This requires that both the service provider and the user positively identify each other. In this way the authentication is strengthened for both parties; it cannot be phished or spoofed as users aren't tricked into entering personal information on fake sites.

Source: http://identityaccessman.blogspot.com/2006/08/identity-dictionary.html