Secure and Mobile Biometric Authentication for Electronic Health Record Management
First Claim
1. A method for a portable EHR enabled device to perform biometric authentication of a user, comprising:
- a) storing a first decryption key;
b) wirelessly receiving a first encrypted message from an EHR database server, said EHR database server storing said user health record;
c) decrypting said first encrypted message using said first decryption key, said first decrypted message including a request to perform a biometric authentication to approve a transaction;
d) prompting said user to speak a pass phrase and storing said spoken voice of said user;
e) creating a plurality of variables, said plurality of variables are obtained by analyzing said stored spoken voice and include said pass phrase and at least one more variable characterizing said spoken voice,f) encrypting a second message using a second encryption key, said second message including a session identification information and said plurality of variables;
g) wirelessly transmitting said second encrypted message to said EHR database server, wherein said EHR database server analyzing said plurality of variables to determine the identity of said user and to determine whether said biometric authentication is successful and said transaction is approved.
0 Assignments
0 Petitions
Accused Products
Abstract
A portable device receives an encrypted message from an electronic health record database server including a request to perform a biometric authentication to approve a transaction. The device prompts a user to speak a pass phrase. The device creates a set of variables including the pass phrase and at least one more variable characterizing the spoken voice. The authentication module transmits an encrypted message to the health record database server including a session identification information and the set of variables. In response, the device receives an encrypted message from the health record database server determining whether the biometric authentication is successful and the transaction is approved, wherein determination is made by the health record database server and is based on verifying the session identification information, the pass phrase, and the user identity.
28 Citations
20 Claims
-
1. A method for a portable EHR enabled device to perform biometric authentication of a user, comprising:
-
a) storing a first decryption key; b) wirelessly receiving a first encrypted message from an EHR database server, said EHR database server storing said user health record; c) decrypting said first encrypted message using said first decryption key, said first decrypted message including a request to perform a biometric authentication to approve a transaction; d) prompting said user to speak a pass phrase and storing said spoken voice of said user; e) creating a plurality of variables, said plurality of variables are obtained by analyzing said stored spoken voice and include said pass phrase and at least one more variable characterizing said spoken voice, f) encrypting a second message using a second encryption key, said second message including a session identification information and said plurality of variables; g) wirelessly transmitting said second encrypted message to said EHR database server, wherein said EHR database server analyzing said plurality of variables to determine the identity of said user and to determine whether said biometric authentication is successful and said transaction is approved. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A portable EHR enabled device comprising:
-
a) a memory configured to store a first decryption key; b) a wireless receiver module configured to receive a first encrypted message from an EHR database server, said EHR database server storing a user health record; c) a decryption module configured to decrypt said first encrypted message using said first decryption key, said first decrypted message including a request to perform a biometric authentication to approve a transaction; and d) an authentication module configured to; i) prompt said user to speak a pass phrase and storing said spoken voice of said user; ii) create a plurality of variables, said plurality of variables are obtained by analyzing said stored spoken voice and include said pass phrase and at least one more variable characterizing said spoken voice, iii) encrypt a second message using a second encryption key, said second message including a session identification information and said plurality of variables; iv) transmit said second encrypted message to said EHR database server, wherein said EHR database server analyzing said plurality of variables to determine the identity of said user, and to determine whether said biometric authentication is successful and said transaction is approved. - View Dependent Claims (15, 16, 17)
-
-
18. A method for an EHR database server to perform biometric authentication of a user, comprising:
-
a) storing a first encryption key; b) encrypting a first message using said first encryption key, said first encrypted message including a request to perform a biometric authentication to approve a transaction; c) transmitting said first encrypted message to a portable EHR enabled device, wherein said portable EHR enabled device prompts said user to speak a pass phrase; d) receiving a second encrypted message from said portable EHR enabled device, and decrypting said second message using a second decryption key, said second message including a session identification information and a plurality of variables, said plurality of variables include said pass phrase and at least one more variable characterizing said spoken voice of said user; e) analyzing said plurality of variables to determine the identity of said user; and f) determining whether said biometric authentication is successful and said transaction is approved. - View Dependent Claims (19, 20)
-
Specification