Securing Mobile Healthcare Data: A Smart Card Based Cancelable Finger-Vein Bio-Cryptosystem

Most existing biometric systems designed for healthcare applications only use biometrics for authentication/access control without considering its other function—data encryption. In this paper, we propose a cancelable finger-vein-based bio-cryptosystem, which not only can provide authentication but also can encrypt sensitive healthcare data through a biometric cryptographic technique, fuzzy commitment scheme (FCS). The proposed bio-cryptosystem stores both the encrypted version of healthcare data and the biometric template on a smart card for the reason that it is safer if the biometric data never leaves the card. The employment of the cancelable biometrics further enhances the system security. The experimental results and security analysis show the validity of the proposed scheme.