Conventionally, various financial services, such as procedures of deposit, withdrawal, and transfer from financial accounts such as back accounts, provided by financial institutions, money lenders, and cash handling companies are often carried out by an ATM (Automated Teller Machine) that is a machine capable of carrying out a transaction by an operation of the customer. Furthermore, the construction and development of the communication infrastructure allows using a PC (Personal Computer) or a cellular phone to use financial services provided by the financial institutions, money lenders, and cash handling companies through a network.
The transactions carried out through the network are not face-to-face transactions. Therefore, the transactions are significantly different from conventional physical transactions such as face-to-face transactions, and the transaction partners cannot be directly determined. Moreover, compared to the personal computer communication that is a closed network implementing a membership system and the like, the transactions through the Internet utilize an open network. In such a transaction, due to the characteristics of the open network such as: (1) unspecified number of persons can easily access the network through terminal apparatuses such as PCs and cellular phones; (2) transmission data passes through various computers; and (3) there is no entity managing the entire network, risks such as: (1) eavesdropping of data, (2) falsification, (3) denial of transmission and reception by concerned parties of transaction, and (4) “impersonation” by third parties, are expected to rise. Data to be transmitted and received may include not only information indicating the content of transaction, but also personal information of customer, such as address, phone number, and credit card number, and “electronic value” that replaces money depending on the settlement system. Therefore, the transaction is naturally prone to be targeted for counterfeiting and exploitation, and ensuring the security is significantly important.
Thus, various mechanisms of security measures are developed and created in which sophisticated encryption techniques (encryption technique will be described in chapter 8) are utilized. First of all, there is a method of ensuring the security by encrypting the data to be transmitted. The use of the method allows a countermeasure against the risk of (1), or “concealing” the data from third parties. However, this is insufficient, and means for checking the completeness of the transmitted data is required to deal with the risk of (2). This will be called “certification” of data. Checking whether the communication partner is really the transaction partner is necessary to prevent the risks of (3) and (4), or so-called “playing dumb” in which the transaction partner of the destination of transmission of the electronic value “denies receiving” the electronic value, or conversely, denies that “I didn't place such an order” in response to the request of payment according to the received content of order, or to prevent “impersonation” by a malicious third party who steals a password of others to order a product without consent, or conversely, who pretends to be a company to receive the product fee. This is an act of “certifying” the customer and plays a significantly important role in the electronic transactions.
Financial services can be used regardless of time or place using the PC and the cellular phone. However, it is more important to take measures to prevent fraudulent acts, such as a malicious third party withdrawing or transferring from the user account.
Conventionally, there is a method of using a password as one of the measures to prevent the fraudulent acts to the user account. This is one of the certification techniques for verifying whether a person making an access is a qualified user when a server computer is used through a network from a terminal in a remote place (remote access).
In a conventional normal certification method of transmitting a password corresponding to the user name, there is a problem that the password may be “eavesdropped” on a communication path from the terminal to the server. Thus, a technique of using a second personal identification number or a one time password (OTP) is proposed. In the one time password, the server first transmits a random character string (called “challenge”), serving as the “type” of certification character string, to the server.
The user inputs a secret password that only the user knows to the terminal. Software included in the terminal calculates the challenge character string transmitted from the server and the password inputted by the user in accordance with a certain procedure and transmits the generated result (called “response”) to the server.
The server verifies the received character string and checks whether the user is a qualified user.
The challenge is designed to be a different character string every time, and the password declared by the user is transmitted to the server as a different character string every time.
Therefore, even if the communication between the server and the terminal is eavesdropped on the communication path, the same password cannot be used twice, and the server is not fraudulently used. Examples of software realizing the one time password include free software S/KEY and OPIE as well as SecurID of Security Dynamics.