Fujitsu camera that photographs your vein pattern and then pairs it with the credit card you’ve swiped. Once you’ve paired you can hold your hand over any PulseWallet terminal to pay with your credit card. If you’re a business owner, you can hook it up to your POS (point of sale) cash register, or to PulseWallet’s bundled register, which includes a Windows tablet. The whole package is being announced today, and goes on sale next month for a yet-unspecified price.

PulseWallet may not command the hype of immaculately designed Silicon Valley payments startups like Coin or Square, flush with cash and top engineering talent, but it works. It was non-invasive and able to identify you in less than a second in my tests. In the age of Touch ID, PulseWallet’s hands-off approach is refreshing, but is it anything more than a pipe dream in a world where any attempt to create a new payments system runs into gigantic roadblocks?

Hover hand to pay

PulseWallet CTO Matt Saricicek remembers watching Google debut its Wallet mobile payments product and being pretty disappointed. "Why should you have to present anything to make a payment — and to prove your identity — other than yourself?" he wondered. Saricicek looked at the iPad POS systems he was building for San Francisco company Revel Systems and decided he didn’t love those either. He booked a flight home to New Jersey and pitched an idea to high school pal Aimann Rasheed: what if you could pay with your finger?

The technology is correct about 99.99992 percent of the time

Several months later at CES 2012, the duo debuted a payments system built on Hitachi’s VeinID technology, which takes an infrared photo of the veins in one of your fingers. But nobody wanted to put their hands in the machine, and VeinID wasn’t as accurate as Saricicek and Rasheed had hoped. So they dreamt bigger. The duo looked next to Fujitsu, whose PalmSecure technology operated on similar principles but scanned your palm instead of your finger. The infrared image generated by PalmSecure was converted into a biometric template, which was then stored in the cloud. When you place your hand over another PalmSecure reader operated by the same owner (like a bank, hospital, or school), the device looks for a perfect match in its database, and if it finds one, your identity is verified. After age eight, Saricicek says, most peoples’ veins stay largely the same, so you won’t have to worry about rescanning your hand. The technology is correct about 99.99992 percent of the time, Fujitsu says, and since PulseWallet requires you to enter your phone number as a second degree of authentication, it hopes to raise that percentage to 100.

PalmSecure has been around since 2005, but it hasn’t found a home in many mass-market products aside from a few Fujitsu laptops. The technology has been adopted at scale, however, in countries like Italy and Brazil, where 35,000 ATMs use the technology to prevent fraud. But here in America, PalmSecure hasn’t caught on. Some hospitals use PalmSecure to identify patients, and some schools use it to help kids pay for lunch, but to Saricicek’s knowledge, nobody in America has ever tried it for mobile payments.

PulseWallet’s founders can’t explain why palm scanning hasn’t taken off quite like iris scanning and fingerprint reading in the US — especially considering the accuracy of PalmSecure and its half-second response time. PalmSecure is also less invasive than fingerprint scanning since it doesn’t require you to touch anything (though PulseWallet’s initial sign-up has you rest your hand on the terminal for accuracy). "I don’t want any laser being beamed into my eye, but it doesn’t bother me to put out my hand," says Saricicek. "Your hand is your account."

"I don’t want any laser being beamed into my eye ... Your hand is your account."

Saricicek’s challenge is developing a secure payments implementation of PalmSecure that any business can buy wholesale and drop on its cashiers' counters. This means PulseWallet needed register software to compete with Square and a cloud infrastructure to store user scans. It also needed the flexibility to work as both a reader hooked up to any standard POS, and as a full-fledged register. It’s a tough niche to fill in a world where businesses must generally choose between one POS and another.

The payments space might not be PulseWallet’s final destination. The company imagines a future where instead of using a card to open a hotel room, you simply flash your hand when you check in, then flash it again at your door. Payments is only its first try at popularizing palm-scanning in the US.

Palms in the cloud

When the NSA is very likely checking in on our emails and chats, do we really want our veins stored in the cloud too? PulseWallet stores encrypted user data on Amazon servers, as many startups do, but that won’t convince some consumers to flash their hands at every store clerk. "The hardest part was the security. It’s our top priority," says Saricicek, echoing the last words of many hacked startups. Every system is secure until it’s not, after all. Saricicek claims, however, that even if a hacker were to get his hands on user data, they wouldn’t be able to make any sense of it. "Nobody has a database of veins," he says.

"Biometric is the future," Saricicek insists. "Now we can unlock our phone with our fingerprint. We’re becoming lazier, and we demand convenience." PulseWallet is absolutely convenient — once you’ve set it up, of course — but solving for convenience isn’t the hardest part of the mobile payments puzzle. Establishing a reputation as an ultra-secure authentication platform is much more difficult, as is convincing retailers to adopt the technology when it isn’t outwardly anything but a gimmick.

"People underestimate the power of small businesses — it’s a huge market," he says. "I’d rather be in 1000 small businesses than in one big franchise, because that’s where Square hit it." Like Square, PulseWallet works with your credit cards, which should help with growth since it isn’t hoping to replace your entire wallet like Google Wallet — and if you set it up in one store, your hand works at any store that installs a terminal. After Apple brought fingerprint-scanning to the masses with TouchID, which lets anyone buy an app with the press of a finger, many companies like PulseWallet seem to have decided that the time is now for biometrics.

So the real question is, will enough businesses and consumers agree?

The Verge
Log In Sign Up

Log In Sign Up

Please choose a new Verge username and password

As part of the new Verge launch, prior users will need to choose a permanent username, along with a new password.

Your username will be used to login to Verge going forward.

I already have a Vox Media account!

Verify Vox Media account

Please login to your Vox Media account. This account will be linked to your previously existing Eater account.

Please choose a new Verge username and password

As part of the new Verge launch, prior MT authors will need to choose a new username and password.

Your username will be used to login to Verge going forward.

Forgot password?

We'll email you a reset link.

If you signed up using a 3rd party account like Facebook or Twitter, please login with it instead.

Forgot password?

Try another email?

Almost done,

By becoming a registered user, you are also agreeing to our Terms and confirming that you have read our Privacy Policy.



Choose an available username to complete sign up.

In order to provide our users with a better overall experience, we ask for more information from Facebook when using it to login so that we can learn more about our audience and provide you with the best possible experience. We do not store specific user data and the sharing of it is not required to login with Facebook.