Securing wireless channels necessitates authenticating communicationpartners. For spontaneous interaction, authentication must be efficientand intuitive. One approach to create interaction and authenticationmethods that scale to using hundreds of services throughout the dayis to rely on personal, trusted, mobile devices to interact withthe environment. Authenticating the resulting device-to-device interactionsrequires an out-of-band channel that is verifiable by the user. Wepresent a protocol for creating such an out-of-band channel withvisible laser light that is secure against man-in-the-middle attackseven when the laser transmission is not confidential. A prototypeimplementation shows that an appropriate laser channel can be constructedwith simple off-the-shelf components.