Your Heartbeat Can Give Away Your Identity, Like a Fingerprint
Our heartbeats differ just enough to tell us apart, but they also give away potentially sensitive information
--
Heartbeats, like our fingerprints and faces, are unique. The distinctive waveforms generated by a heart’s expansions and contractions differ just enough from person to person that they can be used to tell us apart. That means heartbeats could serve as a biometric — a unique physiological characteristic that can be used to identify a person. Some scientists think a heartbeat could be a better identifier than the fingerprints we use to unlock phones today.
Startups today make unobtrusive heart monitors that can detect drowsiness behind the wheel of a car or offer perpetual user authentication in high-security manufacturing facilities. These monitors could eventually replace fingerprint scanners on smartphones, or the key fobs we use to enter office buildings.
“As a security researcher, absolutely, I would pick ECG over fingerprint scanners or basically anything else that we use at the moment,” Simon Eberz, a research associate with the University of Oxford’s department of computer science, tells OneZero.
But authentication via heartbeat comes with its own unique privacy concerns, not least of which is that a heartbeat is a window into someone’s emotional state and health status. The potential misuse of a biometric that’s hidden inside us and that provides data every second is hard to ignore.
Heartbeats offer continuous authentication. Whereas we enter passwords or scan our fingers once to access secure applications, a heartbeat could effectively send out a password every second.
Using a heartbeat to identify someone is relatively simple. A heartbeat is regulated by cells that send out regular pulses of electricity telling the heart muscles to expand and contract, pumping blood throughout the body. Those bursts of electricity create a waveform that can be measured by an electrocardiogram (ECG).