TOTP valueUsername / passwordTLS sessionCA roots of trustApp session tokenCert + secretTLS sessionUsername / hash + saltTOTP verificationApp session tokenSymmetric encryptionMutual proof of credential knowledgeAdditional temporal auth factorTemporal authorisationServer / site authenticityUserWeb appSecurity provisionSymmetric encryptionMutual proof of credential knowledgeAdditional temporal auth factorTemporal authorisationServer / site authenticitySecurity provisionPhishing MITMStore & forward app session tokenPhishing site cert + secretCA roots of trustTLS session ATLS session BStore & forward challenges / proofsStore & forward challenge & codeFalse sense of securityUser fails to identify fake domain. TLS cert is valid for fake domain.No mTLSClient (MITM) verifies server. Server doesn’t verify client.No end-to-end encryptionIt is broken at the MITMNonces/hashes protect credsMITM unlikely to crack / reuse themShort-lived OTPMITM cannot obtain key to generate future OTPsUnbound app tokenFinal authorisation artefact is accessible and usable by MITM, likely without user knowledgeUser / app MITM phishing example