diff --git a/app/authentication/auth.py b/app/authentication/auth.py
index 98212dd94..be89cec2c 100644
--- a/app/authentication/auth.py
+++ b/app/authentication/auth.py
@@ -94,4 +94,4 @@ def get_decode_errors(auth_token, unsigned_secret):
     try:
         decode_jwt_token(auth_token, unsigned_secret)
     except TokenExpiredError:
-        raise AuthError("Invalid token: expired", 403)
+        raise AuthError("Invalid token: expired, check that your system clock is accurate", 403)
diff --git a/tests/app/authentication/test_authentication.py b/tests/app/authentication/test_authentication.py
index b506c6409..f55cb31a0 100644
--- a/tests/app/authentication/test_authentication.py
+++ b/tests/app/authentication/test_authentication.py
@@ -320,7 +320,9 @@ def test_should_return_403_when_token_is_expired(notify_api,
                     headers={'Authorization': 'Bearer {}'.format(token)})
             assert response.status_code == 403
             error_message = json.loads(response.get_data())
-            assert error_message['message'] == {'token': ['Invalid token: expired']}
+            assert error_message['message'] == {'token': [
+                'Invalid token: expired, check that your system clock is accurate'
+            ]}
 
 
 def __create_get_token(service_id):