SMS Two-Factor Authentication Is No Longer Enough


With the near-constant occurrence of highly organized and complex cybercrime attacks, effective digital authentication has never been more challenging. Businesses must verify who they’re transacting with by implementing additional security measures, but at the same time they need to minimize friction and provide seamless user experiences to avoid losing users to competitors.

SMS two-factor authentication (2FA) has proven effective in providing additional security, and by simply sending a one-time SMS to a trusted user’s device to ensure they’re the person transacting, it doesn’t introduce significant user friction. However the U.S. National Institute for Standards and Technology recently announced its recommendation that businesses phase out SMS 2FA. Why? In short, the cybercrime landscape is evolving so quickly that single-point fraud solutions are no longer enough.

Read more at RSA Conference blog