Securing the information about your users is very important for all companies taking digital data seriously. One of the methods which significantly limits the possibility of an account being hacked is a multi-factor authenticator (MFA). The SMS Authenticator service helps you in adding SMS messaging as a strong and safe factor of authorizing users in the logging process.
Access to the account is authorized with a security code sent via SMS and must be rewritten in the appropriate place on your website during the selected activity. Such verification is one of the simplest means of making sure that the person who logs into an account is really who they say they are. Confirming the identity via phone limits the possibility of hacking the account by a person who maybe even knows the username and password – but won't be able to log in without having access to the real user's phone.
SMS Authenticator is a simple tool which can help you in adding such security factors quickly, without the necessity to manage sending an SMS and storage of security codes. All you have to do is send us a request to check the number and we will do the rest – that being sending an SMS message with the security code on the selected user's phone number. After they rewrite the code in your application, its validity will be automatically checked.
Two Factor Authentication is practised with the use of SMS codes by, for instance, electronic banking systems, where short SMS codes are used to confirm important banking transactions. An additional advantage of this mechanism is the fact that a user must enter the code by a communication channel different from the one used for communication with the service provider, in this case a message is sent via the GSM network.
Combining two categories of authentication, that is what the user knows (password) and what they have (mobile device receiving codes), decreases the risk of unlawful use of personal data when login data are acquired by unauthorised persons.
It is also worth mentioning that there is a third area, applied in complex security features. It is the authentication via biometric data, for example way of walking, recognising the iris or voice. Multi factor logging prevents the intruder from logging even if they steal a password since the process is impossible without entering a single-use code delivered via SMS.
At Google, Twitter and Apple it is a standard procedure securing accounts' owners that when logging in for the first time on a new device, the SMS code is required, the code delivered to the phone number assigned to the phone user.
The answer is simple - we seldom part with our phone, it is usually at hand, and the speed of delivery of SMS messages is high - 97% SMSAPI messages are delivered in less than 10 seconds. Even in the case of loss or theft of the phone, no one will be in possession of our logging data, so it will not be possible to use it.
The user is also secured in the reverse situation. Even if the thief acquires access to passwords via Internet network, they will not be able to break another security feature, and by receiving an SMS, we will we spot attempts by third parties to log into our account.