SMS-based two-factor authentication is a pretty handy tool when trying to verify a user’s identity. This is because unlike instant messengers like WhatsApp, SMS can be used as long as you are connected to a carrier, meaning that when you don’t have internet access, you can still verify logins and credit card purchases.
However it seems that SMS-based two-factor authentication systems could soon be banned. This is according to the US National Institute for Standards and Technology who are planning to get rid of the system. Some of you might ask, but why? Indeed it does seem strange especially when you consider that it works.
It is true that it works, but apparently the organization believes that SMS isn’t as secure as they’d like, at least not as far as verification is concerned. This is because it is possible that the phone could be stolen, meaning that the thief could then have access to your SMS verification, or that the SMS could be hijacked whilst being sent, thus giving the hacker time to use the verification code before you do.
It has been noted that the alternative to SMS would be through a secure application, or through biometrics such as fingerprint scanners, which companies like Apple use to identify and verify purchases made through Apple Pay.
Filed in . Read more about Security.