Two factor authentication is a method of adding an additional layer of security such as a one-time SMS code to an account, making it harder for hackers to crack a traditional username and password combination.
This system has a few name variations such as two-step authentication and it is getting more widespread with popular websites and apps using its methods. Google introduced two-factor authentication a few years ago to user accounts (if you set it up) and some services such as Uber require users to use an SMS PIN code to secure your account and register your smartphone with the system.
The idea is quite simple. A user logs in, this triggers an event which generates a one-time unique code. This is sent to the user (typically as an SMS or an automatic voice call) and the user enters this in the login process.
This is much more secure because the crucial element of the SMS PIN is only available between the system and the user, making it harder for hackers or intruders to intervene and get access to account data.
The idea for two-factor authentication seems to start around 2000 with a ‘Transaction authorization and alert system’ patent from AT&T which would wait for confirmation from a two-way pager, separate to the login and authorization system when accepting credit card payments. This system is used by some of the biggest banks around the world for internet banking.
Later in 2006, Sten-Olov Engberg and Ake Jonsson filed a patent for ‘Use of personal communication devices for user authentication’ which is an extension of AT&T’s design and focuses on mobile devices rather than pagers. This is the basis for the two-factor authentication system that millions of people use and rely on today.
With Sinch, you can set up two-factor-authentication using our SMS API and your application could send the SMS to a registered device once your system has generated the user token.
Interested in Two Factor Authentication? Speak with the Sinch team to see how to use our SMS API to get started.
The unprecedented attacks on Paris on November 13, 2015, saw a rise in activity on Facebook, motivating the leading social network to turn on Safety Check, a feature previously reserved for natural disasters. Introduced in October 2014, and borne out… read more
You might have read WebRTC in 2015 and why Apple will never join the party from our Developer Evangelist Chief, Christian, published on ProgrammableWeb a few weeks back. Christian and I decided to reach out to the WebRTC community, and… read more
Like most times during my writing process, first thing is opening a new Google docs sheet, where I create a draft for the next interesting topic to feed to the blog. Then, I choose among technologies as carefully as the… read more
What’s a virtual team? Virtual teams are separated by time, space and organizational boundaries. Interaction and collaboration is mainly enabled through electronic communication, and meeting up physically only happens on rare occasions. Virtual teams can involve business projects or divisions,… read more