An Internet Transaction Authentication (ITA) is a customer authentication apparatus disclosed herein. One embodiment employs an enclosure with USB interface capability; a second embodiment employs a similar enclosure with local wireless connectivity. ITA apparatuses achieve two important authentication goals: (1) Cryptographic authentication of websites to customers by providing real-time website validity confirmation so customers know when they've reached legitimate websites (i.e., visual, audible and displayed confirmation); (2) the ITA authenticates customer fingerprint (s) and, if verified, cryptographically authenticates customers to websites to prevent imposters from attempting transactions. Instead of making online transactions under control of programs in the customer PC, the ITA performs the complete transaction using biometric user authentication and strong cryptographic device authentication, all provisioned entirely within the ITA, itself. Transactions are cryptographically encapsulated for uninterruptible end-to-end transport between the ITA and websites and/or financial intermediaries. This arrangement provides a "Card Present" level of transaction security.