WebsiteA website displays a personal photo configured by the user on the logon page. The website asks the user to confirm that the photo is correct before proceeding to request a password. In this way, the user can confirm that they are on the right site before inputting confidential information.
Business-to-BusinessIt is common for business-to-business interfaces to perform mutual authentication before executing transactions. A variety of technologies and standards exist for business-to-business authentication based on technologies such as public key infrastructure and digital certificates.
DevelopmentA developer connects to servers using a secure shell program. The program warns the developer when they connect to a new server and asks that they confirm the IP. The secure shell may store the signature of the server and not warn when the developer connects the second time. If anything changes, the program warns the developer at connection time. The developer authenticates with each server by logging on with a strong password.
|Overview: Mutual Authentication|
A user-machine or machine-machine process of verifying the identity of both sides in an interaction.
Historically, user-machine authentication was often focused on verifying the user. This lead to problems whereby sites or applications were forged. Mutual authentication makes users aware of their role in confirming they are in the right place before providing confidential information.