Why Two-Factor Authentication (2FA)?
User verification. It’s not a sexy word by any means, but there is a reason why big brands like Snapchat, Facebook, Twitter, Google, and others continue to spend millions of dollars in an effort to curb identity-based abuse by wrongdoers. Many of these companies are turning to something called two-factor authentication via SMS in order to cut down on both spammers and scammers who wish to do them, and their users, wrong. Two-factor authentication (commonly referred to as 2FA) is quickly becoming a favorite tool of these companies to combat the ever-present threat of identity abuse and theft.
What is multi-factor authentication?
2FA works by combining something that you know (your password) and something that you have (your phone), to verify your identity. While it may be relatively easy for a hacker to steal your password, it is much more difficult to steal your password and spoof your mobile phone number. In addition to providing added security, 2FA is also very useful for verification when a new user signs up for a service or app by ensuring that each user has a mobile number. By requiring a phone number capable of receiving an SMS, apps are able to dramatically cut down on email spam.
Why multi-factor authentication?
It’s the unfortunate truth that in the world we live in today, our data is under constant attack. Passwords can be compromised through techniques like phishing, keystroke logging and brute force. For many people, that means lost bank account information, stolen identities, or embarrassing fake Facebook posts, but it can also negatively impact businesses. Spammers, scammers, and hackers are a surefire way to alienate your audience and ensure they seek alternatives.
Most of us would be hard pressed to find someone who hasn’t had an account compromised. A high-profile example of this is last year’s hacking of the Associated Press’ official Twitter account. Tweets were sent out that the White House had been attacked and President Obama was injured (you can read about it here). This is a dramatic example, but it illustrates why so many companies are so concerned about security and how 2FA can easily, quickly and cost-effectively help verify user identity and reduce the risk of fraud.
Why SMS verification?
Why are so many companies turning to a technology that has been around for decades? Because almost everyone on earth has the ability to receive an SMS–as of 2013, a whopping 95% of the world population has a mobile device. Web giants such as Google, Snapchat, Facebook, Amazon, and Twitter have all chosen SMS as their 2FA tool of choice due to this ubiquity, and even recent tech innovators like the over-the-top (OTT) chat apps are all counting on SMS for reliable and cost-effective communications to end users. Some people will open a mailed letter, some people will open an email, but nothing comes close to the 95% read rate of SMS.
The challenge
Implementing SMS 2FA on a global scale can be complicated. Every country has different rules, regulations, and restrictions that make it difficult for companies of any size to manage the complex web of relationships and knowledge necessary to implement an effective solution. Customers in India, for example, can only receive certain types of SMS between the hours of 9 AM and 9 PM or they will be blocked. Unfortunately, if you aren’t aware of these limitations, your messages will be rejected leading to decreased user acquisition and retention.
How can Nexmo help?
Companies such as Line, Viber, and Snapchat have turned to Nexmo to help them expand internationally. Nexmo leverages combined decades of industry experience and a simple, RESTful API to make international SMS a breeze. By significantly reducing undelivered and late messages, Nexmo can help improve user experience by removing potential points of failure.
Read more about how Nexmo helped fring eliminate fraudulent users via SMS 2FA.
