• Researchers have devised a way to break a person’s heartbeat into characteristics often used to describe music.
  • The music of the heartbeat is unique to every individual and can help identify people who have trouble authenticating with traditional biometric systems.
  • Experts aren’t convinced about the real-world use of the research, pointing to implementation hassles and privacy issues.

Two people sitting together, one looking at the other's heart and heartbeat on a tablet computer.

Soon you might not just be able to hear your heart sing, but also use the melody to uniquely identify you.

Spanish and Iranian researchers have proposed using the heartbeat as a biometric tool by recording its musical features, such as rhythm, and pitch, to uniquely identify people. In tests, the system managed to achieve a 99.6 percent accuracy rate.

“We might use this solution in a building’s access control system where pre-registered users provide a template (a short ECG recording) to enter the facilities,” write the researchers in their paper illustrating a use-case for their heartbeat-based biometric system.

Inside Out

The researchers admit that research on cardiac and even brain signals as effective biometric identifiers isn’t unique. However, identification based on certain unique characteristics of the heartbeat hasn’t been attempted before.

To facilitate this, the researchers analyzed five music qualities from a person’s electrocardiogram (ECG) recordings: the dynamics, rhythm, timbre, pitch, and tonality. 

A heart beat patterns show on the screen of a laptop.

Dynamics determine how loud or soft the sounds are, while rhythm measures the long and short movement of the sound, explain the researchers in the paper. Similarly, timbre is a specific quality that a particular instrument or voice has, pitch classifies sounds depending on their vibration frequency, and tonality is linked with the idea that musical compositions are organized around a central note.

When combined, these characteristics reveal a musical pattern that’s unique to each person, claim the researchers.

One of the biggest advantages of the research is the pervasive application of the proposed ECG-based biometric identification. Despite the widespread use of traditional biometrics such as fingerprints and retina scans, they still fail to recognize differently-abled people and those with injuries or health conditions such as diabetes. 

“Universality [of our research] is guaranteed since everyone alive has a beating heart, and we can record their electrocardiogram. Besides, the signal is available for its recording at any time,” note the researchers in the paper.

Implementation Hassles

The researchers are aware that before their work can be put to use in the real world, it needs further testing to iron out any kinks.

This feels intrusive–many people would pause before allowing their ECG data to be shared.

The one issue they note is the impact of age on the heartbeat. "As humans age, our heart signal changes slightly over the years, and we might consider that ECG records are not valid for biometrics due to their permanence," acknowledge the researchers, adding that due to this, the heartbeat biometrics will need to be updated every five years, at least. 

Willy Leichter, CMO at cybersecurity company LogicHub, thinks of the biometric authentication model presented in the research as a voice recognition system for heartbeats. 

"While this makes sense and the accuracy can probably be improved beyond the current unacceptable 96% range, it's unclear what advantage this has over voice recognition or other behavioral models," Leichter told Lifewire over email.

Furthermore, Leichter's also skeptical about the real-world application of the research. Expressing his concern, he pointed out that biometrics aren't often held back by their rate of accuracy, rather by how intrusive they feel to people. "This feels intrusive–many people would pause before allowing their ECG data to be shared," said Leichter.

The researchers, however, are confident that portable devices like the Apple Watch or the Withings Move ECG, whose ECG traces are medically validated, have acclimatized people to non-invasive ECG recorders. They suggest the system can be offered as an authentication app, and users can record their signals by simply touching the smart ECG-equipped watch with their other hand.

Leichter's still not entirely convinced. "Over the last 20 years, we have seen a wide range of experimental biometric solutions, from fingerprints to retinal scans, facial recognition, and various behavioral models," shared Leichter. "The weak link isn't usually the specific biometric, but how it's implemented, and how vendors balance privacy with identification."

Source