Trusted authorization device

w1w2w3A trusted display of a trusted authorization device (TAD) displays on a trusted display first information about a transaction to be authorized by a user using a trusted keypad. The TAD generates a random number (R); generates second information from the first information, the random number (R) and a first identification code (TADID-A) of the TAD; generates a signature of the second information using a first encryption process; egnerates a set of session keys (Ks, Ks, Ks) by a second encryption process responsive to the random number (R) and a set of stored working keys (K, K, K); and generates third information by encrypting the second information and the signature using a third encryption process responsive to the set of session keys (Ks, Ks, Ks). A dat structure is formed comprising the random numer (R), the first identification code (TADID-A), and the third information; and communicated from the TAD to the client to a host server for verification by a verification decryption server.