How is global SMS useful for businesses?

Networks

On September 14, 2019 the time had come: the EU Payment Services Directive PSD2 (Payment Services Directive 2) came into force. As part of PSD2, online retailers must in future ensure that they use what is known as two-factor authentication (2FA) for all online payment processes that exceed a limit of more than 30 euros. This is intended to ensure more security for online payment transactions by authenticating the identities of customers multiple times and thus significantly increasing the hurdles for hacker attacks.

Although some organizations are already using the 2FA, the acceptance rates are still quite low. After all, the 2FA means for users to take an extra step and thus make the customer experience more cumbersome. Comfortable "one-click" payment methods are no longer possible, because a 2FA requires more than just one click.

It is one of the most useful measures against the ubiquitous threat of identity fraud and theft and makes it almost impossible for hackers to carry out digital attacks. But how does two-factor authentication work? And what makes you so sure?

What is two-factor authentication?

Stealing a password is relatively easy for a hacker or bot. It is much more difficult to steal a password and access a mobile device - like a house door that is secured with several different locks. 2FA services give unauthorized persons considerably more effort to "break in".

As a result, two-factor authentication not only offers more security - it can also be used to verify a user who has logged on to a service or app. In this way, an identity can be perfectly proven using a combination of two different and independent components. In addition to something that the user knows (such as a password), something that the user has (such as a mobile phone) is also included. Usually a security code is created that is sent to the mobile phone via SMS and can be used once. A two-layer authentication takes place even at the ATM: In addition to the card (something that the user has), a PIN number (something that is known to the user) is also required.

Why is two-factor authentication useful?

The sad truth is that our data is under constant attack these days. Passwords can be cracked or stolen using methods such as phishing, keylogging and brute force attacks. For many users, this means: stolen bank details and identities or fake, often embarrassing social media posts. For companies, data theft can be detrimental to their business, as spammers, fraudsters and hackers are a surefire way of driving customers into competition.

Most of us would struggle to find someone whose accounts have never been cracked. A prominent example is the hacked official Twitter account of the news and press agency Associated Press. From this account, tweets were sent in 2013 that the White House had been attacked and the President was injured. Quite a drastic example, but it illustrates why so many companies are concerned about protecting their data. And why they rely on two-factor authentication to check user identities easily, quickly and cost-effectively and to reduce the risk of fraud.

Two-factor authentication via SMS

Almost everyone on earth is now able to receive an SMS - around five billion people have a mobile phone, half of which are smartphones. Due to the widespread use of mobile phones, many Internet giants are using SMS as a tool for 2FA. Some users open a letter, some open an e-mail - but nothing comes close to the 95 percent read rate of SMS messages.

However, implementing two-factor authentication via SMS on a global level can be extremely complicated: every country has different regulations and restrictions - this makes it difficult for companies of all sizes, the know-how and the complex network of relationships with network operators to handle, which are necessary for the implementation of an efficient solution. For example, customers in India can only receive certain types of SMS (A2P-SMS) between 9 a.m. and 9 p.m. If you are not aware of this limitation, your messages will be rejected, which can negatively affect acquisition and customer loyalty.