Authorization of a transaction
First Claim
1. A method for authorizing a transaction by a user using a terminal which is capable of communicating with a background system, with steps performed by the terminal comprising:
- determining identification information which identifies the user, sending data to the background system to authenticate the terminal at the background system and to transmit user identification data from which the identity of the user can be derived, to the background system, receiving secret data assigned to the user from the background system, playing back a secret given by the secret data to the user, determining a personal feature of the user, and sending data which is related to the personal feature of the user to the background system to signal or document the authorization of the transaction by the user.
1 Assignment
0 Petitions
Accused Products
Abstract
In a method for authorizing a transaction by a user with the aid of a terminal which can communicate with a background system, a secret, which is known to the user and to the background system but not to an unauthorized attacker, is used. The background system transmits secret data, which indicate the secret, only to the terminal if the terminal has successfully authenticated itself at the background system. Because, as a rule, secret data of several users are stored in the background system, the terminal detects in advance identification information which identifies the user, and transmits corresponding user identification data to the background system. When the terminal displays the secret to the user, the user can be certain that the terminal is trustworthy. A device and a computer program product comprise corresponding features. The invention provides a technique for authorizing a transaction by a user with the aid of a terminal which enables the user to recognize a falsified terminal.
38 Citations
19 Claims
-
1. A method for authorizing a transaction by a user using a terminal which is capable of communicating with a background system, with steps performed by the terminal comprising:
-
determining identification information which identifies the user, sending data to the background system to authenticate the terminal at the background system and to transmit user identification data from which the identity of the user can be derived, to the background system, receiving secret data assigned to the user from the background system, playing back a secret given by the secret data to the user, determining a personal feature of the user, and sending data which is related to the personal feature of the user to the background system to signal or document the authorization of the transaction by the user. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for authorizing a transaction by a user, the method using a background system capable of communicating with a terminal, with steps performed by the background system comprising:
-
receiving data from the terminal, the data authenticating the terminal at the background system, the identity of the user being derivable from the data, if the authentication of the terminal at the background system has been successful, then accessing secret data stored in a database and assigned to the user, and sending data from which the secret data can be determined to the terminal, and receiving data from the terminal, the data pertaining at least to a personal feature of the user and documenting the authorization of the transaction by the user. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A method for authorizing a transaction by a user using a terminal capable of communicating with a background system, with the steps comprising:
-
determining, by the terminal, identification information which identifies the user, communicating between the terminal and the background system to authenticate the terminal at the background system and to transmit user identification data from which the identity of the user can be derived to the background system, if the authentication of the terminal at the background system has been successful, then the background system accesses secret data stored in a database and assigned to the user, and data from which the secret data can be determined is sent to the terminal, playing back, by the terminal, a secret given by the secret data to the user, determining, by the terminal, a personal feature of the user, and performing the transaction using data pertaining at least to the personal feature of the user. - View Dependent Claims (14)
-
-
15. A terminal which is capable of communicating with a background system and which is equipped for authorizing a transaction by a user, wherein the terminal is adapted for:
-
determining identification information which identifies the user, sending data to the background system to authenticate the terminal at the background system and to transmit user identification data from which the identity of the user can be derived, to the background system, receiving secret data assigned to the user from the background system, playing back a secret given by the secret data to the user, determining a personal feature of the user, and sending data which is related to the personal feature of the user to the background system to signal or document the authorization of the transaction by the user.
-
-
16. A background system which is capable of communicating with a terminal and which is equipped for authorizing a transaction by a user using the terminal, wherein the background system is adapted for:
-
receiving data from the terminal, the data authenticating the terminal at the background system, the identity of the user being derivable from the data, if the authentication of the terminal at the background system has been successful, then accessing secret data stored in a database and assigned to the user, and sending data from which the secret data can be determined to the terminal, and receiving data from the terminal, the data pertaining at least to a personal feature of the user and documenting the authorization of the transaction by the user.
-
-
17. A system comprising a background system and at least one terminal capable of communicating with the background system, the system being equipped for authorizing a transaction by a user, wherein the system is adapted for:
-
determining, by the terminal, identification information which identifies the user, communicating between the terminal and the background system to authenticate the terminal at the background system and to transmit user identification data from which the identity of the user can be derived to the background system, if the authentication of the terminal at the background system has been successful, then the background system accesses secret data stored in a database and assigned to the user, and data from which the secret data can be determined is sent to the terminal, playing back, by the terminal, a secret given by the secret data to the user, determining, by the terminal, a personal feature of the user, and performing the transaction using data pertaining at least to the personal feature of the user.
-
-
18. A computer program product having program instructions for at least one processor of a terminal to cause the at least one processor to execute a method for authorizing a transaction by a user, the terminal being capable of communicating with a background system, with steps performed by the terminal comprising:
-
determining identification information which identifies the user, sending data to the background system to authenticate the terminal at the background system and to transmit user identification data from which the identity of the user can be derived, to the background system, receiving secret data assigned to the user from the background system, playing back a secret given by the secret data to the user, determining a personal feature of the user, and sending data which is related to the personal feature of the user to the background system to signal or document the authorization of the transaction by the user.
-
-
19. A computer program product having program instructions for at least one processor of a background system to cause the at least one processor to execute a method for authorizing a transaction by a user, the background system being capable of communicating with a terminal, with steps performed by the background system comprising:
-
receiving data from the terminal, the data authenticating the terminal at the background system, the identity of the user being derivable from the data, if the authentication of the terminal at the background system has been successful, then accessing secret data stored in a database and assigned to the user, and sending data from which the secret data can be determined to the terminal, and receiving data from the terminal, the data pertaining at least to a personal feature of the user and documenting the authorization of the transaction by the user.
-
Specification