An independent penetration testing company is invited to test a company's legacy banking application developed for Android phone
s. It uses Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates. Penetrations tests reveal the connections with clients were vulnerable to a Man-in-the-Middle (MITM) attack. How does the company prevent this from happening in the public Internet
If it is guranteed the key is only known to Alice and Bob and there is no risk of man in the middle attack or channel spoofing so we can achieve data origin authentication