| 摘要 |
<P>PROBLEM TO BE SOLVED: To provide a personal authentication technique capable of avoiding phishing without installing a computer program for generating a one-time ID (OID) in at least one of a user device and second-step authentication means. <P>SOLUTION: When a first-step personal authentication is succeeded, first-step authentication means issues a first and a second OID to a user device. The second-step authentication means accepts an input of one of the OIDs from the user device and determines whether the ID matches the one OID stored therein. When the determination result is affirmative, the second-step authentication means transmits the other OID to the user device, and the user or the user device determines whether the other OID matches the issued other OID or not. When the determination result is affirmative, the user device inputs a user's second authentication key to the second-step authentication means, and the second-step authentication means performs the second-step personal authentication. <P>COPYRIGHT: (C)2013,JPO&INPIT |
