摘要 |
An authentication token device (20), comprises a device interface (21) for connecting the device (20) with a communication terminal; a first memory module (201) having stored therein an asymmetric key pair, including a private key and a public key; a second memory module (202) having stored therein a secret token key; a certification module (25) for receiving though the device interface (21) a data set from the communication terminal, for generating a digital signature from the data set using the private key, and for transferring the digital signature through the device interface (21) to the communication terminal; and an authentication number generator (26) for generating an authentication base number from the data set, using the secret token key for encrypting the data set. From the authentication base number and a user's personal identification code, a transaction authentication number can be generated that protects online users against real-time man-in-the-middle attacks.
|