Arizona State University researchers have developed a method to use health measurement signals to generate user-specific keys, with the biometric data then used to protect and access a patient's health records.The researchers have developed a protocol that provides a secure communication channel by encrypting a patient's medical data using their unique electrocardiogram (ECG) and photoplethysmogram (PPG) signals.The researchers have proposed that cloud-based electronic health records should only be accessed with the patient's most recent ECG and PPG signals.The project is led by Dr. Sandeep Gupta, associate professor, at the School of Computing, Informatics, and Decision Systems Engineering and his postdoctoral research assistant Dr. Ayan Banerjee.The protocol can be used with a smartphone, or a sensor with Wi-Fi or mobile capabilities that communicates directly with the cloud.Once a secure channel has been established, the model's parameters are continuously updated with the patient's physiological information and rekeying is automatic. Should there be a significant change in a patient's ECG or PPG signals (e.g. after heart surgery), the new physiological information can be updated through a doctor's authorized account.On 13 March, Britain's Halifax bank announced that it created a proof of concept with the Nymi Band that could authenticate users of its mobile banking app with heartbeats.Also in late March, Irish startup B-secure said it has developed an algorithm which uses your heartbeat as a way of identifying and authenticating, and will commercialise its first product this year. Like the ECG-reading wearable band developed by Toroto-based Nymi, the B-secure product could potentially have applications across several industries. These include online authentication (banking, services, network log on); building access; car access and car starting (automotive); employee authentication (building access and construction; medical authentication and security.