Recently, a quantum key exchange protocol has been described\cite{PFLM04}, which served as basis for securing an actual bank transaction by means of quantum cryptography \cite{ZVS04}. The authentication scheme used to this aim has been proposed by Peev et al. \cite{PML04}. Here we show, that this authentication is insecure in the sense that an attacker can provoke a situation where initiator and responder of a key exchange end up with different keys. Moreover, it may happen that an attacker can decrypt a part of the plaintext protected with the derived encryption key.