摘要 |
A client device (2) stores a certificate reference mapped uniquely to a certificate (31), which is assigned to an end user (5), and a reference private key (23) obtained by encrypting a private key (313) with a PIN code determined by the end user (5). The client device (2) generates a digital signature for transaction data associated with the certification reference (32) using a current key that is obtained by decrypting the reference private key (23) with a user input code obtained through an input operation. If the input code is the same as the PIN code, the current key is the private key. A verification server (3) verifies, based on a public key (312) of a stored certificate (31), whether a received digital signature is signed with the private key (313), and obtains from the digital signature the transaction data when verification result is affirmative. |