摘要 |
<p>To authorize a transaction between a host and a server, a token is operationally connected to the host. The host receives an identification credential of a user. The identification credential is verified by the token and/or by the server. If the token detects a prescribed human action, the token generates token authentication data and the host sends the token authentication data to the server. Upon receiving the authentication data, the server authenticates the transaction. A device for authenticating a transaction includes a device interface for interacting with a host, a connector for reversibly operationally connecting the device to the host, and a controller that authenticates the transaction only once, contingent on detecting a prescribed anonymous human action. One such human action is providing one or more inputs at the host's user interface synchronously with outputs at the device's user interface.</p> |