Method for carrying out a secure electronic transaction using a portable data support
DC CAFCFirst Claim
1. A method for effecting a secure electronic transaction on a terminal using a portable data carrier arranged to perform different quality user authentication methods, wherein the portable data carrier performs a user authentication using one of said different user authentication methods, the portable data carrier confirms the proof of authentication to the terminal, and the portable data carrier then performs a security-establishing operation within the electronic transaction, comprising the steps of creating authentication quality information by the portable data carrier about said user authentication method used and attaching said authentication quality information to the result of the security-establishing operation, wherein the difference in quality of said user authentication methods varies between an inherently relatively lower quality and an inherently relatively higher quality from a security perspective.
5 Assignments
Litigations
3 Petitions
Accused Products
Abstract
A method for effecting a secure electronic transaction on a terminal using a portable data carrier is proposed. According to the method a user (30) first authenticates himself vis-à-vis the portable data carrier (20). The portable data carrier (20) at the same time produces quality information about how authentication was done. The authentication is confirmed to the terminal (14). Then the portable data carrier (20) performs a security-establishing operation within the transaction, for example the creation of a digital signature. It attaches the quality information to the result of the security-establishing operation.
67 Citations
13 Claims
- 1. A method for effecting a secure electronic transaction on a terminal using a portable data carrier arranged to perform different quality user authentication methods, wherein the portable data carrier performs a user authentication using one of said different user authentication methods, the portable data carrier confirms the proof of authentication to the terminal, and the portable data carrier then performs a security-establishing operation within the electronic transaction, comprising the steps of creating authentication quality information by the portable data carrier about said user authentication method used and attaching said authentication quality information to the result of the security-establishing operation, wherein the difference in quality of said user authentication methods varies between an inherently relatively lower quality and an inherently relatively higher quality from a security perspective.
-
10. A portable data carrier for performing a security-establishing operation within a secure electronic transaction and arranged to perform different quality user authentication methods, wherein the difference in quality of said user authentication methods varies between an inherently relatively lower quality and an inherently relatively higher quality from a security perspective, comprising:
- the portable data carrier is arranged to perform a user authentication using one of said implemented user authentication methods and the portable data carrier is arranged to confirm the authentication to a terminal, and wherein the data carrier is arranged to create quality information about said user authentication method used and to attach such quality information to the result of the security establishing operation.
- View Dependent Claims (11, 12)
-
13. A terminal for use in connection with a portable data carrier, said terminal including a device arranged to cause a user to select one of at least two possible different quality authentication methods, wherein the portable data carrier is arranged to perform a user authentication using one of the at least two possible different quality authentication methods and to confirm the authentication to the terminal, and the data carrier is arranged to create quality information about the authentication method used and to attach such quality information to the result of a security establishing operation, the difference in quality of said authentication methods varies between an inherently relatively lower quality and an inherently relatively higher quality from a security perspective.
Specification