Security and peace of mind
2FA (for example, a password and a passcode sent to your phone) is much safer than relying on a one-factor password process (a single password – which is what 90% of Gmail users are doing). And because SMS has a 98% open rate, you don’t need to worry about customers missing or ignoring texts.
Ease and availability
SMS is by far the easiest way to put 2FA into practice and it can be applied to a host of use cases – from device authentication and one-time passcodes to money withdrawal and app setup.
Lower support team costs
In the past, businesses have used phone calls to authenticate users but this puts pressure on contact centres. Swap calls for texts and you can liberate your support staff to focus on more important things.
SMS 2FA use cases
SMS 2FA use cases include device authentication, user registration, ecommerce transactions, password resets and money transfer validation,
Clients and employees
SMS 2FA can be used for both client accounts and for accessing internal systems. Whether employees are working remotely or not, they can still access internal systems by using their phones to identify themselves securely.
Improve security, fast
2FA strategies can be stymied by low adoption – users struggle to follow the authentication process and end up ignoring protocols and exposing themselves to risk. SMS-powered 2FA gets around this. Everyone has a smartphone and knows how to use SMS. That means you can ramp up security – fast.
Make life easier for customers
2FA often relies on some kind of dongle – a device that customers carry around with them to verify their identity. With SMS 2FA, a phone is their dongle. This makes life a lot easier for users.
Taking the dongle out of the equation also benefits your business. There’s no need to invest in hardware or software, or an expensive adoption and training program. You still get security for a much lower price.
Simplify your processes
From a back-end perspective, implementing SMS 2FA couldn’t be easier. Almost any log-in sequence can incorporate SMS-based 2FA and the workflows that underpin this approach are easy to build and manage.
A year-long Google study found receiving a secondary SMS code blocked 100 percent of automated attacks on Google accounts. It also stopped 96 percent of bulk phishing attacks, and 76 percent of (extremely rare) direct, targeted attacks – like those made by hired hackers.
According to the Google study, other forms of 2FA such as providing a secondary email address, phone number, or your last sign-in location were much less secure; able to generally fend off bots but not phishing or targeted attacks.
Physical key comparison
Research shows a physical security key to be carried around by users is the most secure option. But this is far harder and more expensive to roll out for businesses.
Some businesses we work with have reported a 35% reduction in overall fraud losses thanks to SMS 2FA.
Safer, stronger online relationships
Security breaches have increased by 11% since 2018 and 67% since 2014 (Accenture). SMS-powered 2FA can help you demonstrate your security and privacy credentials. You’ll be rewarded with trust.
Beware of low prices
Providers with per-message prices for alerts that are too good to be true probably rely on grey routes to transport traffic. This would leave your alerts liable to delay, loss and interception.
Never use SMS for one-factor authentication
Many companies still let users reset their passwords with nothing more than a one-time code texted to a phone number on the account. If someone’s phone is hijacked, the attacker doesn’t need to know the victim’s password to access the account.
How we can help
A low-code drag-and-drop campaign builder
Automatic mobile channel orchestration