How can we improve _mutual_ trust online. Nearly all authentication puts the burden on the customer or client. Customers need to provide credentials, security questions, codes. Provider authentication is very flimsy. Even SSL certs & domains are hardly well maintained. My ~$10000 property tax bill is paid on a random domain with zero authentication that the funds go to my county treasurer.

The consequence is rampant fraud, phishing attacks. Look at the epidemic of IRS, Tolls, Tax, Bill Pay fraud. Scammers pose as billing departments using transient phone numbers. Wire transfer fraud is so common , but when I called my Title company to verify the receiving account, I was told no one ever does that.

My question to Hackernews is : what services should we create to establish true mutual trust? So when you receive a text message from Chase -- you have 100% confidence it is from Chase . When you talk to a customer service rep from Fidelity, you are 100% confident they are with Fidelity.

Phishing countermeasures like personal avatars / icons for your Bank have been used in the past, but none lasted or had widespread appeal. One-time codes could work, but they are clumsy.

What apps or solutions would you like to see to improve mutual authentication?