Start Date

16-8-2018 12:00 AM

Description

Authentication is the process of identifying and verifying a user in a secure system. The usability of the authentication system is important, as users will frequently trade away security for increased convenience (Weir 2009). A secure, yet, usable authentication system is needed for the electronic personal health record (PHR). In this research, we will provide opportunities for patients to practice using voice authentication to access their PHR. Our objective is to determine whether experience using voice authentication will positively influence (increase) intention to use voice authentication for PHR access. \ \ Voice biometrics use a person’s unique frequencies and patterns in their voice to authenticate the user’s identity. Users are enrolled in the system during which their distinctive voiceprint is captured. When users login to the system later, they say a random set of numbers generated by the system and the recording is compared to their enrolled voiceprint for text-dependent verification. As a different set of numbers are generated for each login, the voice cannot simply be recorded and replayed back. Users will also be educated on these security aspects of voice authentication. \ \ PHRs allow patients to access and manage their health information using a web-based application. Patient use of the PHR increases their engagement and in turn, improves their health outcomes. Currently, most PHRs are secured by passwords. Biometric authentication has become popular in other industries such as banking, but has yet to be used on a large scale in the healthcare industry. Biometrics, however, can be more secure than passwords as they cannot be easily shared or stolen. Secure passwords, with a mix of different characters and symbols, are complicated and difficult for a person to remember. Users often will write down, share, reuse, or just create easier passwords to help remember them, which compromises the security of their PHR. Using voice authentication, users will recite a set of numbers given to them without having to remember any passwords. \ \ We will perform an experiment over several months at a Midwestern medical center. Cardiology patients who have monthly visits will be randomly assigned to use password or voice authentication over the course of the experiment. Using the Unified Theory of Acceptance and Use of Technology (UTAUT), we will compare the patients’ behavioral intention to use voice authentication to password for PHR access. We will also assess patients using voice authentication perceived security of voice authentication before and after the experience and examine if it correlates with increased intention to use voice authentication. Our patient-centered design will benefit patients by potentially lowering the usability barrier to PHR access to potentially increase PHR use. Patients will also gain an improved understanding of the security of voice authentication. This study is supported by grant number HS HS022110-01A10 from the Agency for Healthcare Research and Quality. \

Share

COinS
 
Aug 16th, 12:00 AM

Evaluation of Voice Authentication for Patient Health Record Access

Authentication is the process of identifying and verifying a user in a secure system. The usability of the authentication system is important, as users will frequently trade away security for increased convenience (Weir 2009). A secure, yet, usable authentication system is needed for the electronic personal health record (PHR). In this research, we will provide opportunities for patients to practice using voice authentication to access their PHR. Our objective is to determine whether experience using voice authentication will positively influence (increase) intention to use voice authentication for PHR access. \ \ Voice biometrics use a person’s unique frequencies and patterns in their voice to authenticate the user’s identity. Users are enrolled in the system during which their distinctive voiceprint is captured. When users login to the system later, they say a random set of numbers generated by the system and the recording is compared to their enrolled voiceprint for text-dependent verification. As a different set of numbers are generated for each login, the voice cannot simply be recorded and replayed back. Users will also be educated on these security aspects of voice authentication. \ \ PHRs allow patients to access and manage their health information using a web-based application. Patient use of the PHR increases their engagement and in turn, improves their health outcomes. Currently, most PHRs are secured by passwords. Biometric authentication has become popular in other industries such as banking, but has yet to be used on a large scale in the healthcare industry. Biometrics, however, can be more secure than passwords as they cannot be easily shared or stolen. Secure passwords, with a mix of different characters and symbols, are complicated and difficult for a person to remember. Users often will write down, share, reuse, or just create easier passwords to help remember them, which compromises the security of their PHR. Using voice authentication, users will recite a set of numbers given to them without having to remember any passwords. \ \ We will perform an experiment over several months at a Midwestern medical center. Cardiology patients who have monthly visits will be randomly assigned to use password or voice authentication over the course of the experiment. Using the Unified Theory of Acceptance and Use of Technology (UTAUT), we will compare the patients’ behavioral intention to use voice authentication to password for PHR access. We will also assess patients using voice authentication perceived security of voice authentication before and after the experience and examine if it correlates with increased intention to use voice authentication. Our patient-centered design will benefit patients by potentially lowering the usability barrier to PHR access to potentially increase PHR use. Patients will also gain an improved understanding of the security of voice authentication. This study is supported by grant number HS HS022110-01A10 from the Agency for Healthcare Research and Quality. \