Mutual authentication or two-way authentication (sometimes written as 2WAY authentication) refers to two parties authenticating each other suitably. In technology terms, it refers to a client or user authenticating themselves to a server and that server authenticating itself to the user in such a way that both parties are assured of the others' identity. When describing online authentication processes, mutual authentication is often referred to as website-to-user authentication, or site-to-user authentication.
Typically, this is done for a client process and a server process without user interaction.
Mutual SSL provides the same things as SSL, with the addition of authentication and non-repudiation of the client authentication, using digital signatures. However, due to issues with complexity, cost, logistics, and effectiveness, most web applications are designed so they do not require client-side certificates.
As the Financial Services Technology Consortium put it in its January 2005 report, "Better institution-to-customer authentication would prevent attackers from successfully impersonating financial institutions to steal customers' account credentials; and better customer-to-institution authentication would prevent attackers from successfully impersonating customers to financial institutions in order to perpetrate fraud."
Other articles related to "authentication, mutual authentication":
... Various defenses against MITM attacks use authentication techniques that are based on Public key infrastructures PKI mutual authentication The main defence in a PKI scenario is mutual authentication ... rogue applications from genuine applications Stronger mutual authentication, such as Secret keys (which are usually high information entropy secrets, and thus more secure), or ...
Famous quotes containing the word mutual:
“Marry first, and love will come after is a shocking assertion; since a thousand things may happen to make the state but barely tolerable, when it is entered into with mutual affection.”
—Samuel Richardson (16891761)