Computer scientists at Dartmouth College, New Hampshire have developed a device that can ascertain your identity by measuring your bioimpedance— or, less euphemistically, how fat you are.

The device, developed by Cory Cornelius and friends, takes the form of a bracelet with eight electrodes on the inside. Two of these electrodes are used to pass a weak alternating current through your wrist, while the other six electrodes work in unison to measure how your bioimpedance affects the current. Your bones, muscle, fat, and blood vessels all interfere with the flow of electricity, generating a unique bioelectrical signature.

The purpose of the device is to act as a passive authenticator — you wear the bracelet 24/7 (perhaps in the form of a wristwatch), and it would then communicate to other devices that you are you. Instead of keying in a password on your smartphone, it might instead simply query the bracelet to confirm that it’s you holding the phone, and not someone else. Likewise, when you sit down in front of a computer, the bracelet could automatically authenticate you. You’ll have to visit the sysadmin’s office when you go on a diet, but that’s a small price to pay for convenience.

Cornelius and co have another use in mind, though: securing medical devices. Medical devices — monitors, pacemakers, insulin pumps — are becoming increasingly high-tech, with many of them using wireless communication links. These can massively increase a patient’s quality of life — but, as is usually the case with emergent technologies, these devices are very insecure. Last year, a hacker detailed how he could break into a wireless insulin pump and deliver a killer dose of insulin.

Another use-case is the modernization of patient tracking in hospitals, and mHealth (mobile health). At the moment, it’s down to nurses and doctors to keep track of you and your records/charts. With a biometric bracelet, nearby monitoring devices could automatically upload your data to a central server. Instead of paper charts, digital charts could be displayed on a tablet held by the doctor — the doctor would swipe the tablet over the bracelet, and your records would magically download.

Cory Cornelius presented his biometric bracelet at HealthSec 2012 [research paper link], one of the many security conferences that occur in July and August. If you haven’t checked out this year’s Black Hat and DEF CON hacks, I recommend you start with the unkillable Rakshasa virus, and the hacker who gained access to 4 million hotel rooms with just an Arduino.