| 摘要 |
For authenticating a user using a communication terminal ( 1 ) to access a server ( 4 ) via a telecommunications network, a personal identification code is received from the user From secure session establishment protocol messages exchanged (S 1, S 2, S 3 ) between the communication terminal ( 1 ) and the server ( 4 ), a data set is generated (S 4 ). Based on the data set, a transaction authentication number is generated (S 52 ) using the personal identification code. The transaction authentication number is transmitted (S 54 ) from the communication terminal ( 1 ) to the server ( 4 ). In the server ( 4 ), the transaction authentication number received is verified (S 20 ) based on the secure session establishment protocol messages exchanged with the communication terminal ( 1 ). The transaction authentication number enables session aware user authentication that protects online users against real-time man-in-the-middle attacks. |
