摘要 |
<p>The present invention relates to an information system and a method for the identification, by an application server (2), of a user in possession of a terminal (6) having the use of communication means for effecting a connection between the server (2) and the terminal (6) and of a hardware element (8), connected to the terminal (6), comprising data storage means on which is stored an encrypton key (K1) and an identification number (num_ID), in which the server (2) generates a unique session number (num_Sess) in the course of a connection session between the terminal (6) and the server (2), the terminal communicates the session number (num_Sess) to the hardware element (6), the hardware element (6) effects an encryption (E) with the aid of an encryption key (K1) of a data set combining: the password (num_MDP) and the session number (num_Sess), and communicates the result (C) of the encryption to the terminal (6), the hardware element (8) also transmits the identification number (num_ID) to the terminal (6), the terminal (6) transmits the result of the encryption (C) and the identification number (num_ID) to the server (2) with a view to carrying out the identification of the user.</p> |