Verify

Verify and validate customers globally using their phone number.

Velocity

Discover the network provider for every mobile number globally.

Authenticate

Protect customers, accounts, and transactions within your app.

Live

Discover if a mobile number is assigned to a subscriber.

Score

A real time phone number credibility score.

TeleShield™

Identify if a number has the propensity to be used for fraud.

Banks and Financial Services
E-Commerce
Insurance
Mobile Messaging
Gaming & Gambling
Communication and Service Providers
Identity & Verification Providers
eBooks
News
Developers
Viteza
FAQ
About us
Events
Careers
Contact us
Articles

2FA Has Been a Terrific Security Tool – But Increasingly There Are Alternatives Out There

Michael McDonagh

4 min read
  • 2FA has become universally popular as it’s cheap and effective
  • It has really enhanced digital security globally
  • But now there are alternatives that can be just as effective and even more user friendly
  • Verifying the device rather than the individual can allow more seamless onboarding

Imagine you are going to a big concert in London.

You booked the tickets weeks ago and assume that they’ll be on an attachment in your email inbox. But you’re running late and can’t get a signal to check while you’re rushing there on a train. Then, when you get off the train, you see you have ten WhatsApp messages from the friend you’re meant to be meeting, asking where you are and worried you’ll miss the beginning of the show.

You start walking briskly from the station to the venue while checking your phone. It’s dark and it’s raining. And your heart sinks as you realise that you haven’t got an email attachment at all. Instead, you need to upload an app and download your tickets onto it in order to get in.

Now here’s a ‘sliding doors’ scenario for you – alternative ways this scene plays out:

2FA can be fiddly when you’re on the move in testing circumstances

Version one: While rushing along the pavement, you go onto the App Store, search for the venue’s icon and install it. This goes ok. But then it wants you to create an account. And then it wants you to verify your details via two-factor authentication. But your phone’s screen is getting wet and less responsive. And just at the exact moment, the SMS appears on your screen with its six-digit number for you to verify – your phone rings. It’s your friend asking where the hell you are. And by the time you’ve placated him and gone back to your SMS inbox to retrieve the number, you’ve been timed out. You try to request another code but by now your phone is so wet nothing is working. You have to get under shelter and do it all again. You do miss the beginning of the show. Your friend is furious.

‘Sliding doors’ scenario illustrates how new seamless onboarding works

Version two: You are rushing down the street in the dark to the venue. You find the app relatively quickly and install it relatively easily. You manage to enter your email and phone details – and to your pleasant surprise both your and your friend’s tickets appear in your new account’s basket a second later. You meet your friend, apologise profusely for being late, get past the bouncers and are just coming back from the bar with drinks when the band comes on stage. A top night ensues. Your lateness is forgotten before the first song is over.

In both these scenarios, the ticketing company and/or venue have the same intention: they want to ensure that the person getting in is the same person who purchased the tickets. With so much scandal around reselling concert tickets and ramped-up tout prices, they are under enormous pressure to be careful on this. And then this particular show is licensed for over-18s only and they’ll want to know you’re an adult too.

2FA is popular because it’s so effective – but new alternatives are effective too

What’s intriguing about the way they go about trying to achieve this is that the second version – the one with the happy ending – is actually, if anything, more likely to provide a secure check against fraudulent access than the more fiddly first version.

Because two-factor authentication – or 2FA as it’s more commonly known in industry jargon – is no longer the only way to achieve the same goal.

Don’t get me wrong though – I don’t want to knock 2FA. I’m a long-time fan. It has made a huge difference in enhancing digital security and is accepted by users without complaint. It is and remains highly effective as well as cheap, instant and straightforward – as there is nothing for the customer to download or install – and can be delivered anywhere in the world super fast.

But we are getting to a place where alternatives can actually be both more secure and easier. They may even be cheaper too. And they can sometimes – as in the concert scenario I outlined above – be more convenient.

Verifying the device, not the user removes the need for any action

So how does this alternative to 2FA work?

Well, put very simply – rather than checking the user, we can now authenticate the device they are using instead. And the key to being able to do this is their SIM credentials.

Each mobile device has a SIM with a unique non-public-facing serial number – akin to the chassis number on an individual car. And it’s now possible to check in a fraction of a second that a customer logging on or signing up is doing so from a SIM that corresponds with the number that is registered against their profile.

And, because those Sim credentials are not visible to hackers, that means the process is potentially even more secure than 2FA, which can be breached by fraudsters if for example they can successfully carry out a hack like ‘Sim swap’ which allows them to receive those one-time pass codes.

Any boost to user convenience can help customer retention

Admittedly 2FAs are in the normal run of events hardly in any way an inconvenience – as in my extreme concert scenario – but in a competitive market, removing any barrier or delay to sign-up or platform access, however small, can be enough to retain customers and stop them going to another supplier.

So it is worth looking at alternatives to 2FA as you move forward.

If what’s coming is quicker, smoother and more secure – and costs you less too – then maybe it’s time to change.

Last updated on September 18, 2024

Contents

Related Articles

Two professionals in a business investment handshake, representing the acquisition of Phronesis Technologies Ltd by TMT Analysis.

TMT Analysis acquires Phronesis Technologies Ltd

Hand holding a smartphone emerging from a cutout against a green background with a caption about a phone fraud incident.

“Mum – I’ve been mugged and they’ve stolen my phone”

Person holding a question mark sign in front of their face, with text about a guide to online identity verification by fergal parkinson.

A Complete Guide to Online Identity Verification


What is Authenticate?

Mobile customer verification by Authenticate securely links the mobile device that you are communicating with to the number’s live status, reducing fraud and friction during login

Check It Out
What Our Customers Are Saying

"Phone number verification plays a critical role in helping to detect and prevent online fraud. TMT ID’s TeleShield product provides easy access to global mobile data, enabling us to enhance the actionable results of our MaxMind minFraud® services."

MaxMind

"BTS (Business Telecommunications Services) is successfully using TMT’s Velocity and Live services to check the status of mobile numbers. This way we make sure we optimize the performance of the service offered to our customers and ensure the quality of terminating traffic to all countries.”

Business Telecommunications Services

"Working with TMT’s TeleShield service has expanded our ability to detect fraud and minimise the risk to our business. TeleShield brings peace of mind and the opportunity to stop fraud before it affects our customers’ bottom line or the service."

Six Degrees Labs

"LATRO relies on TMT’s TeleShield to provide the most up to date and reliable numbering qualification information within our fraud reporting tools, enabling us to protect our customer’s revenues and empowering them to defend themselves against fraudulent numbers."

LATRO

"TMT is a valued partner that enables us to manage our routing costs effectively. They proactively and continuously expand their operator and country coverage while delivering exceptional customer service. We can always count on them to achieve high-quality results and look forward to our continued collaboration."

Global Message Service

"TMT provides us with the most comprehensive numbering intelligence data through their fast and reliable Velocity and Live services. TMT is a trusted partner for us, their products ensure that we continue to optimise the best performance and service to our customers."

Global Voice

"TeleShield from TMT gives 42com the power to detect and target telephony fraud scams internationally, thereby protecting our company from the financial and customer experience impacts of telecommunications fraud."

Alberto Grunstein - CEO

"It has been a pleasure to work with the team at TMT. They have become an essential provider of accurate numbering data information and Number Portability services globally."

Luisa Sanchez - VP of SMS and Messaging Solutions, Identidad Technologies

"Deutsche Telekom Global Carrier uses TMT ID as one of their key suppliers for Mobile Number Portability Data services. Deutsche Telekom Global Carrier uses TMT ID’s Velocity MNP solution. This is an ultra-fast query service that optimises the routing of international voice calls and A2P messaging."

Deutsche Telekom Global Carrier

Ready to get started?

We provide the most comprehensive device, network and mobile numbering data available

Contact us > Chat to an expert >