Mobile Two-factor Authentication: Get Ready for the Next Phase

The one-time SMS passcode has been the primary tool for customer authentication for more than a decade. Now, change is in the air – and it’s all thanks to secure, cheap, and speedy alternatives such as data verification and flash calling. Lee Suker, head of authentication at Sinch, explores the implications.

During the pandemic, many millions of consumers received the following text for the first time: ‘here is your security code, please do not share it with anyone’. Every year, companies send billions of these authentication messages. They have good reasons to do so. Two-factor text passcodes (SMS OTP) provide a reliable way to onboard a customer telephone number and gives nearly everyone on the planet access to two-factor authentication.

The combination of ‘something you know’ (your userID/password) with ‘something you have’ (possession of your phone, verified by correctly entering the OTP code) makes it much more difficult for fraudsters to takeover your online accounts

So why did the volume soar during the COVID period? In a socially distanced world, many people switched over to digital services for the first time. In order to shop, bank and access government services remotely, these newbie consumers needed to prove their identity remotely. The best way to do that? Signing in with a two-factor text.

Industry data reveals the extent of this growth in business-to-consumer messaging. According to the trade body MEF, 89 percent of consumersOpens a new window