摘要 |
An information security apparatus and a security system, which prevent eavesdropping on input information input by an input device and identify eavesdroppers, includes a key input interface unit inputting secret information returns a decoy key input value when receiving a read access from unprotected domain 1011. Further, a payment-processing company, which judges whether it is possible or not to use a service such as electronic payment-processing, provides the information security apparatus with an immediate value to be used as the decoy key input value when performing an authentication. Accordingly, a person who attempts to eavesdrop on the input from a key input unit acquires the decoy key input value. If the decoy key input value is used when requesting payment-processing company to perform an authentication, the payment-processing company recognizes the person who requests the authentication as an eavesdropper. |