Texas Tech researcher elaborates on ‘cardiac password’ project

Oct. 6, 2017

I recently reported on the work of a team including Wenyao Xu, an assistant professor at the University of Buffalo, to use heart monitoring as a form of continuous authentication for computer users. Now, team member Changzhi Li, a researcher in the Department of Electrical and Computer Engineering at Texas Tech University, elaborates on what he calls the “cardiac password” project.

“Computer systems may require me to log-in information every certain number of minutes or may require some kind of biometrics where I have to use my fingerprints every few minutes or, if we exaggerate, every few seconds,” said Li. “But this is not convenient. So the usability is very low and also, itself, has some security threats inside. Even if it asks every minute or two minutes, someone could still come in and use the computer when the user temporarily leaves the computer.”

Texas Tech reports that Li and Xu’s collaborative project is backed by a $205,418 grant from the National Science Foundation to develop high-sensitivity detectors to determine the uniqueness of a person’s heartbeat waveform and, if feasible, to perfect the reliability, performance, accuracy, and security of this type of continuous authentication.

Li said the first year of the project will focus on the hardware side of the research, building high-sensitivity detectors. Subsequent efforts will focus on signal processing to increase the intelligence of the system.

The technology could eventually be used to facilitate hands-free cellphone use, allowing a driver, for example, to access a phone’s GPS without having to use a fingerprint scanner or type a password.

“What we’re hoping is after three years, we will know the feasibility and, if it is feasible, we will know the accuracy and reliability,” Li said. “After three years, perhaps, we will think about how to move further—for example, into commercialization. But I believe that will be after three years.”

Li concluded, “It really comes down to two questions—how can you really authenticate, and how can you perform continuous authentication?”

About the Author

Rick Nelson | Contributing Editor

Rick is currently Contributing Technical Editor. He was Executive Editor for EE in 2011-2018. Previously he served on several publications, including EDN and Vision Systems Design, and has received awards for signed editorials from the American Society of Business Publication Editors. He began as a design engineer at General Electric and Litton Industries and earned a BSEE degree from Penn State.