Abstract: An arrangement and corresponding method for authentication synchronizing cryptographic key information between a server and a client device, via data signals, where the client device at least comprises one client. The server is at least configured to generate and send to the client device a current encryption key and a next encryption key. The client device is at least configured to encrypt information on the client device using the next encryption key and the client device is at least configured to return a correct One Time Password using the current encryption key. As a consequence of the received correct One Time Password the server then knows that the client has received the current encryption key, used it and stored the information with the next encryption key.

Abstract: A method and arrangement for utilising a generally available personal data terminal as a secure and reliable authentication factor for user authentication is described. Also, a method for secure transfer of data between two parties, a user and a service provider, where the user generates a unique authentication factor adapted for user authentication (104), called a user code, and the service provider registering the user's user code as an authentication factor is disclosed. The method is useful for various security services involving a user and a service provider in electronic channels where service providers are faced with the challenges of authenticating the users of their services.

Abstract: A method and computer program for generation and multi channel verification of OTP (One Time Password) between two parties consisting of a service provider and a user, wherein said user has access to at least two communication channels, and wherein said user is logging into said service provider with a user ID via one communication channel and the service provider has the ability to communicate with an authentication server which again has the ability to communicate with said user via at least one other communication channel than the service provider.

Abstract: An arrangement and corresponding method for authentication synchronizing cryptographic key information between a server and a client device, via data signals, where the client device at least comprises one client. The server is at least configured to generate and send to the client device a current encryption key and a next encryption key. The client device is at least configured to encrypt information on the client device using the next encryption key and the client device is at least configured to return a correct One Time Password using the current encryption key. As a consequence of the received correct One Time Password the server then knows that the client has received the current encryption key, used it and stored the information with the next encryption key.

Abstract: A method of producing a security code by means of a programmable user device is described. The security code produced represents in itself both the user and the user device. In one embodiment, a service provider code representing a service provider by whom the user is registered with his/her user name forms an addition to the basis, on which the security code is calculated. The security code is useful for several security applications, such as for user authentication, and for local storage of information, as well as for signing and encryption/decryption of information to be exchanged between the user and a service provider, or vice versa.