Who Are You? The Mutual Authentication Dilemma
I wrote an article on our sister site Financial Crime Partners regarding the challenge of banks authenticating themselves to customers.
Here is except:
So, while it is perfectly reasonable for me to expect I’ve reached the bank if I’ve phoned the number of the bank of my card – it is not reasonable for me to believe it is the bank when receiving a call – just as it perfectly reasonable for the bank to question me when I phone in. This raises the question of a concept called “mutual authentication” – how can we both know we are communicating with the party we believe we are communicating with?
Head on over to Financial Crime Partners and read the entire post.