Abstract: The invention relates to a method of performing user authentication in a network system (10) that comprises a client (22) in communication via a first network (14) with a server infrastructure (16) including an entrance point of a second network and an application server in the second network. The client (22) has access via a user-controllable card reader (24) to a smart card (26). A first authentication key is associated with the smart card (26) and a second authentication key is associated with the card reader (24). In a first step user authentication is performed in context with an encryption process between the client (22) and the server infrastructure (16) using the first authentication key. A second user authentication step is performed between the client (22) and the application server using both the first authentication key and the second authentication key. Data authentication (secure signing) can be performed in addition to the user authentication described above.

Abstract: The invention relates to a method of performing user and data authentication over a client (22) in communication via a network (14) with a server infrastructure (16). The client (22) has access via a user-controllable card reader (24) to a smart card (26) on which at least one signature key is stored. The method comprises a user authentication step which includes displaying by the card reader (24) an authentication context, controlling the card reader to request the user for signature approval, and, in the case of signature approval, submitting a challenge, if required together with context data, or data derived therefrom to the smart card (26) for signing. The method further comprises a data authentication step which includes displaying by the card reader (24) the data to be authenticated, controlling the card reader (24) to request the user for signature approval, and, in the case of signature approval, submitting the data to be authenticated, or data derived therefrom, to the smart card (26) for signing.

Abstract: The invention relates to a method of performing user authentication in a network system (10) that comprises a client (22) in communication via a first network (14) with a server infrastructure (16) including an entrance point of a second network and an application server in the second network. The client (22) has access via a user-controllable card reader (24) to a smart card (26). A first authentication key is associated with the smart card (26) and a second authentication key is associated with the card reader (24). In a first step user authentication is performed in context with an encryption process between the client (22) and the server infrastructure (16) using the first authentication key. A second user authentication step is performed between the client (22) and the application server using both the first authentication key and the second authentication key. Data authentication (secure signing) can be performed in addition to the user authentication described above.

Abstract: The invention relates to a method of performing user and data authentication over a client (22) in communication via a network (14) with a server infrastructure (16). The client (22) has access via a user-controllable card reader (24) to a smart card (26) on which at least one signature key is stored. The method comprises a user authentication step which includes displaying by the card reader (24) an authentication context, controlling the card reader to request the user for signature approval, and, in the case of signature approval, submitting a challenge, if required together with context data, or data derived therefrom to the smart card (26) for signing. The method further comprises a data authentication step which includes displaying by the card reader (24) the data to be authenticated, controlling the card reader (24) to request the user for signature approval, and, in the case of signature approval, submitting the data to be authenticated, or data derived therefrom, to the smart card (26) for signing.