Abstract: A user device stores a messaging application and an encrypted database, processor and has a key store storing an authorisation token to be used by the messaging application. The messaging application is configured, in the unlaunched state, to retrieve the authorisation token from the key store to perform communication with the messaging server on receipt of an incoming call from the messaging server and to display a notification without contact information, and is configured, in the launched state, on receipt of an incoming call from the messaging server to retrieve the authorisation token from volatile memory to perform communication with the messaging server, and to display a notification of the incoming call with contact information for a calling party, on the display of the user device. The encryption key for the database is generated based on a user passcode, and the user device stores neither the user's passcode nor a hash of the passcode.