When making a connection to the Internet, there is employed the following method (referred to as “a password method”) in which a user contracts with the Internet service provider (referred to as a “provider,” hereinafter) and determines a user number and a password in advance, and at the time of connecting, the user inputs the user number and the password. Thereby the provider identifies the user and authorizes connection to the Internet.
In a service of transferring money such as a bank transfer on the Internet, a method of identifying a user by the use of a random numbers table (referred to as “a random numbers table method”) is performed. In this method, a user number and a password are determined between a user and a service providing institution such as a bank, and a random numbers table is given to the user by the service providing institution. When the user inputs the user number and password at the time of using the service, the user is requested to input a number in a box in the random numbers table by the service providing institution. When it is confirmed that the number input by the user agrees with the number in the random numbers table, the user can be provided with the service.
Furthermore, in connection to an intra-company LAN via the Internet, or connection to an intra-company LAN by a dial-up remote access such as ISDN etc. via a public line, an authentication method referred to as a one-time password method is employed. The user, who was given a password generating device from the service provider, inputs a user number and a password displayed on the password generating device. When the password input by the user agrees with the password in the server at the side of the service provider, the connection is authorized.
In the password method, the password determined between the service provider and the user is fixed and used many times. Therefore, if the user number and the password are known to the third person, there may be a problem of wrongdoing called “pretending” in which the third person pretends to be the user in person and makes a connection to the Internet illegally by using the user number and the password and receives various services.
In the random numbers table method or the one-time password method, although the safety of security is higher than the password method, a user always has to carry the random numbers table or password generating method, and therefore such methods are troublesome methods for the user.