The EMV standards define standard transactions between a smart card and a terminal. A typical EMV transaction occurs as follows:                The smart card and the terminal (for example an ATM or a payment terminal) are brought into communication by the user of the smart card. For example, the smart card is inserted in a card reader of the terminal.        The user of the smart card enters holder identification data, for example a PIN, through an input interface of the terminal.        The terminal sends the entered holder identification data to the smart card.        The smart card checks a match between the entered holder identification data and data held therein.        In case of a match, the transaction is allowed.        
Similarly, in other transaction standards, the PIN is sent from the terminal to the smart card at the beginning of the transaction for verification by the smart card.
In this type of transaction, the user may be subject to PIN theft in case a third party observes the input interface of the terminal while he enters his PIN.
A solution to this problem is provided by US 2011/0016047, wherein a password is transferred from a mobile phone of the user to an ATM by short range radio communication (NFC). Since the user does not need to enter a PIN in a user interface of the ATM, it is difficult for a third party to observe the user as he enters his PIN. However, this system uses a One Time Password provided to the user by a server. The server is in charge of checking that the password received by the ATM matches the expected password. Therefore, this solution is not compatible with the transaction standards wherein checking the holder identification data is performed by a secure device (for example a smart card) of the user.
Therefore, there exists a need for improving the security of a secure transaction between a secure device and a terminal, which is compatible with transaction standards wherein checking the holder information data is performed by the secure device.