You thought your fingerprint is the only feature unique to you? Well, it is not. Your heartbeat is unique to you too, and more so is your iris. Scientists at BinghamtonUniversity in New York have developed a way of using a person’s heartbeat as a password for personal health data encryption and decryption.
Electrocardiograph (ECG) is the process of recording the electrical activity of a heart over a period of time using electrodes placed on the skin. If not in real life, all of us would have seen ECGs in movies pulsating on a digital screen.
Researchers are proposing to replace static encryption keys which are highly fallible, with the unique pattern of an ECG to secure a person’s data.
The classical encryption techniques are expensive, time-consuming and computing intensive. They are good enough for powerful computers like desktops, but IoT and smart devices don’t have the processing power for such complex calculations making them unable to support encryption. Thus the smart devices may end up exposing data due to lack of encryption.
How is your heartbeat unique to you? Having the same structure, don’t all hearts beat alike? What would you do in a case when you are nervous and have a faster heartbeat? The heartbeat is a reliable biometric because it is based on the size and shape of your heart and the orientation of the valves. It stays the same unless you have something major like a cardiac arrest. When nervous, your heartbeat can become fast, but electrically it looks the same. What matters is the shape of the signal, which is not altered by the speed.
The best characteristic that makes the ECG-based solution most viable for smart healthcare devices is the simpler implementation details. As soon as the heartbeat is acquired through a very simple biosensor attached to the skin, personal files of the patient can be immediately encrypted and managed via a central healthcare server. This will prevent any intruder from acquiring the data of the patient. Instead of going through extensive logs, a doctor can simply press the sensor to a patient’s skin for a few seconds and immediately access patient records.
ECG is the foremost parameter used in analyzing patient heath. Until now it was used only in clinical diagnosis. Using the same ECG data and transmitting it to the electronic health records, “security and privacy can be enhanced while minimum cost will be added,” said Zhanpeng Jin, assistant professor in the Department of Electrical and Computer Engineering at the Thomas J. Watson School of Engineering and Applied Science at Binghamton University.
The heartbeat biometric system is only being introduced for e-health systems, in the research titled “A Robust and Reusable ECG-based Authentication and Data Encryption Scheme for eHealth Systems.” Some questions, however, remain. What happens when the person dies? Or what if the ECG pattern is leaked online, and unlike text patterns, the ECG can not be changed. Not to mention age, illness and injury can cause the pattern to change too. Researchers have not yet answered the questions to these.