Secure and mobile biometric authentication for electronic health record management
First Claim
1. A method employing a portable Electronic Health Record (EHR) enabled device to perform biometric authentication of a user, comprising:
- a) storing a first decryption key on said portable EHR enabled device;
b) receiving a request at an EHR database server from an office system, said EHR database server comprising an EHR database, said EHR database comprising a user health record;
c) wirelessly communicating a first encrypted message from said EHR database server to said portable EHR enabled device in response to said requestd) decrypting said first encrypted message on the portable EHR enabled device using said first decryption key, said first decrypted message including a request to perform a biometric authentication to approve a transaction between said EHR database server and an EHR Database client;
e) said portable EHR enabled device prompting said user to speak a pass phrase and storing said spoken voice of said user;
f) said portable EHR enabled device creating a plurality of variables, said plurality of variables are obtained by analyzing said stored spoken voice and include said pass phrase and at least one more variable characterizing said spoken voice,g) said portable EHR enabled device encrypting a second message using a second encryption key, said second message including a session identification information and said plurality of variables;
h) said portable EHR enabled device wirelessly transmitting said second encrypted message to said EHR database server; and
i) said EHR database server analyzing said plurality of variables to determine the identity of said user and to determine whether said biometric authentication is successful and said transaction is approved.
0 Assignments
0 Petitions
Accused Products
Abstract
A portable device receives an encrypted message from an electronic health record database server including a request to perform a biometric authentication to approve a transaction. The device prompts a user to speak a pass phrase. The device creates a set of variables including the pass phrase and at least one more variable characterizing the spoken voice. The authentication module transmits an encrypted message to the health record database server including a session identification information and the set of variables. In response, the device receives an encrypted message from the health record database server determining whether the biometric authentication is successful and the transaction is approved, wherein determination is made by the health record database server and is based on verifying the session identification information, the pass phrase, and the user identity.
11 Citations
9 Claims
-
1. A method employing a portable Electronic Health Record (EHR) enabled device to perform biometric authentication of a user, comprising:
-
a) storing a first decryption key on said portable EHR enabled device; b) receiving a request at an EHR database server from an office system, said EHR database server comprising an EHR database, said EHR database comprising a user health record; c) wirelessly communicating a first encrypted message from said EHR database server to said portable EHR enabled device in response to said request d) decrypting said first encrypted message on the portable EHR enabled device using said first decryption key, said first decrypted message including a request to perform a biometric authentication to approve a transaction between said EHR database server and an EHR Database client; e) said portable EHR enabled device prompting said user to speak a pass phrase and storing said spoken voice of said user; f) said portable EHR enabled device creating a plurality of variables, said plurality of variables are obtained by analyzing said stored spoken voice and include said pass phrase and at least one more variable characterizing said spoken voice, g) said portable EHR enabled device encrypting a second message using a second encryption key, said second message including a session identification information and said plurality of variables; h) said portable EHR enabled device wirelessly transmitting said second encrypted message to said EHR database server; and i) said EHR database server analyzing said plurality of variables to determine the identity of said user and to determine whether said biometric authentication is successful and said transaction is approved. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A portable Electronic Health Record (EHR) enabled device comprising:
-
a processor; a non-transitory memory having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations comprising; a) storing a first decryption key; b) receiving a first encrypted message from an EHR database server, said EHR database server storing a user health record in an EHR database, said first encrypted message transmitted by said EHR database server in response to a request from an office system; c) decrypting said first encrypted message using said first decryption key, said first decrypted message including a request to perform a biometric authentication to approve a transaction between said EHR database server and an EHR Database client; d) prompting said user to speak a pass phrase and storing said spoken voice of said user; e) creating a plurality of variables, said plurality of variables are obtained by analyzing said stored spoken voice and include said pass phrase and at least one more variable characterizing said spoken voice; f) encrypting a second message using a second encryption key, said second message including a session identification information and said plurality of variables; g) transmitting said second encrypted message to said EHR database server; and h) receiving a determination from said EHR database server of whether said biometric authentication is successful and said transaction is approved. - View Dependent Claims (8, 9)
-
Specification