On Mar. 20, 2025, Rice University, electrical and computer engineer Kaiyuan Yang unveiled a first-of-its-kind authentication protocol for wireless, battery-free, ultraminiaturized implants that ensures these devices remain protected while still allowing emergency access.

Advanced wireless implantable technology could enable doctors to monitor patients’ health and adjust treatment remotely, making the need for on-site testing and treatment obsolete. But Yang warns that with this potential comes a serious risk: Hackers could intercept communications, steal passwords or send fake commands, threatening patient safety.

Known as magnetoelectric datagram transport layer security, or ME-DTLS, the protocol exploits a quirk of wireless power transfer, a technology that allows medical implants to be powered externally without a battery. Normally when the external power source ⎯ or in this case the external hub worn by the patient ⎯ moves slightly out of alignment, the amount of power the implant receives fluctuates.

For example, by coding short movements as a “1” and longer movements as a “0,” the protocol enables users to input a secure access pattern just by moving the external hub in a specific way. This pattern-based input acts like a second authentication factor, much like entering a PIN after using a password or drawing a pattern to unlock a phone. The overall user experience with the ME-DTLS two-factor authentication closely resembles the process of logging into bank accounts today. Users enter their login credentials, wait for an SMS with a temporary passcode then input this passcode to log in.

This innovation solves two major problems in medical cybersecurity. First, it protects against stolen passwords by requiring a physical confirmation step that cannot be faked remotely. Second, it ensures emergency responders can access the device without needing preshared credentials. Thus, if a patient is unconscious or unable to provide a password, the implant transmits a temporary authentication signal that can only be detected at close range.

The researchers tested the pattern input method with volunteers and found that it correctly recognized the patterns 98.72% of the time, proving their solution is both reliable and easy to use. The team also developed a rapid, low-power method for the implant to send data back out securely and effectively.

For patients, this could mean a future where their medical implants are both secure and accessible when it matters most, offering a simple, intuitive way to ensure that only the right people ⎯ whether a doctor, caregiver or emergency responder ⎯ can control the technology inside their bodies.