Cardiac Scan: Continuous Computer User Authentication


Continuous computer user authentication is achieved using DC-coupled continuous-wave radar images of the user's unique cardiac motion signature.



Continuous authentication improves upon one-pass validation by continuously verifying over the lifetime of a session that the system is operated by the same user as at initial login. It can prevent access by adversaries when the legitimate user is away or overwhelmed. Governments and private companies increasingly demand more secure authentication, because of credential compromises due to weak cryptographic mechanisms (hacking, password theft, etc.) and user carelessness.


Technology Overview:

University at Buffalo researchers have developed Cardiac Scan, a continuous authentication system based on geometric and non-volitional features of cardiac motion, which is unique to each user and is difficult (if not impossible) to counterfeit. Cardiac Scan features intrinsic liveness detection, unobtrusiveness, cost-effectiveness, and high usability. The prototype utilizes a remote, high resolution cardiac motion sensing system based on the smart DC coupled continuous-wave radar.  A pilot study with 78 subjects evaluated accuracy, authentication time, permanence, evaluation in complex conditions, and vulnerability. Specifically, Cardiac Scan achieves 98.61% balanced accuracy (BAC) and 4.42% equal error rate (EER) in a real-world setup.








•       Continuous authentication

•       Unobtrusive

•       Cost effective



Computer user authentication.


Intellectual Property Summary:

US Patent Application 16/572, 588 filed 9/16/2019


Stage of Development:

•       Prototype tested in 78 subject study.


Licensing Status:

Available for Licensing.


Patent Information:
For Information, Contact:
Jeffrey Dunbar
University at Buffalo
716 645-8134
Wenyao Xu
Changzhi Li (non-UB)
© 2020. All Rights Reserved. Powered by Inteum