Methods and devices for establishing secure communications with an implantable medical device (IMD) are provided. The method and devices receive a credential from an external instrument (EI). The credential is signed utilizing a private key, and the credential includes at least two of a credential time to live (TTL) indicator, an IMD Identifier (ID), and an EI ID. The method and device authenticate the credential using a public key and verify the at least two of the TTL indicator, the IMD ID, and the EI ID. The method and device establish a secure communications session with the EI based on the verification and authentication.