The invention includes a control system and a method for access control of an application system, with electrically measurable data acquired as the result of a biometric reaction of a user, the biometric reaction triggered by stimulatory information presented to the user. An acquisition means for acquiring the electrically measurable data, a provision means for providing reference data and a comparison means for comparing the data are provided in the control system. The reference data is provided relating to the stimulatory information and/or the acquired, electrically measurable data. The acquired measurable data is compared with the provided reference data by means of the comparison means. An authorization of the user to the application system takes place on the basis of the comparison results. By means of this control system it is possible to dynamically authorize and identify a user with absolute reliability and to unambiguously authenticate said user.
