Patent registered for heart rhythms as biometric ID; researchers work on security
Japanese researchers say they have registered for a United States patent on using electrocardiogram waveforms as a biometric identifier, but at almost the same time, a South Korea-U.S. research team is warning that “incautious” ECG system design can leak personal data.
The Korean and U.S. scientists have written a paper explaining an ECG authentication method that they say preserves privacy.
Patent registration is the first of many steps inventors take to protect their intellectual property. A patent award, if one is made, occurs many months or years after registration.
Simplex Quantum has completed its patent registration (11,500,975 B2) to protect a way to accurately authenticate a person’s electrocardiogram biometrics. Simplex Quantum worked with the Public University Corp. of the University of Aizu.
(The company raised 550 million yen (US$4 million) in a series A round December 5. Simplex Holdings, Technology Ventures No. 5 and Itochu Corp. made the investment.)
Simplex Quantum previously had registered a U.S. patent for an algorithm that spotted the heart-failure stage using ECG waveforms.
This fall, the journal Security and Communication Networks published work by scientists from Korea University; the University of California, Berkeley; and Kwangwoon University noting security vulnerabilities in using the data for authentication and proposing a solution.
They propose using a genetic algorithm that classifies points of privacy sensitivity – suggesting age, gender and heart disease – and other ECG-related points that are not privacy-sensitive. The latter, according to the paper, can be used with “high accuracy” without divulging identifiers.
In fact, the researchers say their method is at least 85 percent accurate.