In the art, methods are known for securely establishing secure protected electronic communication (authentication) using authentication devices communicating with authentication servers and offering various levels of security, i.e. various levels of resistance against abuse by an unauthorised person.
Significant risks connected with abuse of authentication means used in electronic communication include unauthorised obtaining of the means themselves and their use by an unauthorised person instead of an authorised person.
The present invention aims to provide a method of authentication of communication of these authentication devices with authentication servers that will not allow an attacker to obtain the user's authentication information (the local factor), not even if he obtains the authentication means or their data.