| 摘要 |
<p>The identification and authorization system utilises user information (including biometric user information) which is input into the system at registration to create an encrypted card key, which is stored on a smart card together with the user information and the cards unique identification number, and an encrypted storage key, which is stored on a database together with the user information and the cards unique identification number. When a transaction is requested by the user, the user information, unique identification number and encrypted card key is retrieved from the card. The user information is used to make up another encrypted card key and this is compared with the stored card key. The card key and unique identification number is then transmitted to a remote server where the encrypted card key is verified against an encrypted storage key which corresponds to the same unique identification number, and the transaction is authorised or refused based on the verification results. The system may also be used to verify the identity of the user without the requirement of sending the encrypted card key and unique identification number to a remote terminal for verification.</p> |
