摘要 |
A user enters into a token a token PIN, and an identification number of a financial instrument and a transaction amount of a transaction to be verified. If the token PIN is correct, a processor in the token increments a transaction count, and generates a first passcode using an encryption process using a digest keyset to digest the information entered into the token. The user provides the first passcode, the transaction count, and an identification number associated with the token to a merchant, who then transmits this to a financial institution, along with the identification number of the financial instrument and the transaction amount. The financial institution transmits this information to a verification server, which uses the digest keyset associated with the token to generate a second passcode by digesting the same quantities as used to generate the first passcode. The verification server verifies the transaction responsive to whether the first and second passcodes are equal, and to whether the transaction count is greater than the last transaction count associated with the token.
|