A credit card reader is attached to a mobile device to process credit card transactions at the point of sale. In response to detecting attachment of the credit card reader to the mobile device, the credit card reader displays a one-time password for authenticating the credit card reader. The algorithm used to generate the one-time password is synchronized with a user token configured to display one-time passwords. If there is a match between the one-time passwords of the credit card reader and the token, the credit card reader is authentic. Further, if there is a match, the credit card reader may allow the user to process credit card transactions through the credit card reader.