Logging into digital systems may soon feel very different. Instead of typing passwords or using eye scans, a new technology could identify you based on tiny vibrations inside your head.
Researchers led by Rutgers University have developed a system called VitalID that uses signals from your breathing and heartbeat as a unique form of identification.
The study, presented at the ACM Conference on Computer and Communications Security, introduces a new type of biometric that could be especially useful in virtual and augmented reality environments.
As virtual reality, augmented reality, and mixed reality—together known as extended reality (XR)—become more common, security is becoming a bigger concern.
These systems are no longer just for gaming.
People are beginning to use them for work, education, healthcare, and even financial services. This means they often contain sensitive personal data.
However, traditional login methods do not work well in immersive environments. Typing a password using hand gestures can be slow and awkward. Extra steps like two-factor authentication can interrupt the experience, while advanced systems like iris scanning require additional hardware and cost.
VitalID offers a different approach. It works by detecting extremely small vibrations inside the body. Even when a person is sitting still, their body is constantly moving in tiny ways. Each breath and each heartbeat creates subtle vibrations that travel through the neck and into the skull.
Because every person’s skull has a slightly different shape, thickness, and structure, these vibrations change as they move through the head. Soft tissues such as muscles and fat also affect how the signals travel. As a result, each person produces a unique vibration pattern.
Modern XR headsets already contain motion sensors that are sensitive enough to pick up these tiny signals. The VitalID system uses software to analyze the patterns and confirm the user’s identity. No extra devices are needed.
In testing with 52 users over a period of 10 months, the system showed strong performance. It correctly identified authorized users more than 95% of the time and successfully rejected unauthorized users more than 98% of the time.
To make the system reliable, the researchers developed a way to filter out noise from normal movements, such as turning the head or shifting position. This allows the software to focus only on the specific vibration signals caused by breathing and heartbeats.
One advantage of this method is that it may be harder to fake. While someone might copy another person’s breathing pattern, it would be extremely difficult to mimic the physical structure of their skull and tissues, which shape the vibrations.
If developed further, this technology could allow users to log into systems automatically and continuously without even noticing it. It could make accessing sensitive information in virtual environments both easier and more secure.
The research team has already filed a patent application, suggesting that this unusual but promising idea could play a role in the future of digital security.
