A new computer security system uses the size and shape of your heart to let you log in instead of a password, fingerprint, or retinal scan.
“Logging-in and logging-out are tedious…”
The system uses low-level Doppler radar to measure your heart, and then continually monitors your heart to make sure no one else has stepped in to run your computer.
The inventors will present the work in October at the 23rd Annual International Conference on Mobile Computing and Communication (MobiCom) in Utah. The system is a safe and potentially more effective alternative to passwords and other biometric identifiers, they say. It may eventually be used for smartphones and at airport screening barricades.
“We would like to use it for every computer because everyone needs privacy,” says lead author Wenyao Xu, assistant professor in the computer science and engineering department in the University at Buffalo’s School of Engineering and Applied Sciences.
“Logging-in and logging-out are tedious,” he says.
The signal strength of the system’s radar “is much less than Wi-Fi,” and therefore does not pose any health threat, Xu says.
“We are living in a Wi-Fi surrounding environment every day, and the new system is as safe as those Wi-Fi devices,” he says. “The reader is about 5 milliwatts, even less than 1 percent of the radiation from our smartphones.”
The system needs about 8 seconds to scan a heart the first time, and thereafter the monitor can continuously recognize that heart.
For hospitals, full cybersecurity may be impossible
The system, which was three years in the making, uses the geometry of the heart, its shape and size, and how it moves to make an identification. “No two people with identical hearts have ever been found,” Xu says. And people’s hearts do not change shape, unless they suffer from serious heart disease, he says.
Heart-based biometrics systems have been used for almost a decade, primarily with electrodes measuring electrocardiogram signals, “but no one has done a non-contact remote device to characterize our hearts’ geometry traits for identification,” he says.
The new system has several advantages over current biometric tools, like fingerprints and retinal scans, Xu says. First, it is a passive, non-contact device, so users are not bothered with authenticating themselves whenever they log-in. And second, it monitors users constantly. This means the computer will not operate if a different person is in front of it. Therefore, people do not have to remember to log-off when away from their computers.
Use your body, not WiFi, to transmit secure passwords
Xu plans to miniaturize the system and have it installed onto the corners of computer keyboards. The system could also be used for user identification on cell phones. For airport identification, a device could monitor a person up to 30 meters away.
Additional authors are from the University at Buffalo and Texas Tech University.
Source: Grove Potter for University at Buffalo