摘要 |
A method and apparatus are provided for authenticating a user access request 14 to a secure service over a primary communication channel. At least one secondary substantial real-time communication channel is also opened 16. An authentication process is then performed, with at least part of this process being performed over the secondary channel. Access to the secure service is authorised over the primary channel in dependence on the result of the authentication. The secondary channel may be a telecommunications channel and may be used to deliver a users PIN. Furthermore the authorizing may involve generating a one time usage token 22 which may only be usable only for a predetermined time period, and the usage token may be delivered to the user via the secondary channel. |