FIDO2 Smart Card for Medical record maintenance

and Temporary Token Authentication for in-house hospital patients

Get Started

About Our Project

FIDO2, a recently evolved technology by FIDO Alliance is on its way to prove itself to be instrumental in Passwordless authentication frameworks. However, it can used for much more than just authentication.

  • This project proposes a centralized system for medical record maintenance of everyone.
  • We aim to have a partnership with various hospitals.
  • It guarantees easy record maintenance and hence the patients will not have to go about the hospitals with an entire medical file.

Users

Hard Workers

Features

FIDO2 Smart Card for Medical record maintenance and Temporary Token Authentication for in-house hospital patients.

FIDO2 Supported Physical Security Key

Users willing to use this service can buy a FIDO2 supported physical security key with USB, NFC and BLE capabilities

User Portal

register on our website to generate a unique username and register the FIDO2 key along with it. The user portal contains the option to view and upload the medical reports.

Prevent Misguidance

It is to be noted that there is no way to delete already added reports. This is to prevent misguidance. There is also an option to register a temporary token for authentication. This temporary token would be just an NFC card which can be kept in the hospital files

Expiry Date for the NFC Card

The user must set an expiry date for the NFC card after which it will be automatically disabled. A hospital while admitting a patient can request the patient to register the smart card which can be kept in the hospital files so that the doctors can access the patient records and add new reports after medical tests.

Automatically Disable

The registered temporary tokens will be disabled on discharge from the hospital to prevent data misuse, and if not disabled manually, it will be automatically disabled when the stipulated time has passed.

Data Stored

The reports will be stored as uploaded by the hospital in pdf format. We are intentionally not enforcing any file format as some medical records need to be stored as PDF, while some like the medical scans are stored as DICOM or other formats.

Services

The website will have two versions and a developer API

User version

This has the option to view records, add records, register and remove temporary tokens and register new FIDO2 keys.

Hospital version

This has only the options to view and add records. The hospital will not be authorized to manage tokens and keys. It is to be noted that the hospital can login only with temporary tokens.

API for Medical equipments and wearables

We provide an API endpoint with which medical devices and softwares will be able to directly upload the report against an user. It is to be noted that the medical equipments should preferably be interfaced with a NFC reader as the API endpoint authenticates the device with it only.
For developers: Download API documentation here Download

Tech Stacks

Technologies to be used

FIDO2 Specifications

This specification describes an application layer protocol for communication between an external authenticator and another client/platform. This protocol can be run over a variety of transport protocols using different physical media. This specification defines requirements for such transport protocols, but does not specify the details of how such transport layer connections should be set up.

Web NFC

The Web NFC API is a low-level API that provides sites the ability to read and write to nearby NFC (Near-Field Communication) devices. It allows starting up a scan that informs when an NFC tag has been tapped. It also provides a method to write a message via NFC.

Microsoft Azure

Microsoft Azure, formerly known as Windows Azure, is Microsoft's public cloud computing platform. It provides a range of cloud services, including compute, analytics, storage and networking. ... The Azure platform aims to help businesses manage challenges and meet their organizational goals.

HTML/CSS/JS

HTML provides the basic structure of sites, which is enhanced and modified by other technologies like CSS and JavaScript. CSS is used to control presentation, formatting, and layout. JavaScript is used to control the behavior of different elements.

Frequently Asked Questions

Questions you might have trouble with are