摘要 |
<p>The present invention relates to a method for securing entering a PIN, where the Personal Identification Number known as PIN is used to authenticate the user, that are made on a terminal not trusted to be secure due to the possibility of malicious software that may exist on that terminal. During an entering step of the PIN code, a generated random number is displayed onto an electronic display of a token connected to the terminal. The PIN code is selected arid validated from the random number thanks to a graphical user interface and/or user input means of the terminal, The validated PIN code is verified by the token. With the method proposed by the present invention, the PIN code is never known by the terminal. Indeed, only information regarding cursor or digital movement of the graphical user interface and/or the user input means is known on the side of the terminal, that information is in fact a random value, its link with the PIN code is only known by the token.</p> |