Method and system for controlling the execution of a function protected by authentification of a user, in particular for the access to a resource

摘要

A method and system for controlling the execution of a function protected by authentication of a user and which is provided for example for the access to a resource. The method includes inputting, by the user, of personal data using an input device, authenticating the user with the input personal data for authorizing or not authorizing the execution of the function; in a secure card connected to the input device, storing limited validity authentication data dependant on the input data; when the card is connected to a processing device by which the user generates a message whose processing implements the function, using the stored data, taking into account the limited validity, to authorize or not authorize the execution of that function.

主权项

1. A method of controlling the execution of a protected function protected by authentication, the method comprising:
establishing communications between a memory module and an input device; inputting, by a user, personal data using the input device connected to the memory module; storing, in a data structure on said memory module in communication with the input device, personal authentication data derived from the personal data input by the user via the input device, and associating with said data structure a duration validity parameter configured to become invalid upon elapse of a predetermined amount of time; establishing communications between the memory module and a processing device that is distinct from the input device, said processing device communicating with the memory module by contactless communication; verifying, via the processing device, a validity of the duration validity parameter of the data structure in the memory module in communication with the processing device; upon successful verification of the validity of the duration validity parameter of the data structure in the memory module connected to the processing device, authenticating the user based on the input personal data using the personal authentication data derived therefrom and stored in the data structure; upon successfully authenticating the user based on the input personal data, generating authorization to execute the protected function and executing the protected function; and upon unsuccessfully authenticating the user based on the input personal data, generating a refusal to execute the protected function, wherein the memory module storing the data structure is physically linked with an input device during the control and execution of the protected function.