A system for authorizing smart cards via the Internet is provided,
comprising a plurality of user stations (1-1-1-n) connected to a server
(3) via the Internet (5) . Each of the user stations (1-1; 1-n) is
attached to a card reader (7-1;7-n) suitable for reading data and
accessing processing modules on smart cards (8-1-8-m). When a new card is
to be issued, initially the server (3) generates and stores a task
identifier as a task record (15) on a database (10) connected to the
server (3). The task identifier is also dispatched to a user station
(1-1; 1-n). A subsequent data submission by the user station (1-1; 1-n)
is then required to include signed data incorporating authorization data
and the received task identifier. When all the data required for
authorization of a smart card (8-1; 8-m) has been received, the server
(3) checks the signed data to confirm each data submission comprises data
incorporating a correct task identifier utilised for the current
authorization procedure.