Research News

Goodbye, login. Hello, heart scan.

The system uses low-level Doppler radar to measure your heart, and then continually monitors your heart to make sure no one else has stepped in to run your computer. Illustration: Bob Wilder, University at Buffalo

By GROVE POTTER

Forget fingerprint computer identification or retinal scanning. A UB-led team has developed a computer security system using the dimensions of your heart as your identifier.

The system uses low-level Doppler radar to measure your heart, and then continually monitors your heart to make sure no one else has stepped in to run your computer.

The technology is described in a paper the inventors will present at next month’s 23rd Annual International Conference on Mobile Computing and Communication (MobiCom). The system is a safe and potentially more effective alternative to passwords and other biometric identifiers, they say. It eventually may be used for smartphones and at airport screening barricades.

“We would like to use it for every computer because everyone needs privacy,” says Wenyao Xu, the study’s lead author and an assistant professor in the Department of Computer Science and Engineering, School of Engineering and Applied Sciences.

“Logging in and logging out are tedious,” he says.

The signal strength of the system’s radar “is much less than Wi-Fi,” and therefore does not pose any health threat, Xu explains.

“We are living in a Wi-Fi-surrounding environment every day, and the new system is as safe as those Wi-Fi devices,” he says. “The reader is about 5 milliwatts, even less than 1 percent of the radiation from our smartphones.”

The system needs about 8 seconds to scan a heart the first time, and thereafter the monitor can continuously recognize that heart.

The system, which was three years in the making, uses the geometry of the heart, its shape and size, and how it moves to make an identification. “No two people with identical hearts have ever been found,” Xu says, adding that people’s hearts do not change shape, unless they suffer from serious heart disease.

Heart-based biometrics systems have been used for almost a decade, primarily with electrodes measuring electrocardiogram signals, “but no one has done a non-contact remote device to characterize our hearts’ geometry traits for identification,” he says.

The new system has several advantages over current biometric tools, like fingerprints and retinal scans, Xu says. First, it is a passive, non-contact device, so users are not bothered with authenticating themselves whenever they log in. And second, it monitors users constantly. This means the computer will not operate if a different person is in front of it. Therefore, people do not have to remember to log off when away from their computers.

Xu plans to miniaturize the system and have it installed onto the corners of computer keyboards. The system also could be used for user identification on cell phones. For airport identification, a device could monitor a person up to 30 meters away.

Xu and collaborators will present the paper — “Cardiac Scan: A Non-contact and Continuous Heart-based User Authentication System” — at MobiCom, which is billed as the flagship conference in mobile computing. Organized by the Association for Computing Machinery, the conference will be held Oct. 16-20 in Snowbird, Utah.

Additional UB authors are Feng Lin, now an assistant professor at the University of Colorado Denver; Chen Song, a PhD student; Yan Zhuang, a master’s student; and Kui Ren, SUNY Empire Innovation Professor. Changzhi Li from Texas Tech University is also a co-author.

The research was supported, in part, by the National Science Foundation.