Skip to main content

Heartbeat Could Someday Be Used to Replace the Password

If computers can be secured simply by using a touchpad and your fingertip, why can't our heartbeats be used as a password? After all, the technology to quickly determine a pulse by touch is already in use by hospitals, doctors offices and even the local gym which picks up on a heartbeat via the wrist or the palm. Who needs the whole face and voice recognition combo when users could simply touch their laptop to gain access without typing in a password?

New Scientist reports that Chun-Liang Lin at the National Chung Hsing University in Taichung, Taiwan, and colleagues have created an encryption system that uses the end-user's heartbeat. According to the team, our heartbeats follow an irregular pattern that typically never repeats, and is unique to everyone. Using an electrocardiograph (ECG or EKG, depending on the doc or tech), they extracted the unique mathematical features underlying this unique pattern and generated a secret key as part of an encryption scheme.

In research that will be published in the upcoming issue of Information Sciences, Lin said that the encryption scheme is based on the mathematics of chaos theory, in which small changes to initial conditions lead to different outcomes. Using this scheme means users won't get the same key twice. As an example, the work's proof of concept takes the user's EKG reading from each palm once, and then generates and stores a key based on that particular reading which is used for all later decryption.

Unfortunately, consumers with pacemakers may not be able to use this technology. Pacemakers can be adjusted to work all the time, some of the time, or very little at all, depending on the patient's level of need. For those who depend solely on a pacemaker to keep the heart working, there typically isn't an irregular pattern, as the heartbeat is perfectly paced by the quarter-sized implant. Those who aren't 100-percent dependent may have a better chance, especially patients who have a pacemaker that kicks in only when the heart goes into an irregular pattern.

Ultimately the goal of this new system is to embed the technology into external hard drives and other devices that can be encrypted and decrypted by the user simply by touching them.