-future authentication session. The advantage is that the secret is not
-kept anywhere except the token, so it's less chance of compromise. The
-drawback is that the response is transferred in cleartext long before
-being used, and can be eavesdropped on and used in a replay attack. This
-is of particular concern when using NFC. This approach is used by the
+future authentication session. The advantage of this approach is that
+the secret is not kept anywhere other than inside the token, so the only
+way to leak the secret is together with the token. The drawback is that
+the response that will be expected in the next session is transferred in
+cleartext in the current session, can be eavesdropped on and used in a
+replay attack. This is of particular concern when using NFC. This
+approach is used by the