This step is to confirm that the origin of the code is correct and that no one has modified the code or programs without the knowledge of the owner. Normally, when you add a new repository, you have to add the keys of that repository, so it's added to your system's trusted list.

$ wget http://packages.ros.org/ros.key -O - | sudo apt-key add -

Now we can be sure that the code came from an authorized site and has not been modified.