摘要 |
A user transacts with entity 30, typically bank A of entities A-C, using mobile telecommunications device 1. The mobile device comprises authentication means 60A-C, typically â appsâ or applications, and Subscriber Identity Module (SIM) means 20 associated with a cellular telecommunications network. The SIM is adapted to store a seed value, preferably a plurality of seed values 40A-C associated with respective entities A-C, for generating an authentication code. In operation, the authentication means obtains the seed stored on the SIM, derives an authentication code from the seed, and generates a transaction message for enabling the transaction with the entity. The transaction message includes the authentication code and may additionally be based on the current time and/or authentication history data 62A-C generated for a previous transaction with the respective entity. The SIM may include means 70 to verify the integrity of the authentication means and the SIM means may be a software simulation of a SIM. The SIM may only provide the seed if it is registered and authenticated with the cellular telecommunications network.
|