Access security system and method

The invention claimed is: 1. A computer-implemented access security method, the method comprising: receiving, at a processor, a first authentication credential from a near-field communication (NFC) reader; generating a one-time token, at the processor, in dependence on the first authentication credential, the one-time token being in a form which is capable of reproduction by a user; requesting, via a user interface device, at least part of a second authentication credential from the user in response to receiving the first authentication credential, wherein the second authentication credential is received from the user interface device; determining that the second authentication credential matches a pre-stored authentication credential; and outputting the one-time token via the user interface device, wherein the one-time token is utilized by the user as an authentication credential during an access procedure. 2. The method of claim 1 , further comprising: receiving the first authentication credential from the NFC reader when the user positions an NFC authentication tag in range of the NFC reader. 3. The method of claim 1 , performed by a user device, wherein the pre-stored authentication credential is pre-stored on the user device. 4. The method of claim 1 , wherein the second authentication credential comprises at least one of: a knowledge authentication credential, including at least one of a personal identification number (PIN), password or passcode; and an inherence authentication credential, including at least one of a photograph of a user's face, a scan of their fingerprint, iris or retina, or a recording of their heartbeat or voice. 5. The method of claim 1 , further comprising: providing the one-time token to an authentication server via a user device, wherein the authentication server determines whether the one-time token matches an expected value prior to initiating provision of requested access associated with the authentication process. 6. The method of claim 1 , wherein at least part of the second authentication credential is received prior to the first authentication credential as part of a log-in or unlock procedure, including at least one of a user device performing the method, an application running on such a user device or a web interface accessed by such a user device. 7. The method of claim 1 , wherein the one-time token is a cryptogram. 8. The method of claim 1 , further comprising: receiving data relating to an object of the access procedure from the user interface device; and generating the one-time token further in dependence on the data relating to the object of the access procedure. 9. The method of claim 1 , further comprising generating the one-time token further in dependence on a further authentication credential stored on a user device performing the method including a user device identifier. 10. The method of claim 1 , wherein outputting the one-time token for use as an authentication credential in an access procedure comprises providing the one-time token to the user interface device for provision to the user. 11. The method of claim 1 , wherein an object of the access procedure is a payment network, a securely stored data file, a securely stored object or a secure location. 12. A user device comprising: a processor; and a memory communicably coupled to the processor and storing instructions which, when executed by the processor, cause the user device to: receive a first authentication credential from an NFC reader; generate a one-time token, at the processor, in dependence on the first authentication credential, the one-time token being in a form which is capable of reproduction by a user; request at least part of a second authentication credential from the user in response to receiving the first authentication credential, wherein the second authentication credential is received from a user interface device; determine that the second authentication credential matches a pre-stored authentication credential; and output the one-time token via the user interface device, wherein the one-time token is utilized by the user as an authentication credential during an access procedure. 13. The user device of claim 12 , further comprising: the NFC reader, wherein the first authentication credential is received from the NFC reader when the user positions an NFC authentication tag in range of the NFC reader. 14. The user device of claim 12 , wherein, in response to receiving the first authentication credential, the user interface device is caused to request at least part of the second authentication credential from the user. 15. The user device of claim 12 , wherein the memory and instructions, when executed by the processor, further cause the user device to: receive data relating to an object of the access procedure from the user interface device; and generate the one-time token further in dependence on the data relating to the object of the access procedure. 16. The user device of claim 12 , wherein outputting the one-time token for use as an authentication credential in an access procedure comprises providing the one-time token to the user interface device for provision to a user, and further comprising: an authentication server, wherein the one-time token is provided to the authentication server via a user device, wherein the authentication server determines whether the one-time token matches an expected value prior to initiating provision of requested access associated with the authentication process. 17. A computer-readable storage medium comprising computer-executable instructions which, when executed by a processor, cause the processor to: receive a first authentication credential from an NFC reader; generate a one-time token, at the processor, in dependence on the first authentication credential, the one-time token being in a form which is capable of reproduction by a user; request at least part of a second authentication credential from the user in response to receiving the first authentication credential; receive the second authentication credential from a user interface device; determine that the second authentication credential matches a pre-stored authentication credential; and output the one-time token via the user interface device, wherein the one-time token is utilized by the user as an authentication credential during an access procedure. 18. The computer-readable storage medium of claim 17 , wherein the computer-executable instructions, when executed by a processor, further cause the processor to: receive the first authentication credential from the NFC reader when the user positions an NFC authentication tag in range of the NFC reader. 19. The computer-readable storage medium of claim 18 , wherein, in response to receiving the first authentication credential, the user interface device is caused to request at least part of the second authentication credential from the user. 20. The computer-readable storage medium of claim 17 , wherein the computer-executable instructions, when executed by a processor, further cause the processor to: receive data relating to an object of the access procedure from the user interface device; and generate the one-time token further in dependence on the data relating to the object of the access procedure.