The Internet, which is a human centered connectivity network where humans generate and consume information, is now evolving to the Internet of Things (IoT) where distributed entities, such as connected devices that exchange and process information without human intervention. An increasingly important aspect of the IoT is the ability of users to remotely and/or automatically control physical devices around them. An important aspect of remote and automatic control is authorization, meaning that the user's mobile device or computer must prove itself to the IoT device before control signals or commands may be executed. For example, a phone must prove to a car that it is authorized to start the car. However, existing authorization solutions have a fundamental limitation. Both a user's mobile device and IoT devices are subject to compromise in the case, e.g. a hack, which may be based on an existing software flaw. As such, there is a need for solutions to secure communications with a user's mobile device that are relatively immune to a hack.