Systems and methods are described for detecting cloning of authentication devices. In an exemplary embodiment, authorized users are provided with valid authentication devices (e.g. tokens). Each device internally generates a random anti-cloning key, such that the key is unknown to the device manufacturer. In use, a valid device receives an authentication challenge and provides a response that includes the anti-cloning key (or encrypted version thereof) in a subliminal channel. A cloned device may fail to make proper use of the subliminal channel, or if it does, it is unlikely to use the same internally-generated anti-cloning key as a valid device. A cloning detection system recognizes when different anti-cloning keys purport to be from the same valid device, indicating likely cloning of the valid device.