摘要 |
A method and system for generating a signature for a user are described. The system comprises a signature server, an initial transaction device for a user and a validation device for a user. The initial transaction device is configured to display a first message M and send a request to the signature server to create a signature for said first message M. The signature server is configured to generate a validation challenge using a second message M' which is based on said first message M' and a first secret shared between said user and said signature server and send said validation challenge to the validation device. The validation device is configured to regenerate said second message M' using said first shared secret, display said second message M', receive user confirmation that the displayed second message M' corresponds to said first message M, generate a validation code confirming the request to create a signature; and send said validation code to said signature server. Thereafter, said signature server generates the signature for the user for the first message M. |