System and method for biometric heartrate authentication

What is claimed is: 1. A method, comprising: capturing, by a plurality of heartrate monitoring devices, real-time heartrate information for a plurality of clients of a service provider; building, by a server in response to receiving the real-time heartrate information from the plurality of heartrate monitoring devices, a heartrate profile for each client, the heartrate profile comprising, for each client, a baseline heartrate and a plurality of exertion variances, each exertion variance associated with one of a plurality of modes of client transportation, each exertion variance comprising a range of heartrate values and a recovery period for the client associated with the corresponding mode of client transportation, the recovery period corresponding to an amount of time for a client heartrate having the respective exertion variance to return to the associated baseline heartrate following the client engaging in the corresponding mode of client transportation; receiving, by the server from a transaction terminal, a request to authenticate access to an account maintained by the service provider, the request comprising a token and a heartrate of a cardholder issuing the request, wherein the heartrate of the cardholder is captured by at least one of the plurality of heartrate monitoring devices; retrieving, by the server, the heartrate profile for a first client associated with the account, the first client one of the plurality of clients; retrieving, by the server, an activity profile for the first client associated with the account, the activity profile comprising location information over time for the first client; determining, for the cardholder by a machine learning (ML) model executing on the server, a first mode of client transportation of the plurality of modes of client transportation and that the first client is within the recovery period corresponding to the first mode of client transportation, wherein the ML model is trained based on training data comprising location data and heartrate data for a plurality of users; determining, by the ML model based on the determined first mode of client transportation, the range of heartrate values of a first exertion variance of the plurality of exertion variances corresponding to the first mode of client transportation based on the heartrate profile of the first client; based on the determination that the first client is within the recovery period corresponding to the first mode of client transportation, the determined range of heartrate values of the first exertion variance, and the determined recovery period of the first exertion variance applied to the baseline heartrate of the heartrate profile of the first client, determining, by the ML model, an expected range of heartrate values for the first client; determining, by the ML model, that the heartrate of the cardholder is not within the expected range of heartrate values for the first client; rejecting, by the server, the requested access to the account based on the determination that the heartrate of the cardholder is not within the expected range of heartrate values for the first client; and rejecting, by the server, a transaction for the account based on the rejection of the requested access to the account by the cardholder. 2. The method of claim 1 , wherein the server rejects the transaction as being fraudulent, wherein each exertion variance is associated with a change in heartrate over a corresponding baseline heartrate for a corresponding mode of transportation, wherein the plurality of heartrate monitoring devices include: (i) one or more smart watches, and (ii) one or more wearable fitness trackers. 3. The method of claim 2 , wherein the activity profile of the first client comprises a plurality of location information related to a location of the first client during a corresponding plurality of time intervals. 4. The method of claim 3 , wherein the mode of transportation includes walking, driving, biking, standing, running or a combination thereof. 5. The method of claim 4 , further comprising: requesting, by the server based on rejecting the requested authentication, additional authentication from the first client; receiving, by the server, the additional authentication from the first client; authenticating, by the server, the requested access to the account based on the additional authentication; and processing, by the server, the transaction for the account based on the authentication. 6. The method of claim 5 , further comprising: denying access to the cardholder by the server in response to a determination that the heartrate of the cardholder is outside the expected range of heartrate values for the first client. 7. The method of claim 1 , further comprising: analyzing, by the server, the location information to determine variations in a rate of travel of the cardholder; attributing, by the server, a plurality of modes of transportation to the cardholder in response to the variations in the rate of travel; and associating, by the server, the range of heartrate values of the exertion variance with the corresponding mode of travel. 8. The method of claim 7 , wherein the token is provided by a card or a transmitting device, and wherein the token is presented to the transaction terminal by one of insertion of the card, swiping of the card, or by network communication with the transmitting device. 9. A system, comprising: a processor; and a memory storing instructions which when executed by the processor cause the processor to perform the steps of: capturing, by a plurality of heartrate monitoring devices, real-time heartrate information for a plurality of clients of a service provider; building, by a server in response to the captured real-time heartrate information, a heartrate profile for each client, the heartrate profile comprising, for each client, a baseline heartrate and a plurality of exertion variances, each exertion variance associated with one of a plurality of modes of client transportation, each exertion variance comprising a range of heartrate values and a recovery period for the client associated with the corresponding mode of client transportation, the recovery period corresponding to an amount of time for a client heartrate having the respective exertion variance to return to the associated baseline heartrate following the client engaging in the corresponding mode of client transportation; receiving, by the server from a transaction terminal, a request to authenticate access to an account maintained by the service provider, the request comprising a token and a heartrate of a cardholder issuing the request, wherein the heartrate of the cardholder is captured by at least one of the plurality of heartrate monitoring devices; retrieving, by the server, the heartrate profile for a first client associated with the account, the first client one of the plurality of clients; retrieving, by the server, an activity profile for the first client associated with the account, the activity profile comprising location information over time for the first client; determining, for the cardholder by a machine learning (ML) model executing on the server, a first mode of client transportation of the plurality of modes of client transportation and that the first client is within the recovery period corresponding to the first mode of client transportation, wherein the ML model is trained based on training data comprising location data and heartrate data for a plurality of users; determining, by the ML model based on the determined first mode of client transportation, the range of heartrate values of a first exertion variance of the plurality of exertion variances corresponding to the first mode of client transpo