The user has the guarantee that the transaction requests come from the application with which he has just authenticated because both the app and the user have created a strong link through the authentication process and the HAS will filter out any transaction request from an unapproved application.