Heart Geometry: A New Continuous Biometric Authentication Method

Scenarios for continuous authentication: (a) An authenticated user is present, the system remains unlocked. (b) The authenticated user is leaving; the system is automatically blocked. (c) An intruder appears, the system remains locked. Green screen corresponds to the unlocked system, red - locked.

Recently, public and private companies have been in demand for more advanced computer information protection and user authentication systems. In particular, interest in continuous authentication systems has grown, when a computer constantly checks the authenticity of the person sitting in front of it. Systems of this type are much more efficient than the traditional one-or two-factor protection, because they do not allow an attacker to use a computer after the user has logged in there.

Existing continuous authentication systems have certain limitations. Some of them require the user to permanently confirm their identity. For example, you need to put your finger on the scanner or look at the eye at certain intervals to scan a finger or retina or enter a password every few tens of minutes. Of course, this to some extent solves the problem of continuous authentication, but not completely, and also very uncomfortable.

There are other suggestions for continuous authentication: for example, constantly monitor keyboard patterns, mouse movements and other behavioral characteristics, monitor faces in front of the monitor. Each of these methods has certain disadvantages. For example, the face recognition system in Windows 10 is easy to fool..

From the point of view of biometric authentication, checking by heart is a unique one. Unlike the finger, the heart is much more difficult to separate from the body of the victim, there is no possibility of such an easy fake, as in face recognition. It is difficult to hide from the system, and it is difficult for an attacker to recognize the characteristics of the carrier. In the end, every living person has a working heart, unlike the same fingers, and it is unique for every person. Therefore, it is even a bit strange that so far no biometric authentication systems have been created for the heart (if you do not take into account the ECG). Now there is one: it was developedat the University of Buffalo (USA). They are going to present a scientific article at the 23rd Annual International Conference on Mobile Computing and Communication (MobiCom), which will be held on October 16-20, 2017 in Utah, and now the article is published in the public domain ( mirror ). Heart structure and dynamics Someone may have doubts about the security of the system, which continuously irradiates the heart and reads the scan result. The developers say that there is nothing to fear in the world of ubiquitous WiFi radiation, here the radiation power is much lower: only 5 mW, that is, less than 1% of the radiation from our smartphones.






At the first scan, the scanner takes about 8 seconds to collect all the characteristics, and later it monitors in a continuous mode - and immediately reacts to a change of heart in front of the scanner. The sensor circuit of the Doppler radar, which is used for scanning, with adaptive power tuning and beam adjustment The development of the technology took three years, and in general it is a rather complicated and technological device. The recognition takes into account the geometry of the heart: its shape and size, as well as the dynamics of work, that is, heart rate. Human recognition by cardiogram is a decade-old technology, but no one has yet figured out the shape and size of the heart for authentication. This is the first technology of this kind.






“No two people with the same heart have been found in the world,” said Wenyao Xu, lead author of the research, PhD and assistant professor at the Department of Computer Science and Engineering at the School of Engineering and Applied Sciences of the University Buffalo He draws attention to the fact that the shape of a heart in an adult person never changes unless it is affected by some rare serious heart disease.


Experimental installation Scanner Now Xu is working on miniaturizing the device so that the scanner can be installed in the corner of a computer keyboard or in a smartphone.






In the future, states may think about compiling a database of the prints of the hearts of all citizens - it will make it possible to unmistakably recognize the identity of any person from a distance. Information can be recorded in the passport along with the rest of the biometric data. The Doppler scanner works by heart from a distance of 30 meters: very convenient for airports, checkpoints and similar checkpoints.