A new computer security system uses heart’s dimension to identify the user, monitoring the use to ensure safety. The new study moves one step forward, taking over retinal scanning and fingerprint identification.

The new developed system exploits low-level Doppler radar to measure the dimension of the user’s heart, and the monitors it during the use to ensure that nobody else took the place of the user.

The technology underpinning the new system will be presented in October 2017 in Utah, at the 23rd Annual International Conference on Mobile Computing and Communication (MobiCom). The new system is regarded as safe, holding a potential to be more effective to the classic password-based systems and the more recent biometric identifiers. The authors identified potential usefulness in its incorporation in smartphones, for daily uses, and airport screening barricades, for more specific controls.

“We would like to use it for every computer because everyone needs privacy,” explained the lead author Dr Wenyao Xu, assistant professor in the Department of Computer Science and Engineering in UB’s School of Engineering and Applied Sciences. “Logging-in and logging-out are tedious,” he added.

The signal used to measure the dimension of the heart and monitor is not to be considered harmful, as its strength “is much less than Wi-Fi,” Xu observed.

“We are living in a Wi-Fi surrounding environment every day, and the new system is as safe as those Wi-Fi devices,” he added. “The reader is about 5 milliwatts, even less than 1 percent of the radiation from our smartphones.”

The turning on time for the new system is as low as 8 seconds for the first scan, with then a constant ongoing measurement of the heart.

The new system was developed in three years and exploits shape, size, geometry and movements of the heart to identify and associate the user. Security comes from the fact that “no two people with identical hearts have ever been found” Xu explained, adding that “people’s hearts do not change shape, unless they suffer from serious heart disease”.

There is been a large use of bio-metrics systems based on hearts beats and frequencies, mostly through the use of electrodes to measure electrocardiogram signal, “but no one has done a non-contact remote device to characterize our hearts’ geometry traits for identification,” Dr Xu explained.

Several differences, which can be considered advantages, can be noted in the heart-based system when compared to the traditional security bio metric tools like retinal scans and fingerprints. First of all, the monitoring scan activates automatically, not requiring a user to actively log in, simplifying the process and reducing the efforts. On the other hand, when leaving the computer, the constantly monitoring system will notice if another person takes the place of the owner, automatically logging off and, consequently, ensuring security.

Dr Xu is now working to miniaturise the system in order to install in onto the corners of the computer and laptop keyboards. A miniaturised version would also allow the installation of the systems on smartphones while a full size system installed in airport could allow the identification of people from up to 30 metres away.

The study will be presented at the MobiCom conference held between the 16th and the 20th of October in Snowbird, Utah, in a paper called “Cardiac Scan: A Non-contact and Continuous Heart-based User Authentication System”.

The co-authors that cooperated with Dr Xu are: Dr Feng Ling, from the UB Department of Computer Science and Engineering now assistant professor at the University of Colorado Denver; Chen Song, a PhD student; Yan Zhuang, a master’s student; Dr Kui Ren, a SUNY Empire Innovation Professor; Dr Changzhi Li, and from Texas Tech University.

Written by: Pietro Paolo Frigenti

Journal Reference: Lin, F.; Song,C.; Zhuang, Y; W. Xu, C. Li, K. Ren, “Cardiac Scan: A Non-Contact and Continuous Heart-Based Authentication System”, in ACM MobiCom, Utah, USA, Oct. 2017