Boffins take biometric logins to heart, literally: Cardiac radar IDs users to unlock their PCs

2026, when a change of heart will mean a pretty bad day

The next form of biometric identification may be a heart scan.

A group of computer scientists have proposed a system called Cardiac Scan, which uses a cheap and cheerful Doppler radar to wirelessly map out the dimensions of your beating heart. They say your old ticker's shape and pulsations are unique, and therefore useful for identifying you, authenticating access, unlocking devices, and so on.

Wenyao Xu, the lead author of a paper on the technique, said on Monday: "No two people with identical hearts have ever been found. And people's hearts do not change shape, unless they suffer from serious heart disease.”

To test their radar design, the team conducted a study of 78 people. Their technology scored a 98.61 per cent balanced accuracy with an equal error rate of 4.42 per cent. Test subjects had to sit completely still in a chair in front of the sensor hardware a metre away during the trials. Random body movements and noise can affect the accuracy of the system. It can fail to work when the signals from “large body movements” cause circuit saturation.

Crucially, it only works properly when the heart is beating, so you can't steal it from a person, or otherwise kill them, and still use the God-given blood pump to authenticate the victim.

The researchers will present their paper at Mobicom, the International Conference on Mobile Computing and Networking, next month in Utah, US.

During cardiac motion, the heart’s atria and ventricles cycle through stages of contraction and relaxation to circulate oxygen-rich blood around the body. Since no two people have the same heart, the exact changes in size and position will be distinct to an individual.

All UK police forces use Tetra

Cops' use of biometric images 'gone far beyond custody purposes'


“Moreover, since cardiac motion is intrinsically connected to multiple biological functions, it is extremely difficult to counterfeit or to be hidden for a living individual,” the paper stated.

Cardiac Scan was developed over three years, we're told. Its Doppler radar takes about eight seconds to complete a scan for the first time; the system then, fingers crossed, later recognizes the heart from this data. The sensor works at a frequency of 2.4GHz, a bandwidth of 5kHz, and a sample frequency of 40Hz. Wi-Fi and Bluetooth signals use the same frequency band but do not disrupt with the system, we're told.

"Though Wi-Fi and Bluetooth also work at 2.4GHz, our cardiac motion signal will not be interfered by them," the paper stated.

"This is because the motion information to be detected is only a few Hertz, which means the received signal and the transmitted signal are only separated by a few Hertz, while other signals from potential interferes (e.g., WiFi, Bluetooth) have a much higher frequency separation and are easily rejected by the baseband signal. In another word, the transmitted signal and the received signal are “coherent”, whereas other signals are not coherent with the transmitted signal."


Xu, who is an assistant professor at the University of Buffalo in the US, said the team “would like to use it for every computer because everybody needs privacy,” and envisions that the heart scan would replace current methods used to log in and out of networks and gadgets.

It has several advantages over fingerprint, retinal scanning and facial recognition systems, the team reckoned. It doesn’t require direct contact, and it monitors users constantly. If the system detects a different person standing in front of the computer screen, the PC will not operate.

The signal strength of the Doppler radar “is much less than Wi-Fi”, and does not pose any health hazards, Xu insisted. "We are living in a Wi-Fi surrounding environment every day, and the new system is as safe as those Wi-Fi devices," he said.

The researchers hope to miniaturize Cardiac Scan so it can be installed onto the corners of keyboards, as well as mobile phones or even airport scanners. ®

Other stories you might like

  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading
  • Big Tech loves talking up privacy – while trying to kill privacy legislation
    Study claims Amazon, Apple, Google, Meta, Microsoft work to derail data rules

    Amazon, Apple, Google, Meta, and Microsoft often support privacy in public statements, but behind the scenes they've been working through some common organizations to weaken or kill privacy legislation in US states.

    That's according to a report this week from news non-profit The Markup, which said the corporations hire lobbyists from the same few groups and law firms to defang or drown state privacy bills.

    The report examined 31 states when state legislatures were considering privacy legislation and identified 445 lobbyists and lobbying firms working on behalf of Amazon, Apple, Google, Meta, and Microsoft, along with industry groups like TechNet and the State Privacy and Security Coalition.

    Continue reading
  • SEC probes Musk for not properly disclosing Twitter stake
    Meanwhile, social network's board rejects resignation of one its directors

    America's financial watchdog is investigating whether Elon Musk adequately disclosed his purchase of Twitter shares last month, just as his bid to take over the social media company hangs in the balance. 

    A letter [PDF] from the SEC addressed to the tech billionaire said he "[did] not appear" to have filed the proper form detailing his 9.2 percent stake in Twitter "required 10 days from the date of acquisition," and asked him to provide more information. Musk's shares made him one of Twitter's largest shareholders. The letter is dated April 4, and was shared this week by the regulator.

    Musk quickly moved to try and buy the whole company outright in a deal initially worth over $44 billion. Musk sold a chunk of his shares in Tesla worth $8.4 billion and bagged another $7.14 billion from investors to help finance the $21 billion he promised to put forward for the deal. The remaining $25.5 billion bill was secured via debt financing by Morgan Stanley, Bank of America, Barclays, and others. But the takeover is not going smoothly.

    Continue reading

Biting the hand that feeds IT © 1998–2022