Cryptographic authentication for internet using two servers
In a system for the authentication of transactions over a public network (100), a terminal (14) sends digitally signed transaction data (SD) to a service provider (20) over the public network (100), together with card application data (CAD) generated by a smart card (18). The card application data (...
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | In a system for the authentication of transactions over a public network (100), a terminal (14) sends digitally signed transaction data (SD) to a service provider (20) over the public network (100), together with card application data (CAD) generated by a smart card (18). The card application data (CAD) is sent to an authorization server (30) which checks that the smart card (18) is valid and that the card application data (CAD) must have been generated by that smart card (18) in the current transaction. User identification information (ID) is also sent from the terminal (14) to the service provider (20) and thence to the authorisation server (30), where this information (ID) is checked against the correct user details for the smart card (18). The results of these checks are indicated in a digitally signed authorisation response (ARES) from the authorization server (30) to the service provider (20), which then determines whether to proceed with the transaction by setting acceptance criteria for the current transaction and determining from the authorisation response (ARES) whether these criteria are met. |
|---|