System and method for fraud detection

What is claimed is: 1. A method for authenticating a counterparty machine to a digital transaction in order to prevent fraudulent manipulation of content displayed to a user, the method comprising: obtaining, at a mobile terminal from the counterparty machine via an indirect connection over a network, characteristic content associated with the digital transaction, wherein the characteristic content is to be displayed in a trusted user interface (TUI) provided by the mobile terminal, wherein the TUI displays content associated with a counterparty application executing on the mobile terminal, and wherein the digital transaction comprises accessing a sensitive resource of the mobile terminal maintained in a trusted execution environment (TEE); sending, by the mobile terminal via the network, data associated with the characteristic content and normalization data to an authentication server that executes a virtual machine configured to generate an emulation of a reference item of content as displayed at the mobile terminal based on the normalization data; and obtaining, from the authentication server via the network, a result of an authentication judgment by the authentication server, the authentication judgment based on a comparison between the data associated with the characteristic content and the emulation of the reference item of content, wherein the characteristic content comprises an image as rendered at the mobile terminal, wherein the image is associated with at least one of a counterparty, counterparty identification (ID) information, or alphanumeric information to be displayed in the TUI, and wherein the normalization data comprises data specifying a value of at least one parameter associated with rendering the characteristic content at the mobile terminal. 2. The method of claim 1 , wherein the data associated with the characteristic content comprises item display data. 3. The method of claim 1 , wherein the data associated with the characteristic content comprises a hash of an item of characteristic content. 4. The method of claim 3 , wherein the hash of the item of characteristic content is generated at the authentication server. 5. The method of claim 1 , further comprising: determining, by the mobile terminal, whether to proceed with the digital transaction based on the result of the authentication judgment. 6. A method for authenticating a counterparty machine to a digital transaction in order to prevent fraudulent manipulation of content displayed to a user, the method comprising: obtaining, at an authentication server from a mobile terminal via an indirect connection over a network, data associated with characteristic content of a counterparty and normalization data, wherein the characteristic content is to be displayed in a trusted user interface (TUI) provided by the mobile terminal, wherein the TUI displays content associated with a counterparty application executing on the mobile terminal, and wherein the digital transaction comprises accessing a sensitive resource of the mobile terminal maintained in a trusted execution environment (TEE); generating, by a virtual machine executing at the authentication server, an emulation of a reference item of content as displayed at the mobile terminal based on the normalization data; performing, by the authentication server, an authentication judgment based on a comparison between the data associated with the characteristic content and the emulation of the reference item of content to obtain a result; and sending, by the authentication server via the network, the result of the authentication judgment to the mobile terminal, wherein the characteristic content comprises an image as rendered at the mobile terminal, wherein the image is associated with at least one of the counterparty, counterparty identification (ID) information, or alphanumeric information to be displayed in the TUI, and wherein the normalization data comprises data specifying a value of at least one parameter associated with rendering the characteristic content at the mobile terminal. 7. The method of claim 6 , wherein performing the authentication judgment comprises generating, as the reference item of content, a hash of the data associated with the characteristic content of the counterparty. 8. The method of claim 6 , wherein the data associated with the characteristic content of the counterparty comprises a hash. 9. The method of claim 6 , wherein the data associated with the characteristic content comprises data generated from rendering an item of characteristic content for display at the mobile terminal. 10. The method of claim 6 , further comprising: registering, by the authentication server, a reference image associated with the counterparty; generating the reference item of content from the reference image; and associating the reference item of content with the counterparty ID information. 11. An apparatus for preventing fraudulent manipulation of content displayed to a user, the apparatus comprising: a display; a network interface; a processor; and a memory containing instructions that, when executed by the processor, cause the apparatus to: obtain, from a counterparty machine via an indirect connection over a network using the network interface, characteristic content associated with a digital transaction, wherein the characteristic content is to be displayed on the display in a trusted user interface (TUI) provided by the apparatus, wherein the TUI is configured to display content associated with a counterparty application executing on the apparatus, and wherein the digital transaction comprises accessing a sensitive resource of the apparatus maintained in a trusted execution environment (TEE), send, via the network using the network interface, data associated with the characteristic content and normalization data to an authentication server that is configured to execute a virtual machine configured to generate an emulation of a reference item of content as displayed at the apparatus based on the normalization data, and obtain, from the authentication server via the network using the network interface, a result of an authentication judgment by the authentication server, the authentication judgment based on a comparison between the data associated with the characteristic content and the emulation of the reference item of content, wherein the characteristic content comprises an image as rendered at the apparatus, wherein the image is associated with at least one of a counterparty, counterparty identification (ID) information, or alphanumeric information to be displayed in the TUI, and wherein the normalization data comprises data specifying a value of at least one parameter associated with rendering the characteristic content at the apparatus. 12. The apparatus of claim 11 , wherein the data associated with the characteristic content comprises item display data. 13. The apparatus of claim 11 , wherein the data associated with the characteristic content comprises a hash of an item of characteristic content. 14. The apparatus of claim 13 , wherein the memory contains instructions that, when executed by the processor, cause the apparatus to receive the hash of the item of characteristic content from the authentication server. 15. The apparatus of claim 11 , wherein the memory further contains instructions that, when executed by the processor, cause the apparatus to: determine whether to proceed with the digital transaction based on the result of the authentication judgment. 16. An authentication server for preventing fraudulent manipulation of c