I haven't read the article in depth but the summary sounds highly dubious to me, having interpreted thousands of ECGs over my career as a doctor.
The sad fact is that ECGs often change markedly over time, for a variety of reasons. Most commonly, simply subtly different placement of the electrodes may give a different picture. Heart/lung surgery will inevitably cause an alteration of the ECG. Arrthymias (commonly atrial fibrillation, which 1 in 5 will get at some point) dramatically alters the ECG, and there are a multitude of other less common arrthymias that will do the same. And yes, a heart attack will also do it, most commonly altering the ST segment (bit between the 2nd and 3rd squiggle), or the T wave (3rd squiggle). The shape of the ECG complexes can also be altered markedly by something as minor as high or low plasma potassium level, so if you eat a whole bunch (pun intended) of bananas you might be screwed for biometric access to your device. Perhaps bananas are a bad example as you have to eat a LOT to dramatically alter potassium level, but my point is that food and particularly medications like diuretics could have a significant impact on your ECG.
In terms of faking your ECG (i.e faking your biometrics), simulation mannequins are used extensively in medical training now. You wouldn't believe how life-like these massively expensive mannequins can be, and that extends to actually providing a completely realistic ECG when the electrodes are applied to the mannequin. For example in a simulation session I can make the mannequin appear to have whatever heart rhythm I want (eg. atrial fibrillation, ventricular fibrillation, heart attack etc etc) at the tap of an iPad button. I would have thought it pretty easy to provide a fake ECG for biometric authentication purposes as well if you have access to the person's original ECG, using the same technology which is already in common use.
I reckon you're better off with the rectal print authentication as previously suggested, it sounds like a less s**t method.