Abstract: A computer implemented method of authenticating a user. Method comprises reading an identifier from a token, the token being in communication with a computer. An attempt is made to locate a record in a data store on the basis of the identifier, the record comprising authentication data. If the attempt is successful, authentication is performed using the located authentication data.