abstract |
This invention relates to a terminal by means of which users may communicate in a secure fashion with a second party, eg a bank, in order to transact business, eg transfer funds. The user must be verified to the second party before business can be transacted; and it is advantageous if, in addition, the terminal is able to verify the second party that is genuine. n In order to achieve this verification the terminal encrypts information about the user's identity using a selected key, then encrypts the selected key using a public key, corresponding to a secret key held by the second party, before transmission. The selected key may be a conventional key or a second secret key corresponding to a second public key. Multiple encryptions of the selected key are also described. n In a preferred embodiment the terminal also sends a cryptographic checksum to the second party based either on the selected key or a secret key. n The invention also includes a system using such a terminal. |