FR3089653A1 - User authentication technique - Google Patents

Abstract

The invention relates to a technique for authenticating a user of a terminal (1) for a service as a function of a service code. An application running on the terminal comprises: - controlling a decryption of an encrypted service code (16), said decryption being conditioned by a successful biometric authentication of the user; - determine an authentication data based on the decrypted service code for verification based on an expected authentication data. Figure for the abstract: Figure 1a

Description

Description

Title of the invention: User authentication technique

The invention relates to the general field of telecommunications.

The invention relates more particularly to a technique for authenticating a user of a terminal for a service. It finds a particularly interesting application in the context of the implementation of a service, hosted in a hardware or software security element. This service requires prior authentication of the user by entering a service code to perform the service.

For this purpose, an entity stores the service code in order to be able to verify the identity of the user when necessary.

New user authentication techniques are being developed on the terminals. More specifically, biometric-type techniques can be used to authenticate the user.

In the current known architecture of mobile terminals operating under the Android operating system, it is currently not possible for a third-party service, that is to say which is not implemented by the manufacturer of the terminal, running on a security element to interact with means of biometric verification of the terminal, in order to implement biometric authentication. Indeed, in this architecture, third-party services do not have access to a physical connection or to a secure channel between the security element and the biometric verification means to support such interaction.

It is thus impossible for a third-party service running on the security element, hardware or software, this terminal operating on Android, to offer user authentication by biometrics to authorize use of the service in addition authentication by service code.

One of the aims of the invention is to remedy the shortcomings / drawbacks of the prior art and / or to make improvements therein.

According to a first aspect, the invention relates to a method for authenticating a user of a terminal for a service according to a service code, implemented by an application running on the terminal. This process includes:

- Order a decryption of an encrypted service code, said decryption being conditioned by a successful biometric authentication of the user;

- determine an authentication data based on the decrypted service code for verification based on an expected authentication data.

The proposed technique thus makes it possible to authenticate a user of a terminal by biometrics to authorize the use of a service, in addition to authentication by service code. This is for example a verification of the user's fingerprint.

Thanks to the proposed technique, the service, hosted in a hardware or software security element at the terminal, does not need to be modified in order to take into account this new type of authentication. From the service point of view, the operation remains identical, the application running on the terminal providing the service with authentication data conforming to authentication by service code. The deployment of the technique proposed in the terminals is thus simple to carry out.

In addition, the proposed technique is implemented by a software module (the application) executed by a processor of the terminal and does not require modifications to the architecture of the terminal, to allow the application to communicate with a biometric sensor. The biometric data of the user can thus remain stored in a secure memory area of the terminal and is not supplied to the application. This software module does not implement any biometric processing and is not directly connected to a biometric recognition / verification module.

The application only has the service code for the application in encrypted form and transiently obtains the decrypted service code (more precisely the deciphered encrypted service code corresponding to the service code) only during a successful verification of the biometric data associated with the user. By transient is meant that the decrypted service code is only available to determine the authentication data and is not memorized in a durable manner by the application. The operation of the application implemented for authentication by service code is maintained. The decrypted is for example obtained from a secure container of the terminal, making it possible to implement cryptographic operations and to condition these operations to criteria, such as biometric authentication of the user. Thus the application orders a decryption of an encrypted service code from the secure container and obtains in return from the container a decrypt of the encrypted service code, once the biometric verification of the user has been carried out.

For example, the service is a bank payment service from a mobile terminal. This service is implemented via a contactless interface of NFC type (for “Near Field Communication”) by a payment function hosted in a hardware security element, such as a SIM card (of NFC type ), or in a software security element (for example for a payment service based on HCE for "Host Card Emulation").

The different embodiments or features mentioned below can be added independently or in combination with each other, to the authentication process as defined above.

In a particular embodiment, the authentication method comprises: - ordering an encryption of the service code during a phase prior to authentication of the user and memorizing the encryption of the service code .

This preliminary phase corresponds to an initialization phase of the application in order to be able to implement biometric authentication for the service. The application thus commands a secure container to encrypt the service code and receives in return the encrypted service code. This encryption is saved in a memory of the terminal accessible by the application. The latter therefore does not have the service code permanently. Only the secure container can then decrypt this encrypted service code. The application does not have access to the cryptographic material used to encrypt (and therefore decrypt) the service code. No third party is likely to obtain the service code by analyzing memory areas associated with the application.

In a particular alternative or cumulative embodiment to the previous embodiment, the authentication method comprises:

- order a generation of a secret key during a phase prior to user authentication, use of said secret key for an encryption or decryption operation requiring successful biometric authentication of the user.

This preliminary phase corresponds to an initialization phase of the application in order to be able to implement biometric authentication. The application thus commands the secure container to generate a secret key, the use of which for a cryptographic operation is conditioned by a successful biometric authentication of the user. This secret key is stored in the secure container. The application does not have rights allowing it to access it.

According to a particular characteristic of the authentication method, the generation of the secret key is conditioned by a successful biometric authentication of the user.

This ensures that the secret key has been generated for biometric data corresponding to the user.

In a particular embodiment, the authentication data is also determined according to a challenge.

In a particular embodiment, the authentication data is also determined according to a key for limited use.

According to a second aspect, the invention relates to a terminal configured to authenticate a user of said terminal for a service according to a service code. This terminal includes a processor configured to:

- order a decryption of an encrypted service code, said decryption being conditioned by a successful biometric authentication of the user;

- determine an authentication data based on the decrypted service code for verification based on an expected authentication data. .

The advantages stated for the authentication method according to the first aspect can be transposed directly to a terminal.

This terminal can of course include in structural terms the various characteristics relating to the authentication process as described above, which can be combined or taken in isolation.

According to a third aspect, the invention relates to a program for a terminal, comprising program code instructions intended to control the execution of the steps of the previously described authentication method implemented by a terminal, when this program is executed by this terminal and a recording medium readable by a terminal on which a program for a terminal is recorded.

The advantages stated for the authentication method according to the first aspect can be transposed directly to the program for a terminal and to the recording medium.

The technique of authenticating a user for a service will be better understood using the following description of particular embodiments, with reference to the accompanying drawings in which:

[Fig.la] Figure la represents a system in which is implemented the method of authenticating a user for a service in a first particular embodiment;

[Fig.lb] Figure 1b shows a system in which is implemented the method of authenticating a user for a service in a second particular embodiment;

[Fig.2] Figure 2 illustrates steps of a method of authenticating a user for a service according to a particular embodiment;

[Fig.3] Figure 3 shows a terminal in a particular embodiment.

FIG. 1a represents a system in which the authentication method for a service is implemented in a first particular embodiment. In this first particular embodiment, the service corresponds to a banking payment service.

This system includes:

- a mobile terminal 1;

- a security element 2;

- a payment terminal 3.

In this first particular embodiment, the security element 2 is a hardware security element hosted at the terminal. This security element 2 can in particular be inserted into the terminal.

The mobile terminal 1 comprises a mobile application 15, configured to obtain from a user a personal PIN code (for "Personal Identification Number") associated with a service, also called service code, by means of a human interface -machine 105 (shown in FIG. 3) of the mobile terminal 1. The user has chosen a service code 21 which is stored securely by means of the mobile application 15 in the security element 2. This service code 21 corresponds to a series of digits, for example 4 digits, and is associated with a service 20 running in security element 2. As an illustrative example, in this particular embodiment, the service 20 is a banking payment application making it possible to dematerialize a payment card via the mobile application 15. Once the bank card has been dematerialized, the mobile terminal 1 can be used to make contactless payments, for example NLC (for “Near F ield Communication ”). We then place ourselves in the case of this banking payment application.

In this first particular embodiment, to make a contactless payment, the payment terminal 3 sends a payment request via the NLC contactless interface to the bank payment application 20. The User identity must then be verified by means of knowledge of the service code. Random data, known as a challenge or a challenge, is transmitted to the mobile application 15. The mobile application 15 requests the user to enter the service code via the human interface. machine 105. Using the service code and the challenge, the mobile application 15 calculates an authentication datum and transmits it to the banking payment application 20. The latter then verifies that the authentication datum is in conformity to that expected, this verification proving that the user knows the service code and thus authenticating the user.

It is emphasized here that the mobile application 15 does not memorize the service code outside of the implementation of this user authentication phase. The service code is only stored temporarily in a working memory and not permanently.

In this first particular embodiment, the security element 2 is for example a hardware security element such as a SIM card (for “Subscriber Identi ty Module”), a card of the “eUICC” type (for “Embedded Universal Integrated Circuit Card”), also called “eSIM” (for “embedded Subscriber Identity Module”) or irremovable SIM card, an eSE (for “embedded Secure Element”).

In a second embodiment, shown in FIG. 1b, the system comprises:

- a mobile terminal 1, comprising a security element 2;

- a payment terminal 3;

- 4 HCE infrastructure (for "Host Card Emulation").

In this second particular embodiment, the security element 2 is a software security element. As a variant, the security element can also be a material security element, as described above.

The mobile terminal 1 comprises a mobile application 15, configured to obtain a service code from a user, by means of a man-machine interface 105 of the mobile terminal 1. A service code chosen by the user is obtained by the mobile application 15 and stored securely in the infrastructure 4. This service code 41 corresponds to a series of numbers, for example 4 numbers, and is associated with a service 20 running in the element security 2. As an illustrative example, in this particular embodiment, the service 20 is a banking payment application making it possible to dematerialize a payment card via the mobile application 15. Once the bank card is dematerialized, the terminal mobile 1 can be used to make contactless payments, for example NFC (for “Near Field Communication”). We then place ourselves in the case of this banking payment application.

In this second particular embodiment, to make a contactless payment, the payment terminal 3 sends a payment request via the NFC contactless interface to the bank payment application 20. The User identity must then be verified by means of knowledge of the service code. One or more SUK single-use keys (for “Single Use Key”) are then transmitted to the mobile application 15. This key or these keys may also be for limited use. The mobile application 15 requests the user to enter the service code via the man-machine interface 105. Using the service code and the single-use key or keys, the application mobile 15 calculates an authentication datum (corresponding to a session key SK for “Session Key”) and transmits it to the banking payment application 20. The latter constructs one or more payment cryptograms from the datum of authentication and relays them to the HCE 4 infrastructure to verify that the payment cryptogram (s) comply with those expected and therefore that the authentication data conforms to that expected, this verification proving that the user knows the service code and thus authenticating the user.

As in the first particular embodiment, the mobile application 15 does not store the service code outside of the implementation of this user authentication phase. The service code is only stored temporarily in a working memory and not permanently.

The mobile terminal 1 and the security element 2 form a user device. In the following description, the operating system running on the mobile terminal 1 is an Android system, version 6 or higher.

The mobile terminal 1 further comprises a biometric sensor 102 (shown in Figure 3). This biometric sensor 102 is for example configured to capture a fingerprint of a user who places his finger on the sensor. No limitation is attached to this type of biometric sensor. Indeed, the proposed technique can be implemented with other biometric sensors based for example on facial or voice recognition.

The mobile terminal 1 further comprises a secure container 10 for storing Android keys (“Android Key Store” in English). A version 6 or higher Android operating system guarantees a secure, hardware-based implementation of the Android Key Store. This container 10 makes it possible to securely create and store cryptographic keys. Once such keys are created and stored, they can be used for cryptographic operations without exporting the keys. Restrictions on the use of these keys can also be defined. It is thus possible to restrict when or how a key is used, for example according to a biometric authentication of the user, or else to restrict the use of a key to a given cryptographic mode. In particular, user authentication can be fingerprint authentication 12.

An application programming interface 13 (or API for “Application Programming Interface”) allows an application, such as the mobile application 15, to interact with the container 10. Via this programming interface 13 , the mobile application 15 and the secure container 10 cooperate to implement the authentication method. In particular, the mobile application 15 sends commands to the secure container 10 and receives responses to this command. This operation is detailed below in relation to FIG. 2.

To implement the proposed technique, the application 15 stores (or accesses a memory area which includes) an encrypted service code 16, denoted pin_c, and the secure container 10 comprises a secret key K_pin 11 for which a use for a cryptographic operation is conditioned by a successful biometric authentication of the user.

The method of authenticating a user of a terminal for a service as a function of a service code, implemented in a user device, will now be described in relation to FIG. 2 in a system such as shown in Figure la. More specifically, the authentication process is implemented:

- on the terminal 1 by the mobile application 15 running on the terminal in cooperation with the secure container 10;

- on the security element 2 by an application implementing the service 20 running on the security element.

Thereafter, the service designates the application implementing the service.

We then go on to the case where the user has previously carried out a biometric registration (also referred to as biometric enrollment), more precisely with a fingerprint, using the biometric sensor 102 of the terminal. 1 and the secure container 10, more precisely “Android Key Store”, on the terminal 1 with an Android operating system of version 6 or higher.

A first PI phase prior to authentication of the user for a service 20 according to a service code defined by the user is described in relation to Figure 2. This first phase allows the mobile application 15 to obtain an encrypted service code 16 intended to be used during subsequent authentication of the user. The service code defined and entered by the user via a man-machine interface of the terminal 1 is also transmitted by the mobile application 15 to the service 20 for storage.

During this first phase, in a step F1, the mobile application 15 obtains the service code entered by the user via a man-machine interface 105 of the terminal 1. Still in this step F1, the the mobile application 15 commands by a message M1 to the secure container 10 to generate a secret key K_pin 11 with which is associated a condition required for the use of this key for a cryptographic operation, namely a successful biometric authentication of the user. Use of this secret key for an encryption or decryption operation requires a successful biometric authentication of the user.

In a step E1, the secure container 10 receives the command Ml and executes it. More specifically, the secure container 10 generates this secret key K_pin and stores it in the secure container in association with the condition received, namely a successful biometric authentication of the user. This secret key K_pin is only known to the secure container 10 and is not disclosed to the mobile application 15.

In a particular embodiment, the generation of the secret key is conditioned by a successful biometric authentication of the user.

In a step F2, the mobile application 15 commands, by a message M2 to the secure container 10, an encryption of the service code using the generated secret key K_pin.

In a step E2, the secure container 10 receives this command M2, authenticates the user via the biometric sensor 102 and encrypts the service code using the secret key K_pin to obtain an encrypted code service pin_c when the condition associated with the secret key is verified. Thus, the encryption operation is conditioned by a successful biometric authentication of the user.

Still in this step E2, the secure container 10 sends (message M3) to the mobile application 15 the encrypted service code pin_c.

In a step F3, the encrypted service code is received by the mobile application 15 in the message M3. The mobile application 15 stores the encryption of the service code pin_c in a memory area 16.

In a step F4, the mobile application 15 transmits (message M4) to the service 20 the service code entered by the user for storage. It is emphasized here that this step F4 can be executed independently of the execution of steps F2 and F3.

A Tissue of this first phase PI, the mobile application 15 has the encrypted service code pin_c, the secure container 10 has a secret key K_pin whose use for a cryptographic operation is subject to biometric authentication successful user and service 20 has the service code pin. The mobile application 15 does not have the secret key used to decrypt the encrypted service code.

A second phase P2 of authentication of the user for a service 20 as a function of a service code is described in relation to FIG. 2.

To make a contactless payment, the payment terminal 3 sends a payment request via the NFC contactless interface 103 to the service 20. This payment request is received by the service 20 in a step G10 . The identity of the user must then be verified by the service by proof of the user's knowledge of the service code.

In a step G11, the service 20 sends the mobile application 15 a request for verification M10 of the service code, this request comprising a challenge.

This verification request M10 is received by the mobile application 15 in a step F10. Still in this step F10, the mobile application 15 obtains the encryption of the service code pin_c by reading the memory area 16 and commands, by a message Ml 1 to the secure container 10, a decryption of the encryption of the service code. It is recalled that this decryption (which involves the use of the secret key for a cryptographic operation) is conditioned by a successful biometric authentication of the user.

For example, in the case of a fingerprint verification, in a step E10, the secure container 10 in cooperation with the biometric fingerprint sensor 102 requests the user to present a fingerprint and then checks ( for example by an analysis of local minutiae or singular points) the identity of the user according to a reference fingerprint defined beforehand by Γ user.

When the biometric authentication of the user is not successful, the secure container 10 transmits to the mobile application 15 a notification of refusal to decrypt the encrypted service code. Processing of the payment request can then continue with a request for the user to enter the service code via the man-machine interface 105.

Otherwise, when the biometric authentication of the user is successful, in a step E11, the secure container 10 decrypts the encrypted service code using the secret key K_pin and sends to a message M12 the service code obtained from the mobile application 15.

In a Thread step, the mobile application 15 receives in the message M12 the service code obtained by deciphering the encrypted service code (also called deciphered the service code by abuse of language).

In a step F12, the mobile application 15 determines an authentication datum according to a challenge and the decrypted of the service code and transmits the authentication datum determined in a message M13 to the service 20 for verification.

The service 20 then verifies as a function of an expected authentication data item if the authentication data item received is correct. The expected authentication data is determined by the service 20 according to the challenge and the service code 21.

This verification proves that the user knows the service code and thus authenticates the user for the service. This result is supplied to the payment terminal 3 in response to the payment request. At the end of this second phase P2, the user has been authenticated (by biometrics or by service code) by the service 20. It is again executed when a new authentication of the user for the service is required.

The method of authenticating a user of a terminal for a service as a function of a service code, implemented in a user device has been described in relation to FIG. 2 in a system as shown in Figure la (first embodiment). This description can easily be transposed to a system as shown in FIG. 1b (second embodiment). The steps implemented are similar to those described above in relation to the first embodiment (subject to the necessary adaptations related to the differences in architecture). In particular, the service code defined and entered by the user via a man-machine interface of the terminal 1 is obtained by the mobile application 15 for storage in an infrastructure 4 in step F4.

In step F12, the mobile application 15 determines an authentication datum according to one or more single-use keys and the decrypted code of service and transmits the authentication datum determined in a message M13 service 20.

In step G12, the service 20 builds one or more payment cryptograms from the authentication data and or relays them to the HCE infrastructure 4 to verify that the payment cryptogram or ones conform to those expected and therefore that the authentication data complies with that expected, this verification proving that the user knows the service code 41 and thus authenticating the user.

This verification proves that the user knows the service code and thus authenticates the user for the service. At the end of this second phase P2, the user has been authenticated (by biometry or by service code) via the service 20 by the HCE infrastructure 4. It is again executed when a new authentication of the user for the service is required.

We note that in the same way as for authentication by service code entered by the user, the mobile application 15 does not store the service code outside of the implementation of this authentication phase. the user. The service code is only stored temporarily in a working memory of the terminal and not permanently.

Thus, the implementation of the proposed technique is based:

- A mobile application 15 associated with the service 20, the latter being hosted in a security element 2 hardware or software, locally, this mobile application 15 being mainly in charge of the interface with the user to implement the service. The mobile application 15 communicates securely with the service 20;

- a biometric sensor 102 of the terminal;

- biometric and cryptographic functions of a secure container 10, such as

1 Android Key Store.

No modification of the service, nor of the architecture of the terminal, nor of the security element is moreover required to support a biometric authentication of the user in the implementation of this service. This facilitates the implementation of the proposed authentication technique.

The authentication technique proposed thus makes it possible, during the implementation of the service, to offer biometric authentication while remaining compatible with authentication by service code.

The illustrative examples were given on the basis of a payment service. There is no limitation attached to this type of service, the technique being easily transposable to any type of service in which a user is authenticated according to a service code.

The embodiment described comprises in the first phase, a step F1 during which the mobile application 15 commands, by a message M1, to the secure container 10 to generate a secret key K_pin 11 with which is associated a condition required for a use of this key for a cryptographic operation, and a step F2, during which the mobile application 15 commands, by a message M2 to the secure container 10, an encryption of the service code using the generated secret key K_pin. In another embodiment, these two steps can be merged into a single step during which the mobile application 15 commands the secure container 10 to generate a secret key K_pin 11 with which is associated a condition required for the use of this key for a cryptographic operation and an encryption of the service code using the generated secret key K_pin. In this other embodiment, steps E1 and E2 are also merged and a single response is sent to the mobile application 15. More specifically, the secure container 10 receives the command to generate a secret key K_pin 11 with which is associated a prerequisite for using this key for a cryptographic operation and encryption of the service code using the generated secret key K_pin and executes it. The secure container 10 generates this secret key K_pin and stores it in the secure container in association with the condition received, namely a successful biometric authentication of the user. Then the secure container 10 authenticates the user via the biometric sensor 102 and encrypts the service code using the secret key K_pin to obtain an encrypted service code pin_c when the condition associated with the secret key is checked. The encryption of the pin_c service code is then sent by the secure container 10 to the mobile application 15.

The embodiment described comprises a step F1 of controlling the generation of a secret key during a phase prior to authentication of the user, use of said secret key for an encryption or decryption operation requiring successful biometric user authentication. In another embodiment, this secret key was configured in the secure container 10 during the initialization of the latter.

No limitation is attached to these different embodiments and those skilled in the art are able to define others allowing a mobile application having an encrypted service code to order a decryption of this encrypted by conditioning this decryption to a successful biometric authentication of the user.

[0104] Figure 3 schematically illustrates a terminal 1 in a particular embodiment.

Terminal 1 notably includes:

- a processor 100 for executing code instructions of software modules;

- a memory area 106, configured to store a program which includes code instructions for implementing steps of the method of authenticating a user for a service;

- a storage memory 107, configured to store data used during the implementation of the authentication method of a user;

- a storage memory 108, configured to store in particular the encrypted service code 16.

Terminal 1 also includes:

[YES] - its Android 101 operating system;

[0112] - the mobile application 15;

- the secure container 10;

- a biometric sensor 102;

- a contactless transmit / receive module 103, of NFC type;

[0116] - the human-machine interface 105.

In the first embodiment, the terminal 1 also comprises a communication interface 104, configured to communicate with a security element 2, in which the service 20 is executed.

The mobile application 15 is configured for:

- order a decryption of an encrypted service code, this decryption being conditioned by a successful biometric authentication of the user;

[0120] - determine an authentication data item based on the decrypted service code for verification based on an expected authentication item.

In the first embodiment, the authentication data is determined according to a challenge.

In the second embodiment, the authentication data is determined as a function of one or more single-use keys.

The secure container 10 is configured to:

- receive from the mobile application 15 a command to decrypt an encrypted service code, this decryption being conditioned by a successful biometric authentication of the user;

[0125] - biometrically authenticating a user;

- depending on the result of this biometric authentication, decipher the encrypted service code and send the application 15 the determined encryption.

In a particular embodiment, the mobile application 15 is also configured to command encryption of the service code during a phase prior to user authentication and to store the encryption of the service code.

In this particular embodiment, the secure container 10 is also configured to receive from the mobile application 15 a command to encrypt a service code, to encrypt the service code and to send the encrypted code from mobile app service 15.

In a particular embodiment, the mobile application 15 is also configured to command the secure container 10 a generation of a secret key during a phase prior to the authentication of the user, a use of said secret key for an encryption or decryption operation requiring successful biometric authentication of the user.

In this particular embodiment, the secure container 10 is also configured to receive from the mobile application 15 a command to generate a secret key, a use of this secret key for an encryption or decryption operation requiring a successful biometric authentication of the user, to generate such a secret key and to send an acknowledgment to the mobile application 15, indicating that the secret key has indeed been generated.

In a particular embodiment, the generation of the secret key is conditioned by a successful biometric authentication of the user.

The secure container 10 corresponds in the embodiment described to the Android Key Store module. Other embodiments are also possible for other forms of secure containers, supporting the functions described above.

It is emphasized here that the terminal 1 also includes other processing modules, not shown in FIG. 3, configured to implement the various functions of this terminal.

The technique of authenticating a user for a service is implemented using software and / or hardware components. In this perspective, the term module can correspond in this document as well to a software component, as to a hardware component or to a set of hardware and / or software components, capable of implementing a function or a set of functions, according to what is described above for the module concerned.

A software component corresponds to one or more computer programs, one or more subroutines of a program, or more generally to any element of a program or software. Such a software component is stored in memory then loaded and executed by a data processor of a physical entity and is capable of accessing the hardware resources of this physical entity (memories, recording media, communication bus, electronic cards of 'inputs / outputs, user interfaces, etc.).

In the same way, a hardware component corresponds to any element of a hardware assembly (or hardware). It can be a programmable hardware component or not, with or without integrated processor for the execution of software. This is for example an integrated circuit, a smart card, an electronic card for executing firmware, etc.

In a particular embodiment, the module 15 is configured to implement steps of the previously described authentication method, implemented by a terminal. They are preferably software modules comprising software instructions for executing those of the steps (or actions) of the authentication method described above, implemented by a terminal. The invention therefore also relates to:

- a program for a terminal, comprising program code instructions intended to control the execution of the steps (or actions) of the authentication method described above, when said program is executed by this terminal;

[0139] - a recording medium readable by a terminal on which the program for a terminal is recorded.

The software modules can be stored in or transmitted by a data carrier. This can be a hardware storage medium, for example a CD-ROM, a magnetic diskette or a hard disk, or else a transmission medium such as an electrical, optical or radio signal, or a telecommunications network.

Claims (1)

Claims [Claim 1] Method for authenticating a user of a terminal (1) for a service according to a service code, implemented by an application running on the terminal and comprising: - order (F 10) a decryption of an encrypted service code (16), said decryption being conditioned by a successful biometric authentication of the user; - Determine (F 12) an authentication data item based on the decrypted service code for verification based on an expected authentication item. [Claim 2] Authentication method according to claim 1, comprising: - order (F2) encryption of the service code during a phase prior to user authentication and memorize the encryption of the service code. [Claim 3] Authentication method according to claim 1, comprising: - Order (F1) a generation of a secret key (11) during a phase prior to the authentication of the user, use of said secret key for an encryption or decryption operation requiring successful biometric authentication of the 'user. [Claim 4] Authentication method according to claim 3, in which the generation of the secret key is conditioned by a successful biometric authentication of the user. [Claim 5] The authentication method according to claim 1, wherein the authentication data is further determined according to a challenge. [Claim 6] The authentication method according to claim 1, wherein the authentication data is further determined according to a limited use key. [Claim 7] 7. Terminal (1) configured to authenticate a user of said terminal for a service according to a service code, comprising a processor configured for: - order a decryption of an encrypted service code (16), said decryption being conditioned by a successful biometric authentication of the user; - determine an authentication data based on the decrypted service code for verification based on an expected authentication data. [Claim 8] 8. Terminal program, including code instructions program intended to control the execution of the authentication steps according to one of claims 1 to 6 implemented by the terminal, when said program is executed by said terminal. [Claim 9] 9. Recording medium readable by a terminal on which the program according to claim 8 is recorded.