About Our Project
FIDO2, a recently evolved technology by FIDO Alliance is on its way to prove itself to be instrumental in Passwordless authentication frameworks. However, it can used for much more than just authentication.
- This project proposes a centralized system for medical record maintenance of everyone.
- We aim to have a partnership with various hospitals.
- It guarantees easy record maintenance and hence the patients will not have to go about the hospitals with an entire medical file.
Users
Hard Workers
Features
FIDO2 Smart Card for Medical record maintenance and Temporary Token Authentication for in-house hospital patients.
FIDO2 Supported Physical Security Key
Users willing to use this service can buy a FIDO2 supported physical security key with USB, NFC and BLE capabilities
User Portal
register on our website to generate a unique username and register the FIDO2 key along with it. The user portal contains the option to view and upload the medical reports.
Prevent Misguidance
It is to be noted that there is no way to delete already added reports. This is to prevent misguidance. There is also an option to register a temporary token for authentication. This temporary token would be just an NFC card which can be kept in the hospital files
Expiry Date for the NFC Card
The user must set an expiry date for the NFC card after which it will be automatically disabled. A hospital while admitting a patient can request the patient to register the smart card which can be kept in the hospital files so that the doctors can access the patient records and add new reports after medical tests.
Automatically Disable
The registered temporary tokens will be disabled on discharge from the hospital to prevent data misuse, and if not disabled manually, it will be automatically disabled when the stipulated time has passed.
Data Stored
The reports will be stored as uploaded by the hospital in pdf format. We are intentionally not enforcing any file format as some medical records need to be stored as PDF, while some like the medical scans are stored as DICOM or other formats.
Services
The website will have two versions and a developer API
User version
This has the option to view records, add records, register and remove temporary tokens and register new FIDO2 keys.
Hospital version
This has only the options to view and add records. The hospital will not be authorized to manage tokens and keys. It is to be noted that the hospital can login only with temporary tokens.
API for Medical equipments and wearables
We provide an API endpoint with which medical devices and softwares will be able to
directly upload the report against an user. It is to be noted that the medical
equipments
should preferably be interfaced with a NFC reader as the API endpoint authenticates
the
device with it only.
For developers: Download API documentation here Download
Tech Stacks
Technologies to be used
FIDO2 Specifications
This specification describes an application layer protocol for communication between an external authenticator and another client/platform. This protocol can be run over a variety of transport protocols using different physical media. This specification defines requirements for such transport protocols, but does not specify the details of how such transport layer connections should be set up.
Web NFC
The Web NFC API is a low-level API that provides sites the ability to read and write to nearby NFC (Near-Field Communication) devices. It allows starting up a scan that informs when an NFC tag has been tapped. It also provides a method to write a message via NFC.
Microsoft Azure
Microsoft Azure, formerly known as Windows Azure, is Microsoft's public cloud computing platform. It provides a range of cloud services, including compute, analytics, storage and networking. ... The Azure platform aims to help businesses manage challenges and meet their organizational goals.
HTML/CSS/JS
HTML provides the basic structure of sites, which is enhanced and modified by other technologies like CSS and JavaScript. CSS is used to control presentation, formatting, and layout. JavaScript is used to control the behavior of different elements.
Frequently Asked Questions
Questions you might have trouble with are
-
What if the user loses the FIDO2
key?
He/She/They can login via Email OTP to assign new FIDO2 key.
-
When the user is sick how can he
login?
Since FIDO2 is a Passwordless technology, the family members of the user can use the security key.
-
What are the system requirements for
the user?
Any android phone with Google Chrome 89+ and NFC reader.
-
TWhat are the system requirements for
the hospital?
Android device with Google Chrome 89+ and NFC reader. However, it is inconvenient for the hospital to use phone so any computer with NFC reader is supposed to work. Some laptops have NFC readers inbuilt, as well as USB NFC readers are available.
-
How will the reports be stored?
The reports will be stored as uploaded by the hospital in any file. We are intentionally not enforcing any file format as some medical records need to be stored as PDF, while some like the medical scans are stored as DICOM or other formats.