The Secure Enclave Strategy
Standard passwords are the weakest link in digital health. PillPassport implements a Zero-Knowledge Local Vault that replaces traditional logins with biometric hardware identity.
What is WebAuthn?
WebAuthn is the gold standard for passwordless security. It allows the browser to communicate directly with your device's Secure Enclave (FaceID, TouchID, or Windows Hello). When you "Unlock" your lab records, you aren't sending a password to us; your device is simply verifying your identity locally.
Zero-Knowledge Architecture
- Local Encryption: Your DICOM meshes and Rx history are encrypted before being saved to IndexedDB.
- No Master Key: We do not hold a "recovery key" for your data because we never had it.
- Offline First: The vault works entirely without an internet connection.
This ensures that even if our servers were hypothetically compromised, your medical history remains an unreadable black box—accessible only to your physical presence.