The new iPhone X offers features including animated emoji and a high price tag. When it comes to functionality, the new phone’s key feature might be its face ID security. But face ID may be on the road to obsolescence. A team led by researchers at the University of Buffalo has developed a system that employs low-level Doppler radar to measure and continually monitor your heart to make sure you are the one operating your computer. The researchers say potential applications range from smartphones to airport screening barricades.
The researchers will describe the technology in a paper titled “Cardiac Scan: A Non-contact and Continuous Heart-based User Authentication System” to be presented at the 23rd Annual International Conference on Mobile Computing and Communication (MobiCom 2017) October 16-20 in Snowbird, UT.
“We would like to use it for every computer because everyone needs privacy,” says Wenyao Xu, Ph.D., the study’s lead author and an assistant professor in the Department of Computer Science and Engineering in UB’s School of Engineering and Applied Sciences.
“Logging-in and logging-out are tedious,” he said, as reported by Grove Potter of the university’s news center.
The passive, noncontact system requires no specific user actions for authentication, and with continuous monitoring, should you take a break and forget to log off, no one can use your computer while you’re away.
According to Xu, the system poses no health threats. We are surrounded by devices emitting Wi-Fi signals every day, he says, adding that “…the new system is as safe as those Wi-Fi devices. The reader is about 5 mW, even less than 1% of the radiation from our smartphones.” Potter’s article doesn’t mention the operating frequencies, which presumably will be mentioned in the MobiCom paper.
Potter reports that heart-based biometric systems have been in use for nearly a decade but typically have required electrodes to measure electrocardiogram signals.
A word of caution—In their paper abstract, the researchers write that their system is “…based on geometric and non-volitional features of the cardiac motion. Cardiac motion is an automatic heart deformation caused by self-excitement of the cardiac muscle, which is unique to each user and is difficult (if not impossible) to counterfeit.” However, Potter reports, “For airport identification, a device could monitor a person up to 30 meters away.” That potentially seems to open the door for a malefactor to record your cardiac motion remotely for subsequent playback near your computer.
And on a lighter note, it seems unlikely the heart-based authentication system can replicate the iPhone X’s ability to generate animated emoji. That capability relies the phone’s face ID function to monitor users’ facial expressions.
