Publication Search

62,838 articles from 503 journals · 1,579 citations tracked

Showing 1-20 of 40

Analytics

Muhammad Arifin Ilham; Dody Herdiana; M.Agreindra Helmiawan; Asep Saeppani

Router : Jurnal Teknik Informatika dan Terapan 2025 Asosiasi Profesi Telekomunikasi dan Informatika Indonesia

While TLS 1.3 is the latest standard, TLS 1.2 remains widely implemented in many cloud infrastructures. The selection of cipher suites in TLS 1.2, particularly between AES-128-GCM and AES-256-GCM, presents a trade-off between cryptographic strength and system performance. This research aims to analyze the performance comparison of these two algorithms on an Nginx server to determine the optimal configuration for cloud storage services. The study uses a quantitative experimental method by benchmarking two scenarios: (A) Strict (AES-256-GCM), and (B) Balanced (AES-128-GCM). Performance metrics measured include Requests Per Second (RPS), Latency, and Throughput. The results show that handshake performance (RPS and Latency) is nearly identical across all scenarios. However, in large file transfer tests, the AES-128-GCM algorithm (Scenario B) achieved a throughput of 32.4 MB/s, which is 12.5% faster than AES-256-GCM (28.8 MB/s). This study concludes that AES-128-GCM provides the best balance of security and efficiency for data-intensive environments.

Saka Shofa'il Asroor

Presidensial : Jurnal Hukum, Administrasi Negara, dan Kebijakan Publik 2025 Asosiasi Peneliti dan Pengajar Ilmu Hukum Indonesia

Over the past 20 years, developments in digital technology have led to the emergence of financial innovation in the form of cryptocurrencies, with Bitcoin being the main pioneer. Bitcoin is a decentralized, blockchain-based electronic payment system that is not controlled by a single financial institution. Although its presence facilitates quick and straightforward cross-border transactions, it also raises ethical and legal issues, especially when taking into account Islamic law, which strongly emphasizes justice, certainty, and the welfare of society. This paper aims to investigate the usage of Bitcoin in modern economic transactions from the standpoint of Islamic and international law. This study investigates Islamic legal sources, the views of Islamic scholars, fatwas (religious decrees), and international laws and regulations pertaining to cryptocurrency assets using a qualitative, normative-empirical methodology. The results show that, although opinions among scholars differ, the usage of Bitcoin is subject to ijtihadiyah (Islamic ijtihad) in Islamic law. Some reject it because of its great volatility and speculative potential, while others allow it as long as it provides advantages and does not include riba, gharar, or maysir (the risks associated with gambling). In terms of international law, Bitcoin is typically seen as a digital asset that has to be closely watched in order to preserve economic stability and deter financial crime. Therefore, balanced legislation is required to guarantee that the usage of Bitcoin is in line with the principles of sharia maqasid and global economic fairness.

Hanung Yudanto Kusuma; Rifqi Bayu Apriyo; Fergiana Putra Pratama

Proceeding of the International Conference on Management, Entrepreneurship, and Business 2025 Asosiasi Riset Ilmu Manajemen Kewirausahaan dan Bisnis Indonesia

The rise of financial technology (fintech) has significantly reshaped global investment over the last decade. Fintech innovations are increasingly applied in areas such as digital investment platforms, robo-advisors, blockchain-based assets, and cryptocurrency trading. The adoption of fintech in investment continues to grow due to the rising demand for accessibility, transparency, and efficiency in financial markets. Fintech has the potential to democratize investment by lowering entry barriers, expanding financial inclusion, and offering diverse investment instruments for retail investors. Therefore, research on fintech and investment has become an essential topic in recent years. This study uses a qualitative approach with data obtained from the Scopus database, which includes a total of 4,794 articles on fintech and investment published in the last decade (2020–2025). In addition, several software tools such as R Studio, VOSViewer, and Publish or Perish were used for data processing and bibliometric visualization. This study aims to analyze the development of research trends in fintech-driven investment, explore how technology is changing investor behavior, and provide insights for policymakers and practitioners in strengthening a sustainable and inclusive investment ecosystem.

Hilmi Satria Himawan; Verra Rizki Amelia; Anggun Permata Husda; Rahayu Alkam

Jurnal Publikasi Ekonomi dan Akuntansi 2025 Asosiasi Riset Ekonomi dan Akuntansi Indonesia

The interval between 2018 and 2025 represents a defining epoch in financial assurance, characterized by a systemic collision between traditional audit methodologies and the exponential sophistication of fraudulent actors. This research employs a comprehensive library research methodology, utilizing Systematic Literature Review (SLR) to evaluate the evolving landscape of audit and fraud. The study traces the theoretical migration from Cressey’s Fraud Triangle to multidimensional frameworks like the Fraud Pentagon, which emphasizes the roles of arrogance and competence. Through a forensic examination of catastrophic audit failures including Wirecard, FTX, and the emerging risks of crypto-assets, the research identifies recurring patterns of auditor failure in assessing operational risks and internal controls. Furthermore, the report analyzes the dual-edged impact of Artificial Intelligence (AI); while machine learning algorithms offer enhanced detection capabilities, the rise of Generative AI (GenAI) and deepfake technology has empowered perpetrators to execute sophisticated "synthetic reality" frauds. The study critically evaluates regulatory responses, particularly the revision of International Standard on Auditing (ISA) 240, which mandates a more proactive "fraud lens." The findings suggest that the auditing profession faces an existential crisis of relevance, necessitating a fundamental shift toward a forensic mindset supported by advanced technological integration.

Maulani Rizqi; Intan Nadilah; Ahmadil Hamdi; Nikken Prima Puspita; I Gede Adhitya Wisnu Wardhana

Pemberdayaan Masyarakat: Jurnal Aksi Sosial 2025 Lembaga Pengembangan Kinerja Dosen

This community service activity aims to increase the understanding of students at State Senior High School 2 Mataram regarding information security by introducing the concepts of coding and cryptography in digital messages. The rapid use of messaging applications among teenagers makes students increasingly vulnerable to cyber threats, necessitating education on how data protection works in online communication. This program is implemented using a descriptive method consisting of planning, implementation, and evaluation stages. The material covered includes basic cryptography concepts, end-to-end encryption mechanisms, and the practical process of the Diffie–Hellman key exchange thru the interactive simulation "Alice and Bob." Learning is designed contextually and participatively so that students can connect theory with the digital applications they use every day. The evaluation results showed an improvement in students' understanding, reflected in their active participation, ability to answer questions, and adequate post-test scores. This activity not only strengthens digital security literacy but also raises students' awareness of the importance of protecting personal data in online communication. This program is expected to be the beginning of more sustainable digital security learning development in the school environment.

Maulani Rizqi; Intan Nadilah; Ahmadil Hamdi; Nikken Prima Puspita; I Gede Adhitya Wisnu Wardhana

Pemberdayaan Masyarakat: Jurnal Aksi Sosial 2025 Lembaga Pengembangan Kinerja Dosen

This community service activity aims to increase the understanding of students at State Senior High School 2 Mataram regarding information security by introducing the concepts of coding and cryptography in digital messages. The rapid use of messaging applications among teenagers makes students increasingly vulnerable to cyber threats, necessitating education on how data protection works in online communication. This program is implemented using a descriptive method consisting of planning, implementation, and evaluation stages. The material covered includes basic cryptography concepts, end-to-end encryption mechanisms, and the practical process of the Diffie–Hellman key exchange thru the interactive simulation "Alice and Bob." Learning is designed contextually and participatively so that students can connect theory with the digital applications they use every day. The evaluation results showed an improvement in students' understanding, reflected in their active participation, ability to answer questions, and adequate post-test scores. This activity not only strengthens digital security literacy but also raises students' awareness of the importance of protecting personal data in online communication. This program is expected to be the beginning of more sustainable digital security learning development in the school environment.

Niko, Niko Surya Atmaja; Surya Atmaja, Niko; Muhammad Khoiruddin Harahap; Sahyunan Harahap

Jurnal Elektronika dan Komputer 2025 STEKOM PRESS

Relational databases store information in interconnected tables and are widely used for data management and retrieval. However, in certain environments, the original values stored in a relational database cannot be exposed during data retrieval. This limitation creates a challenge because common encryption methods only transform data for storage and do not support mathematical operations needed for value matching. Partially Homomorphic Encryption is a cryptographic approach that allows specific mathematical operations to be performed directly on transformed data without restoring it to its original form. This study proposes the use of Partially Homomorphic Encryption to enable value-based data retrieval while keeping all stored values in their transformed form throughout the entire process. The method relies on homomorphic properties that allow mathematical comparison to be conducted on encrypted data, making the retrieval process possible without revealing the original values. The results show that this approach can perform data retrieval operations in a relational database while preserving the transformed structure of the stored data. The proposed method offers an alternative for environments that require data retrieval without exposing original values and demonstrates the potential of homomorphic techniques in supporting secure and functional data processing in relational database contexts.

Andi Prayitno; Miftahul Jannah; Darmawati Darmawati; Syarifuddin Rasyid; Jalilova Shakhzoda

International Journal of Management Science and Entrepreneurship 2025 International Forum of Researchers and Lecturers

This study examines the relationship between market efficiency and digital financial innovation in the context of global financial transformation over the past decade, when fintech, cryptocurrency, and Decentralized Finance (DeFi) have significantly altered price formation and information dissemination mechanisms. The main issue raised is whether the Efficient Market Hypothesis (EMH) theory remains relevant in the face of digital market dynamics characterized by high volatility, speculative behavior, and regulatory uncertainty. The objective of this study is to assess the impact of digital innovation on information efficiency, price transparency, and the stability of modern financial markets. The study used the Systematic Literature Review (SLR) method, examining 15 scientific articles published between 2015 and 2025 from various academic databases. The findings indicate that digital technology increases access and speed of information distribution, but does not always result in consistently efficient markets. Crypto and DeFi markets have been shown to exhibit fluctuating efficiency due to price anomalies, information asymmetry, and weak regulation. Overall, the literature synthesis confirms that market efficiency in the digital era is dynamic and influenced by the interaction between technology, investor behavior, and governance quality. This study concludes that the EMH remains relevant as a basic framework, but needs reinterpretation to suit the complex and rapidly changing characteristics of digital markets.

Ratih Adinda Destari

Neptunus: Jurnal Ilmu Komputer Dan Teknologi Informasi 2025 Asosiasi Riset Teknik Elektro dan Informatika Indonesia

The exchange of information in the digital era has become a general need for society. However, the information sent often has a public or confidential nature. Therefore, security is needed so that confidential information remains safe. Cryptography is a field of knowledge used to secure information using encryption and decryption processes. One of the cryptographic methods used is the permutation method, which changes the layout, sequence, or structure of data into a form that is difficult to understand without knowledge of the exact key. Implementing cryptography using the permutation method in Android-based applications can increase the security and privacy of user data, as well as protect sensitive information from unauthorized access. This research aims to implement permutation method cryptography in Android-based applications to protect the confidentiality or privacy of user data. By using the permutation method, the sequence of bits or characters in the data is scrambled so that it is difficult for unauthorized parties to understand. The research results show that the implementation of permutation method cryptography in Android applications can provide a higher level of security in maintaining data confidentiality. However, it is worth considering that simple permutation methods may not be secure enough to deal with more sophisticated attacks. Therefore, choosing a stronger cryptographic method needs to be considered to achieve a higher level of security. In conclusion, implementing cryptography using the permutation method in Android-based applications can increase the security and privacy of user data. The permutation method is able to randomize the sequence of bits or characters in the data so that it is difficult for unauthorized parties to understand. However, for a higher level of security, it is necessary to consider stronger cryptographic methods.

Muhammad Ibnu Rayyan; Suci Pratiwi; Sofy Ertika Dewi

Bridge : Jurnal Publikasi Sistem Informasi dan Telekomunikasi 2025 Asosiasi Profesi Telekomunikasi Dan Informatika Indonesia

This study aims to implement an information retrieval system for cryptocurrency data using an attribute-based approach integrated with the Vector Space Model (VSM). The primary objective is to develop a system capable of retrieving the most relevant digital asset information according to specific search attributes, including positive sentiment, price fluctuation, and prediction confidence level. The research adopts a descriptive qualitative method combined with an experimental approach to evaluate the retrieval performance of the cosine similarity algorithm on normalized numerical data. Data preprocessing and attribute weighting were conducted to ensure consistency and improve retrieval accuracy. The experiment demonstrates that the proposed system achieves a Precision@5 value of 1.0, which indicates that all top-five retrieved results are fully relevant to user queries. These findings validate the effectiveness of the attribute-based VSM in analyzing multidimensional cryptocurrency datasets. Overall, this research contributes to the advancement of information retrieval applications in the cryptocurrency domain, particularly for supporting data-driven decision-making and intelligent financial analysis.

Muhammad Guhya Thesar Afani; Farhan Ferdiansyah; Eraneo Ihza P

Proceeding of the International Conference on Management, Entrepreneurship, and Business 2025 Asosiasi Riset Ilmu Manajemen Kewirausahaan dan Bisnis Indonesia

The usage of blockchain has increased around the world over the years. It has become widely used in various sectors that need transparency, such as accounting, business, and auditing. Blockchains are gaining more popularity after being applied as a system for digital asset ownership, such as cryptocurrency and NFTs (Non-Fungible Tokens). This growing trend of blockchain is followed by the increasing trend of research regarding it in the last decade. Blockchain has the potential to revolutionize the auditing sector and enhance economic accountability due to its decentralized system. Therefore, research regarding blockchain applications in auditing is becoming an important topic. This study adopts a qualitative approach by using datasets retrieved from the Scopus website, from the search result of blockchain auditing, with a total of 1228 articles that were published in the last decade (2015-2025). Furthermore, this study also uses several software programs as data processing tools, such as R Studio, VOSViewer, and Publish or Perish. This study aims to understand the research trend regarding blockchain auditing in the last decade and highlight its implications for the auditing and economic sectors.

Dhymaz Haiqal Azhari; Achmad Fauzi; Herman Sembiring

Merkurius : Jurnal Riset Sistem Informasi dan Teknik Informatika 2025 Asosiasi Riset Teknik Elektro dan Informatika Indonesia

MP3 audio files are often used in a variety of fields, but they are prone to security risks such as eavesdropping and illegal access. This study proposes a super encryption method by combining the algorithms of Rivest Shamir Adleman (RSA) and ElGamal to improve the protection of audio data. RSA was chosen for its efficiency and ease of implementation, while ElGamal offers a high level of security through discrete logarithmic complexity. The combination of the two is expected to address the weaknesses of each algorithm and strengthen file security. The system is developed using the Python programming language with the Visual Studio Code environment. The encryption process is done in layers: MP3 files are first encrypted with RSA, and then the results are encrypted again with ElGamal. The decryption is done in reverse order. Tests are conducted with various MP3 file sizes to measure the effectiveness and performance of the system. The results show that this method is able to secure audio files so that they cannot be accessed without the private keys of both algorithms. Although processing times are increased compared to single encryption, the level of security obtained is much higher. This approach can be an effective solution for protecting digital audio data, particularly MP3 format, and could potentially be applied to a wide range of other data types that require a high level of security.

M. Frisky Pandu; Febryantahanuji Febryantahanuji

EBISNIS : JURNAL ILMIAH EKONOMI DAN BISNIS 2025 LPPM Universitas Sains dan Teknologi Komputer

This study aims to analyze cryptocurrency investments and the risks faced by beginner investors who own digital assets such as Bitcoin, Solana, XRP, and other coins that have been increasing in value over the past few years, especially among the general public and retail investors. Not only retail investors, but governments also now hold digital assets, as has already happened. However, the unstable price and lack of global legal oversight make investing in cryptocurrency highly risky, especially for those with less knowledge and experience. The methods used in this study include literature review, descriptive analysis of historical price data for cryptocurrency, case studies, and interviews with several beginner investors. The findings show that cryptocurrency can generate large profits in a short time, but the risk of losing capital is also very high. Therefore, having a good understanding of blockchain technology, risk management, and investment psychology before starting to invest is important. This study is hoped to serve as a reference for beginner investors when considering decisions to invest in cryptocurrency.

Afrizal Ibnu Saputra

Proceeding of the International Conference on Economics, Accounting, and Taxation 2025 Asosiasi Riset Ekonomi dan Akuntansi Indonesia

This study maps the regulatory landscape of financial technology (fintech), focusing on cryptocurrency regulation at both global and Indonesian levels. Cryptocurrency, one of the fastest-growing fintech instruments, functions as a virtual currency secured by cryptography. Despite lacking physical form, it is widely used for investment, transactions, and speculation, with trust supported by blockchain’s transparency and immutability. However, regulatory frameworks remain fragmented across countries. The research applies a bibliometric approach, using Bibliometrix (R Studio) for descriptive analysis and VosViewer for keyword network visualization. Data were retrieved from Scopus with the keywords “cryptocurrency regulation” and “fintech regulation,” covering 2016–2025. Findings reveal 1,178 documents from 484 sources, contributed by 4,693 authors, with an average of 7.43 authors per document and an international collaboration rate of 24.79%. The annual growth rate reaches 44.31%, with an average of 14.01 citations per document. Keyword analysis identifies four main clusters: financial regulation, green finance and sustainability, decentralized finance (DeFi), and blockchain cybersecurity. This study provides a knowledge map of regulatory evolution from conventional finance to blockchain-based fintech, offering insights for academics, regulators, and industry to balance innovation, consumer protection, and financial stability.

Salis Azkia; Salwa Salsabila; Fahmi Abdul Mukhsi; Lina Marlina

Jurnal Ekonomi dan Keuangan Islam 2025 Asosiasi Riset Ekonomi dan Akuntansi Indonesia

This research analyzes the fundamental conflict between state regulation and Sharia principles regarding cryptocurrency in Indonesia, aiming to explore the views of Islamic scholars and the legal perspective in the Qur'an and its interpretations. Cryptocurrency has become a popular investment trend, especially among the youth. While the Bank Indonesia (BI) prohibits its use as a legal payment instrument, its trading activity is legalized as an investment asset under the supervision of OJK and BI. Conversely, the MUI Fatwa and the majority of scholars declare crypto transactions as forbidden (haram) due to the presence of elements prohibited in Islamic economics: riba (usury) and gharar (uncertainty). Gharar is linked to the extreme price volatility that encourages speculation (maysir) and the non-physical nature of crypto. Riba, on the other hand, is associated with the potential for unfair profit in lending and staking mechanisms. This prohibition is rooted in the interpretation of the Qur'an (QS. Al-Baqarah: 275 and QS. An-Nisa: 29), which strictly forbids riba and consuming others' wealth through bathil (unlawful) means. Consequently, although legally accepted as an investment asset, many scholars view crypto as violating the principles of justice and transparency in Islamic economics.

Mahila Ayesha Maharani; Wira Atman

Lembaga Pengembangan Kinerja Dosen 2025 Lembaga Pengembangan Kinerja Dosen

This study aims to evaluate the effectiveness of Indonesia’s National Cyber Security Strategy in responding to increasingly complex and dynamic digital threats. In the midst of the digital transformation era, Indonesia’s cyberspace is vulnerable to various serious threats, such as ransomware attacks, data leaks, and the spread of disinformation that can disrupt social and political stability. This research adopts a qualitative- descriptive approach with content analysis of national strategic documents, reports from the National Cyber and Crypto Agency (BSSN), and compares them with cybersecurity policies in ASEAN countries. The results revealed that although BSSN has designed a relatively robust policy and institutional framework, its implementation is still faced with various serious obstacles, including fragmented regulations, lack of coordination between agencies, and limitations in terms of human resources. This study uses Dunn’s (2023) policy evaluation framework, covering the dimensions of effectiveness, efficiency, responsiveness, equity and sustainability. The study recommends the need to strengthen governance involving various sectors, increase awareness and cyber literacy among the public, and develop national capacity through public private partnership. This evaluation is expected to serve as a basis for policy formulation to strengthen Indonesia’s digital resilience, especially in the face of the increasing complexity of cyber threats at the national level.

Abba, Abubakar; Ahmed, Nisar; Sulaimon, Hakeem Adewale

Journal of Computing Theories and Applications 2025 Universitas Dian Nuswantoro

The widespread use of digital images, driven by low-cost, handheld acquisition devices, has increased the need for robust security measures to safeguard privacy. This demand is further underscored by rising identity theft and other image-related crimes. This study presents a chaos-based experimental evaluation of contemporary image encryption algorithms. Owing to intrinsic properties such as sensitivity to initial conditions and pseudo-randomness, chaos theory has become increasingly prominent in image encryption. Five chaos-based image encryption schemes were selected and applied to a dataset of 26 color images. The evaluation covers both encryption performance and cryptographic security. Decryption quality is measured using Mean Squared Error (MSE), Peak Signal-to-Noise Ratio (PSNR), Structural Similarity Index (SSIM), and DeepEns. Cryptographic security is assessed using entropy, correlation coefficient, Number of Pixel Change Rate (NPCR), Unified Average Changing Intensity (UACI), average and maximum deviation, and histogram analysis. Experimental results indicate that all evaluated schemes demonstrate strong cryptographic security and comparable encryption performance, with broadly similar effectiveness across methods.

Mardhyah Fathania ‘Izzati; Widya Darwin

Merkurius : Jurnal Riset Sistem Informasi dan Teknik Informatika 2025 Asosiasi Riset Teknik Elektro dan Informatika Indonesia

This research aims to develop a transaction data security system on the web-based Pancadaya Waste Bank application by applying a hybrid cryptographic algorithm that combines Advanced Encryption Standard (AES) and Rivest Shamir Adleman (RSA). The problem faced in the previous system is the weak recording and security of customer transaction data, because the process is still carried out manually so that it is prone to recording errors, loss of important information, and potential misuse of data by unauthorized parties. To answer these problems, this study uses the Rapid Application Development (RAD) method which allows the application development process to be carried out quickly, flexibly, structured, and according to user needs. The research method used was a qualitative approach with interview techniques with the management of the Pancadaya Waste Bank and the Environment Office, as well as an in-depth literature study on the application of hybrid cryptographic algorithms in modern information systems. The system is built using the PHP programming language, MySQL database, and OpenSSL library as the main support for the data encryption and decryption process. The implementation of the algorithm is carried out by encrypting transaction data using AES for efficiency and speed, then the AES key is secured through RSA to ensure a higher level of security while preventing illegal access. The test results showed that the system was able to encrypt and decrypt transaction data in real-time, as well as display transaction results in the form of digital notes on deposit and balance withdrawal activities. In addition, performance tests using GTmetrix showed that the application has excellent speed, stability, and processing efficiency, making it feasible to be widely implemented in Pancadaya Waste Bank operations.

Sinaga, Rudolf; Frangky Frangky

Systematic Literature Review Journal 2025 International Forum of Researchers and Lecturers

This systematic literature review examines the philosophy of science approaches to user security in distributed devices, such as IoT and Federated Learning. The review was conducted in response to the exponential growth of connected devices and the increasing security threats, including cyberattacks, data breaches, and unauthorized access. As distributed systems become more complex, traditional security approaches, such as cryptography and differential privacy, are often insufficient to address the ethical, philosophical, and contextual challenges that arise in these ecosystems. Distributed devices, especially in IoT and Federated Learning contexts, rely on vast amounts of personal data. This data, often stored or processed in decentralized environments, creates significant risks to user privacy and system integrity. As the number of connected devices grows, security risks multiply, creating challenges in maintaining user trust, privacy, and overall system resilience. Conventional techniques, such as encryption, only focus on technical aspects, often neglecting the deeper philosophical dimensions, such as the nature of knowledge, privacy, and fairness in these systems. These gaps highlight the need for a more nuanced approach that incorporates philosophical perspectives into security frameworks. This study uses a systematic literature review method based on the PICOC (Population, Intervention, Comparison, Outcome, Context) framework to analyze the relevance of epistemology, ontology, and ethics in strengthening system security. By examining the foundational principles of how knowledge is constructed (epistemology), what entities exist in the system (ontology), and the ethical considerations around data and user privacy (ethics), the review provides a comprehensive understanding of how philosophical concepts can be integrated into the design and implementation of security systems in distributed environments. The results reveal that epistemological principles, such as the verification and validation of data sources and models, can significantly improve the reliability and trustworthiness of distributed systems.  

Assaad Essa Omran Murad

Jupiter: Publikasi Ilmu Keteknikan Industri, Teknik Elektro dan Informatika 2025 Asosiasi Riset Ilmu Teknik Indonesia

Wireless Medical Sensor Networks (WMSNs) are a key component of modern Healthcare Internet of Things (IoT) systems, enabling continuous and real-time monitoring of patients’ physiological parameters. These networks support timely medical intervention, improve patient outcomes, and facilitate remote healthcare delivery. However, due to the open and resource-constrained nature of WMSNs, they are highly susceptible to various security threats, particularly during the authentication phase. Existing authentication protocols have been found vulnerable to a range of attacks, including impersonation, session key disclosure, and gateway database compromise, which can lead to severe privacy breaches and potentially life-threatening situations. To address these issues, this paper proposes a secure and lightweight three-factor authentication protocol tailored for WMSNs in healthcare IoT environments. The proposed protocol integrates Elliptic Curve Cryptography (ECC) for strong public key-based security with minimal computational overhead, fuzzy extractors to securely handle biometric information and ensure resistance against biometric template compromise, and session-based randomness to achieve forward secrecy and prevent replay or key-compromise impersonation attacks. Security analysis demonstrates that the proposed protocol successfully mitigates prominent threats such as impersonation attacks, man-in-the-middle attacks, session key leakage, and database compromise. In addition, the protocol ensures mutual authentication between the user, the gateway, and the sensor nodes, while maintaining data confidentiality and integrity. Performance evaluation indicates that the protocol offers significantly reduced computational cost and communication delay compared to existing schemes. Its low energy consumption and minimal storage requirements make it suitable for deployment in resource-constrained medical devices and large-scale IoT healthcare networks. The results highlight the protocol’s scalability, energy efficiency, and robustness, making it a practical and secure solution for safeguarding patient data and ensuring trustworthy communication in WMSNs-based healthcare IoT systems.