The smartphone connectivity options, such as Bluetooth, generate the root of trust upon first connection or pairing. The subsequent connections use the initial root-of-trust without validation. These Trust-On-First-Usage or TOFU models are vulnerable to Man-in-the-Middle (MiTM) or impersonation attacks after pairing. Moreover, root-of-trust based on certificates or QR code-like mechanisms needs a third-party server, which may not be accessible for justifiable reasons. We propose an endpoint validation method that decouples the successive authentications from pairing by shifting the root of trust to a locally agreed shared secret between devices, e.g., via a sensor-based method. The legacy pairing provides the device discovery. Our method uses this shared secret as a Pre-Shared Key (PSK) to perform a Transport Layer Security (TLS) handshake in PSK-Only mode between intended devices. The TLS-PSK adds a minimal overhead (1 RTT) while delivering the superior benefits of the TLS protocol. We demonstrated the method on an Android smartphone over a Bluetooth connection.