DATA SECURITY IN CLIENT/SERVER SYSTEMS

摘要

A data security method is performed by a client computer (11) and a server (13) to implement a transaction with data security. The client computer (11) receives transaction data from a user and writes it to form fields (14). However, the data is intercepted by a security program (12) and in addition to being written to the form fields (14) it is written locally to a memory (15). The security program (12) generates a hash code derived from the transaction data. The client computer (11) receives from a user a transaction authorisation, and there is verification by comparison of user-inputted PIN with one read from a physical security key (10). The client computer (11) transmits the code and the transaction data to the server (13). The server (13) independently generates a code from the received transaction data, compares the server- generated code with the client computer-generated code, and completing the transaction only if the codes match.