ECG Authentication for Mobile Devices

Traditional mobile login methods, like numerical or graphical passwords, are vulnerable to passive attacks. It is common for intruders to gain access to personal information of their victims by watching them enter their passwords into their mobile screens from a close proximity. With this in mind, a mobile biometric authentication algorithm based on electrocardiogram (ECG) is proposed. With this algorithm, the user will only need to touch two ECG electrodes (lead I) of the mobile device to gain access. The algorithm was tested with a cell phone case heart monitor in a controlled laboratory experiment at different times and conditions with ten subjects and also with 73 records obtained from the Physionet database. The obtained results reveal that our algorithm has 1.41% false acceptance rate and 81.82% true acceptance rate with 4 s of signal acquisition. To the best of our knowledge, this is the first approach on mobile authentication that uses ECG biometric signals and it shows a promising future for this technology. Nonetheless, further improvements are still needed to optimize accuracy while maintaining a short acquisition time for authentication.