Papers

Topics

Authors

Recent

View all

Assistant

AI Research Assistant

Well-researched responses based on relevant abstracts and paper content.

Custom Instructions Pro

Preferences or requirements that you'd like Emergent Mind to consider when generating responses.

Gemini 2.5 Flash

Gemini 2.5 Flash 71 tok/s

Gemini 2.5 Pro 48 tok/s Pro

GPT-5 Medium 12 tok/s Pro

GPT-5 High 21 tok/s Pro

GPT-4o 81 tok/s Pro

Kimi K2 231 tok/s Pro

GPT OSS 120B 435 tok/s Pro

Claude Sonnet 4 33 tok/s Pro

2000 character limit reached

ECG Authentication: Biometric Security

Updated 28 September 2025

ECG-based authentication is a biometric method that exploits unique cardiac electrical signals for reliable identity verification and continuous liveness detection.
It employs advanced preprocessing, feature extraction (via DCT and Hermite expansions), and deep neural classifiers to achieve high identification accuracy.
Integrated solutions use edge computing and privacy-preserving techniques to ensure robust spoof resistance and scalability in IoT and healthcare applications.

Electrocardiogram (ECG)-based authentication is a biometric security paradigm that exploits the intrinsic uniqueness of human cardiac electrophysiology to enable individual identification and verification. The ECG, a time-series signal reflecting the heart’s electrical activity, offers appealing properties for biometric applications, including robustness to forgery, continuous liveness detection, and resilience to conventional synthetics. State-of-the-art ECG-based authentication encompasses classic statistical descriptors, advanced signal models, machine learning, deep neural architectures, hardware-optimized pipelines, and privacy-preserving modalities. The ensuing sections systematically delineate the key methodological advances, evaluation paradigms, system integrations, challenges, and future research directions in ECG authentication, as substantiated by recent literature.

1. Fundamental Principles and Motivation

ECG-based authentication leverages the inter- and intra-subject morphological variability and temporal dynamics of the cardiac cycle (Rabhi et al., 2013, Hussein et al., 2017). As a physiological biometric, the ECG encapsulates both genetically determined structural characteristics and dynamic physiological factors, establishing a unique “cardiac signature.” This modality is fundamentally distinct from behavioral biometrics (e.g., voice, keystroke) and morphological traits (e.g., fingerprint, iris) in several respects:

Liveness: Real-time measurement of cardiac activity inherently provides proof-of-life.
Resilience to Spoofing: Direct physical access to an individual's heart activity is challenging to simulate or fabricate, making ECG robust to synthetic attacks.
Continuous Authentication: The ECG enables seamless, unobtrusive authentication and re-authentication suited for IoT and healthcare scenarios (Smyth et al., 2021).

The domain encompasses both identification (multi-class: “Who is this?”) and verification (binary: “Is this person who they claim to be?”), with methods tailored for closed-set or open-set population scenarios (Dong et al., 25 Apr 2025).

2. Signal Preprocessing and Feature Representation

2.1. Preprocessing

Accurate ECG authentication presupposes robust preprocessing to mitigate noise (baseline drift, powerline interference), segment cardiac cycles, and normalize samples. Detection of fiducial points—particularly the R-peaks and QRS complex—is foundational (Rabhi et al., 2013, Ibtehaz et al., 2021). Typical pipelines include:

Isolating QRS: $Q = R-50\, \mathrm{ms}, S = R+100\, \mathrm{ms}$ at 360 Hz yields ~150 ms windows (Rabhi et al., 2013).
Beat segmentation with R-peak anchoring ensures consistent feature extraction (Kim et al., 2019, Ibtehaz et al., 2021).
Removal of pathological or anomalous segments via correlation or PCA filtering to retain high-fidelity biometric data (Samarin et al., 2019).

2.2. Feature Extraction

Two principal categories of features emerge:

Morphological Descriptors: Quantitative parameters capturing peaks, slopes, intervals, areas—e.g., maximum positive/negative peaks, QRS slope velocities, intervals from onset to peaks (Rabhi et al., 2013).
Functional Expansions and Transforms:
- Hermite Polynomial Expansion (HPE): Models the ECG as a weighted sum of Hermite basis functions, extracting up to 60 coefficients per beat. Hermite functions $H_n(t)$ are recursively defined, enabling high-fidelity, compressive representation (Rabhi et al., 2013).
- Discrete Cosine Transform (DCT): Efficiently concentrates energy into a few coefficients per RR interval, facilitating compact, real-time feature sets with high discriminability and computational efficiency (Hussein et al., 2017, Smyth et al., 2021).
ML/Neural Feature Embeddings: Deep CNNs (sometimes with GRU/LSTM or transformer modules) are increasingly employed for end-to-end feature extraction—often leveraging data-driven learning from raw or minimally preprocessed ECG segments (Ibtehaz et al., 2021, Wang et al., 9 Sep 2024, Rai et al., 21 Sep 2025).

3. Classification Algorithms and Decision Logic

3.1. Classic Statistical and Machine Learning Classifiers

Early pipelines utilize SVMs (often with Gaussian/RBF kernels), decision trees, or regression models trained on handcrafted features (Rabhi et al., 2013, Alkeem et al., 2019). Strategies include:

Classifying individual homogeneous feature groups (amplitude, interval, slope) and fusing them post hoc for hybrid systems, maximizing information diversity (Rabhi et al., 2013).
Employing binary SVM verification trained per user, cross-correlation with DCT-derived features, and similarity thresholding for access control (Hussein et al., 2017).

3.2. Deep Neural Architectures

Convolutional Networks: One-dimensional CNNs, possibly augmented by residual (ResNet-style) blocks, provide translation-invariance and local temporal feature learning (You et al., 16 Feb 2025).
Multi-resolution and Attention Mechanisms: Inception-like or MultiRes blocks, spatial pyramid pooling, and sequence-channel attention modules prioritize salient waveforms and channels (Ibtehaz et al., 2021, You et al., 16 Feb 2025).
Recurrent and Hybrid Models: Structures combining MobileNetV1 and GRU enable lightweight, time-dependent modeling suitable for wearables (Rai et al., 21 Sep 2025).
Transformer-based Models: Vision transformers (ViT) process ECG as 1D patch sequences. Attention matrices provide both accurate classification and segment-level interpretability (Wang et al., 11 Mar 2025).
Self-Supervised and Contrastive Learning: Unlabeled ECGs are paired positive/negative for contrastive loss, maximizing discriminability without explicit identity labels and enhancing generalizability to unseen users (Wang et al., 9 Sep 2024).
Siamese Networks for Verification: Learned similarity metrics (squared difference, product proximity) enable robust template matching and low equal error rates (Ibtehaz et al., 2021).

3.3. Template Matching and Cancelability

Cancelable frameworks rely on dynamic, random-key-based transformations (bioconvolving, MACE filters) that permit template revocation and enforce irreversibility, essential for privacy preservation (Chiu et al., 2022).

4. System Implementations and Performance

4.1. Embedded, Edge, and IoT Deployments

Resource-limited environments demand highly optimized pipelines:

Real-time authentication realized on Raspberry Pi 3 and ARM edge processors, leveraging DCT or quantized/pruned CNN architectures for sub-second authentication cycles (Hussein et al., 2017, Wang et al., 9 Sep 2024).
FPGA/SoC (e.g., Zynq) implementations combine ECG-PCA extraction with AES cryptographic blocks for integrated, energy-efficient, and low-latency (∼10 ms) platforms consuming <110 mW (Zhai et al., 2018).

4.2. Federated and Privacy-Preserving Frameworks

Federated learning distributes model training across wearables, protecting subject privacy while achieving high aggregate accuracy (Rai et al., 21 Sep 2025).
Information-theoretic key agreement protocols based on inter-pulse intervals establish ephemeral symmetries for node authentication within WBANs, securing intra-body sensor communication (Guglielmi et al., 2021).

4.3. Accuracy, Efficiency, and Robustness Metrics

Performance varies with system, population, and protocol:

Hybrid SVM plus Hermite descriptors achieve up to 98.97% identification (Rabhi et al., 2013).
DCT-based IoT systems report 97.78% in ∼1.21s (Hussein et al., 2017).
Deep learning models (MobileNetV1+GRU, self-supervised CNNs) routinely exceed 98–99% accuracy; equal error rates (EER) below 1% are common (Wang et al., 9 Sep 2024, Rai et al., 21 Sep 2025).
Cross-dataset generalization and robustness to adversarial attacks are active areas, with significant performance degradation when confronting strong adversarial perturbations (from 96.82% to <1%) (Rai et al., 21 Sep 2025).
Continuous authentication on wearables with dry electrodes ensures practical usability and sustained accuracy (BAR >95%) (Smyth et al., 2021).

A table summarizes representative performance:

Method/System	Dataset(s)	Accuracy (%)	EER (%)	Real-time/Edge Ready
SVM + Morphology + HPE (Rabhi et al., 2013)	MIT-BIH (18 healthy)	98.97	—	No
DCT (IoT) (Hussein et al., 2017)	15 real/MIT-BIH	97.78	—	Yes
MobileNetV1+GRU (Rai et al., 21 Sep 2025)	ECGID, MIT-BIH, PTB	98.49-99.34	≤0.001	Yes (Wearable)
Self-Supervised CNN (Wang et al., 9 Sep 2024)	PTB, MITDB, ECGIDDB	98.5-99.15	—	Yes (Edge, Quantized)
EDITH (CNN+Siamese) (Ibtehaz et al., 2021)	ECG-ID, MIT-BIH, PTB	96-100	1.29	Yes (Wearable)

(All values as reported in respective sources, sample sizes and protocols may vary)

5. Security, Privacy, and Cancelability

Liveness and Anti-Spoofing: ECG inherently detects life signs, substantially reducing attack surfaces compared to fingerprints or face (Rabhi et al., 2013).
Template Revocation: Systems with cancelable templates (random-key based transformations) allow rapid invalidation in the event of compromise (Chiu et al., 2022).
Privacy Protection: Key agreement frameworks ensure no long-term storage of biometric data is needed for sensor-to-sensor authentication; CLIP-style cross-modal alignment further enables secure, efficient, and privacy-respecting distillation of discriminative knowledge from ECG to auxiliary biometric modalities (e.g., PPG) (Wei et al., 30 Dec 2024, Guglielmi et al., 2021).
Explainability: Transformer-based models allocate and expose attention to specific ECG segments (e.g., R-wave, P-R interval, QRS complex), facilitating targeted privacy interventions and regulatory compliance (Wang et al., 11 Mar 2025).
Open-set Security: Advanced methods employ self-constraint center learning and irrelevant sample repulsion to maintain low false acceptance rates (<5.4%) even as unseen identities are introduced (Dong et al., 25 Apr 2025).

6. Systemic Challenges and Future Directions

Despite significant progress, critical open problems remain:

Cross-Recording and Temporal Stability: Authentication accuracy deteriorates over extended intervals or in cross-session scenarios due to physiological drift and measurement variability. For example, EER increases from 2.4% to 9.7% after four months (Samarin et al., 2019).
Adversarial Robustness: Deep learning models are susceptible to adversarial perturbations—accuracy can plummet under FGSM attacks unless explicitly hardened (Rai et al., 21 Sep 2025).
Scalability and Population Diversity: Many studies are limited by relatively small or homogeneous subject pools, raising questions about generalizability.
Real-Time and Embedded Constraints: Model quantization and pruning can maintain ∼98% accuracy while reducing computation by >60% (e.g., INT8 quantized CNNs) (Wang et al., 9 Sep 2024), but further optimizations are required as device capabilities and security requirements escalate.
Template Update and Aging: Addressing template drift through periodic re-enroLLMent or template update strategies is necessary for longevity and practical deployment (Samarin et al., 2019).
Multimodal Fusion: Integrating ECG with complementary biometrics (e.g., PPG, facial) via cross-modal distillation or CLIP-based alignment further enhances accuracy and spoof resistance (Wei et al., 30 Dec 2024).

7. Application Scenarios and System Integration

ECG authentication is poised for deployment in diverse security-critical environments:

Health and Connected Systems: Secure patient monitoring, device access, and health data transmission in telemedicine, enabled by fast, low-power, hardware-accelerated pipelines (Zhai et al., 2018).
IoT and Wearable Devices: Continuous or on-demand user authentication in consumer wearables, leveraging edge-optimized deep networks and federated learning (Wang et al., 9 Sep 2024, Smyth et al., 2021, Rai et al., 21 Sep 2025).
Critical Access Control: Military, banking, or enterprise entry systems benefit from the low falsification rate and unique liveness property (Chiu et al., 2022, Dong et al., 25 Apr 2025).
Data Sharing and Privacy Management: Attention-based interpretability and selective obfuscation of high-importance ECG regions support regulatory-compliant, privacy-aware data sharing (Wang et al., 11 Mar 2025).

In sum, ECG-based authentication uniquely capitalizes on the physiological distinctiveness and dynamic liveness of the heart’s electrical activity, offering robust, explainable, and increasingly efficient solutions for biometric security. Continuous methodological innovation in feature learning, privacy, robustness, and real-world adaptation continues to define research trajectories in this domain.