Your Heartbeat May Be Your New Passcode

"No two people with identical hearts have ever been found" - Wenyao Xu, assistant professor, UB Department of Computer Science and Engineering

Leah Zitter
Read +
Follow Us

Biometrics is as old as 100 B.C., when Chinese emperor Ts’in left his fingerprint on important prehistoric artifacts. Jump forward to the 1800s, when Alphonse Bertillon took fingerprints of crime suspects to pop them into jail. Police in the UK, France, and New York launched their fingerprint units in 1901 and 1902, and the FBi slapped fingers of criminals in ink in 1924.

Over the years, scientists developed various biometric devices to tighten security. These measures protect personal documents like a passport or contracts, withdraw money, and make entering private premises easier and safer. The most common and cheapest biometrics are fingerprints; where you swipe your fingertips on your laptop, chromebook, or smartphone to unlock the screen. No need to remember your pin or password. The sensor recognizes the whorls, forks and ridge endings on your fingertip and lets you through. (Each fingerprint contains up to ninty unique points. Police need to only use a dozen or so to identify one identical twin from another).

There are three types of fingerprint scanners to identify our identities: Capacitive, ultrasound, and optical. Capacitive fingerprint scanners measure electrical signals that came from the swirly ridges on our fingertips. Your laptops and smartphones have these scanners. Some newer smartphones have ultrasound fingerprint scanners that measure the sound waves that ricochet against our fingertips. Optical fingerprint scanners photograph and scan our fingertips to verify our identities. You’ll find these scanners on heavily secured doors, like the NORC in the University of Chicago where I worked, which collected research for some highly secretive organizations and searched NORC workers before they left or entered the premises .

A less frequent option is the palm or handprint reader, terrific for quick identification purposes in dusty or dirty conditions, which is why it’s often used at construction sites. Third, there’s the iris with its unique patterns that rarely change over the course of our lives. The blood vessels in the whites of your eyes are as unique as the tips of your fingers. Retina scanners flash light into eyeballs, snap a photograph of your eyes, and verify your identity. The technique, however, is costly.

Facial recognition is another biometric that snaps a photo of your face and matches it to verify your identity when required. More sophisticated facial recognition scanners - like Apple’s FaceID - use thermal imagery. These are namely heat rays to uncover the face behind all that face paint or cosmetics. Finally, there's the good old fashioned signing on the dotted line of contracts and papers. Pressure points, pace, and pattern all make up the specific identity of our signature.

The Problem

Fingerprint devices work except when a person suffers severe burns, hacks the finger, or someone takes a Silly Putty mold print of your finger and uses that to forge your identity. The form of a person's hand changes over time, which creates a problem with the hand reader. Aside from which, hands get sweaty or dirty which distorts the image. Hackers can usurp your identity by taking high-quality photos of face or eyes and pasting wet contact lens over the eyes to mimic how the light reflects on a real eye.

Think that biometrics protects your phone? Cellebrite, the company that helped the FBI hack the San Bernardino bomber’s iPhone 5C, penetrated IPhones 4S, 5, 5C, 6, and 6 Plus with much tighter security! Top security researcher Gal Beniamini even helps you penetrate smartphones powered by Qualcomm Snapdragon processors. He gives you step-by-step instructions, with images and codes to ease your way.

In general, it takes a lot of work and remarkable geekiness to hack biometrics. It’s not kiddie stuff. But it’s possible to do so.

That’s Where Your Heart Comes In...

Researchers at the University of Buffalo (UB) have developed a new biometric tool that scans yoru heart to unlock your phone or log onto your computer. The system uses a low-level Doppler radar to identify the shape and size of your heart. It needs eight seconds to record the movements of your heartbeat, and then continuously monitors your presence. The heart sensor may eventually be used at airport screening gates to monitor a person up to 30 meters away. The UB researchers claim the system poses no health risks as the radar system uses very little power.

You have a unique heartbeat and that could be very useful to secure technology
You have a unique heartbeat and that could be very useful to secure technology

“We are living in a Wi-Fi surrounding environment every day, and the new system is as safe as those Wi-Fi devices,” Wenyao Xu, assistant professor in the Department of Computer Science and Engineering in UB's School of Engineering told students at the University. “The reader is about five milliwatts, even less than one percent of the radiation from our smartphones.”

The system, which was three years in the making, is a passive non-contact device so people don’t have to spend time swiping their fingertips or posing for a photograph to authenticate themselves. Second, the device monitors users constantly, which means the computer or phone switches off if someone else uses it. Sometimes, users forget to log off from their computers. With heart biometrics, the device logs off automatically. There’s just one problem.

Say I had a heart attack, so my heart changes from its regular appearance, which means my phone locks me out, so I can't dial 911 for help. Say, medics can’t resuscitate me. All is right with God and the world. Police in the United States have a solution.

They've taken to unlocking phones with fingerprints from corpses.