1. Technical Field
The invention relates to a method for authenticating a user for access to protected areas, where an access code is read from a database stored on a security medium and is transmitted to a data processing apparatus. The invention also relates to a corresponding arrangement and to a corresponding security medium for such access to a data processing apparatus.
2. Prior Art
As modern communication systems spread, the need to use these communication systems for applications which were originally not developed for such systems also increases. By way of example, goods purchases and sales or else legal and banking transactions are being handled more and more often over communication networks which are publicly accessible. One example of such a communication network is the Internet, which provides a simple, rapid and cost-effective way of communicating world-wide. However, communication over such networks is unprotected, in principle, i.e. can be monitored and even altered by anybody who has a little technical know-how and the right equipment.
There are various reasons in favor of protected communication, however. By way of example, when the information transmitted is not intended to be made accessible to the public, when it is necessary to ensure that the information arrives exactly in the form in which it was sent, or when the parties for a transaction are not known to one another and wish to check the identity of their opposite counterpart before transmitting confidential information. This applies particularly also to banking transactions such as “home or online banking”, where a bank's customer manages his accounts himself over the Internet, i.e. checks account balances, makes payments or purchases shares, for example.
To authenticate a user who uses the Internet, for example, to register on his bank's homepage, various options have already been proposed. One option involves the user logging on by entering not only a user name and password but also the next particular access code from a scratchlist which is available in paper form and is known only to the user (and naturally to the bank). If the user's scratchlist is stolen, however, the thief can pretend to the bank that he is the new holder and can obtain unauthorized access to the user's accounts. Proposals have also already been made to store the scratchlist in electronic form, for example on a diskette. However, it can also be discovered by spying in this case too, for example by virtue of its being read by an unauthorized third party when the user is online. In addition, it is naturally also possible to get into the bank's EDP system and to obtain the information required in this manner.
Another option is to use a processor-assisted card with automatic generation of an access code by a small program which is executed in parallel both on the card and on the bank server. However, concurrent logging allows this program to be reconstructed and an access code subsequently generated independently to be put to misuse.
In other, known systems, “chip cards” are used which store biometric data for the user (for example fingerprints, data about the user's iris or about the user's voice) for identification purposes. In this case too, however, it is possible to use concurrent logging to obtain possession of these personal data and to feign the user's identity to the bank server when attempting to log on for misuse.
There is thus currently no system for securely authenticating a user when accessing confidential data over a public network such as the Internet.