What is a 'Message Authentication Code - MAC'

A message authentication code (MAC), or tag, is a security code that is typed in by the user of a computer to access accounts or portals. This code is attached to the message or request sent by the user. Message authentication codes (MACs) attached to the message must be recognized by the receiving system in order to grant the user access.

BREAKING DOWN 'Message Authentication Code - MAC'

Message authentication codes (MACs) are commonly used in electronic funds transfers (EFTs) to maintain information integrity. They confirm that a message is authentic; that it really does come, in other words, from the stated sender, and hasn’t undergone any changes en route. A verifier who also possesses the key can use it to identify changes to the content of the message in question.

Message authentication codes are usually required to access any kind of financial account. Banks, brokerage firms, trust companies and any other deposit, investment or insurance company that offers online access can employ these codes. They are a vital component of financial cryptography.

Algorithms Used to Generate MACs

Three algorithms typically comprise a MAC: a key generation algorithm, a signing algorithm and a verifying algorithm. The key generation algorithm chooses a key at random. The signing algorithm sends a tag when given the key and the message. The verifying algorithm is used to verify the authenticity of the message when given the key and tag; it will return a message of accepted if the message and tag are authentic and unaltered, but otherwise it will return a message of rejected.

For example, the sender sends a message, such as an EFT, through the MAC algorithm, which generates a key and attaches a MAC data tag to the message. The recipient gets the message, runs it back through the MAC algorithm with the same key, and gets a second data tag. He or she will then compare this MAC data tag with the first one attached to the message when it was transmitted. If the code is the same at both ends, the recipient can safely assume that the data integrity of the message is intact. If not, however, it means that the message was altered, tampered with or forged.

However, the message itself should contain some data that ensures that this message can only be sent once. For example, a one-time MAC, timestamp or sequence number could be used to guarantee that the message can only be sent once. Otherwise, the system could be vulnerable to a replay attack, in which an attacker intercepts the message after it has been decoded and retransmits it at a later time, replicating the original results and infiltrating the system.

Message Integrity Codes (MICs)

Sometimes, the term message integrity code (MIC) will be used instead of MAC. This is most often done in the communications industry, where MAC traditionally means media access control address (MAC address). However, MIC can also be used to refer to message digest, which does not use secret keys in the same manner as a MAC, and cannot offer the same level of security without further encryption.

RELATED TERMS
  1. Burgernomics

    Burgernomics refers to the Economist's Big Mac Index, which tracks ...
  2. Negative Confirmation

    Negative confirmation is a method of communication that requests ...
  3. Federal Agricultural Mortgage Corporation ...

    Farmer Mac, the Federal Agricultural Mortgage Corporation, was ...
  4. Market Identifier Code - MIC

    A market identifier code (MIC) is an international indicator ...
  5. Financial Information Exchange ...

    Financial Information eXchange (FIX) is an electronic communication ...
  6. Instructing Bank

    An instructing bank is one of the banks that plays a role in ...
Related Articles
  1. Insights

    Needle In A Haystack: Stock Message Boards

    Stock message boards provide a great opportunity to read insightful information and opinions, but watch out for "trolls."
  2. Tech

    Alphabet to Launch 'Android Messages' to Challenge iMessage, FB Messenger

    After a slow start, Alphabet wants a big bite of the mobile messaging business
  3. Tech

    SWIFT Admits Hackers Sent Fraudulent Messages

    Earlier this morning, SWIFT, the international consortium of financial entities, admitted that hackers sent fraudulent messages over its network.
  4. Small Business

    How WhatsApp Is Killing SMS Texting

    With nearly 1 billion users, WhatsApp is killing off cell phone carrier-based SMS texting. But how will it make money and remain dominant into the future?
  5. Investing

    Apple to Launch 'Completely Rethought' Mac Pros

    The company has "completely rethought" its approach to Mac Pros.
  6. Investing

    FB's WhatsApp Messaging Service Reaches 1 bn Users

    Mobile messaging app WhatsApp has just reached 1 billion users. Now, Facebook CEO Mark Zuckerberg must find a way to monetize its $19 billion buy.
  7. Trading

    Basics Of Algorithmic Trading

    Algorithmic trading is the process of using computers for placing trades in order to generate profits at a speed and frequency that are beyond a person’s capability.
  8. Insights

    What Is Purchasing Power Parity (PPP)?

    Purchasing power parity (PPP) is an economic theory that compares different countries' currencies through a "basket of goods" approach.
  9. Tech

    How to Code Your Own Algo Trading Robot

    Ever wanted to become an algorithmic trader with the ability to code your own trading robot?
  10. Investing

    IBM Makes Largest Ever Deployment Of Macs (IBM, AAPL)

    The Armonk company plans to install 100000 Macs on its campuses by the end of this year to save on costs.
RELATED FAQS
  1. How do Internet companies profit if they give away their services for free?

    Learn how companies in the Internet sector make a profit when service, content and user applications are offered at no cost ... Read Answer >>
Trading Center