Abstract: A system and method of authenticating a calling party to a remote service, including receiving a request via a communications network to approve a future call to the remote service using a calling identifier associated with the calling party, recording an approval of the future call subject to the future call being made within a predetermined period of time, the remote service receiving a call at a point in time using a calling identifier, determining if a call at that point in time using the received calling identifier is recorded as approved by the authentication system, and, if so, the remote service accepting the call and using the approval of the authentication system to authenticate the calling party.

Abstract: A system and method of authenticating a calling party to a remote service, including receiving a request via a communications network to approve a future call to the remote service using a calling identifier associated with the calling party, recording an approval of the future call subject to the future call being made within a predetermined period of time, the remote service receiving a call at a point in time using a calling identifier, determining if a call at that point in time using the received calling identifier is recorded as approved by the authentication system, and, if so, the remote service accepting the call and using the approval of the authentication system to authenticate the calling party.

Abstract: The present invention relates to a method of verifying that an action is authorised by a user, including receiving a request from a first user device to a remote service via a first communications channel to perform an action at the remote service, receiving a user identifier from the first user device via the first communications channel, the user identifier identifying the user, associating the user identifier with data relating to the requested action, communicating the data to a second user device associated with the same user identifier via a second communications channel, receiving a user verification code associated with the user identifier, and determining if the user verification code includes the data, which is digitally signed using a code generation algorithm based on at least a key associated with the user identifier, the digitally signed data verifying that the action is authorised by the user.

Abstract: A method of validating an identifier is disclosed. In one embodiment an authenticating party system receives an identifier for validation and determines a first validation code associated with a current value of a counter. The first validation code is compared with the received identifier and, in the event that the identifier does not match the first validation code, the authenticating party system compares the identifier with one or more further validation codes associated with respective other values for the counter, said respective other values comprising N consecutive counter values succeeding the current value of the counter. If the identifier matches one of the further validation codes associated with a respective other value for the counter, the current value of the counter is updated to correspond with the respective other value for the counter associated with the matching further validation code.

Abstract: An authentication device (100) for use with electronic security devices and user authentication systems is disclosed. The authentication device includes a data store (104) for storing plural secret keys, each secret key associated with a corresponding service, a service selection means (101) for selecting a service from the corresponding services, an authentication code generator (102) for generating, from the secret key associated with the selected service, a one time usable authentication code for communication to an authentication controller associated with the selected service, and an output (106) for outputting the generated authentication code for communication to the authentication controller. A method of authentication a user to a service is also disclosed.

Abstract: A method of authenticating a remote service (104) to a user (102) via a communications network (106) is disclosed. The remote service (104) obtains a service authentication code that has been generated, using a code generation algorithm, based on a first secret key. The service authentication code is communicated to the user (102) via the communications network (106) and received, or entered, into an authentication device (106) associated with the user (102). The authentication device (106) then generates, using the same code generation algorithm, an expected code value based on a second secret key and compares the expected code value to the service authentication code. Responsive to the comparison, and in the event that the expected code value correlates with the service authentication code, the authentication device (106) generates a response that indicates to the user (102) the authenticity of the remote service (104).