Two factor authentication is a method of adding an additional layer of security such as a one-time SMS code to an account, making it harder for hackers to crack a traditional username and password combination.
This system has a few name variations such as two-step authentication and it is getting more widespread with popular websites and apps using its methods. Google introduced two-factor authentication a few years ago to user accounts (if you set it up) and some services such as Uber require users to use an SMS PIN code to secure your account and register your smartphone with the system.
The idea is quite simple. A user logs in, this triggers an event which generates a one-time unique code. This is sent to the user (typically as an SMS or an automatic voice call) and the user enters this in the login process.
This is much more secure because the crucial element of the SMS PIN is only available between the system and the user, making it harder for hackers or intruders to intervene and get access to account data.
The idea for two-factor authentication seems to start around 2000 with a ‘Transaction authorization and alert system’ patent from AT&T which would wait for confirmation from a two-way pager, separate to the login and authorization system when accepting credit card payments. This system is used by some of the biggest banks around the world for internet banking.
Later in 2006, Sten-Olov Engberg and Ake Jonsson filed a patent for ‘Use of personal communication devices for user authentication’ which is an extension of AT&T’s design and focuses on mobile devices rather than pagers. This is the basis for the two-factor authentication system that millions of people use and rely on today.
With Sinch, you can set up two-factor-authentication using our SMS API and your application could send the SMS to a registered device once your system has generated the user token.
Interested in Two Factor Authentication? Speak with the Sinch team to see how to use our SMS API to get started.
Field service has traditionally embraced the mobile space to deliver new levels of efficiency. Ruggedized handsets combined with a cellular connection have for some time been a feature for all manner of field service applications – whether that’s signing for… read more
Sinch approached me for my opinion on their new whitepaper — research conducted in collaboration with One Poll to discover how consumer demand is shaping the future of video calling for enterprises. The Truth About Video Calling The whitepaper is… read more
The unprecedented attacks on Paris on November 13, 2015, saw a rise in activity on Facebook, motivating the leading social network to turn on Safety Check, a feature previously reserved for natural disasters. Introduced in October 2014, and borne out… read more
You might have read WebRTC in 2015 and why Apple will never join the party from our Developer Evangelist Chief, Christian, published on ProgrammableWeb a few weeks back. Christian and I decided to reach out to the WebRTC community, and… read more