Back

SMS-based two-factor authentication not as reliable as many think – Report

SMS-based two-factor authentication not as reliable as many think – Report

A Bloomberg and Lighthouse Reports investigation reveals that SMS-based two-factor authentication (2FA) is less secure than assumed. Companies outsource the generation and delivery of 2FA codes via SMS to third parties, exposing users to potential unauthorized access. A whistleblower provided data showing Fink Telecom Services, with a history of government surveillance ties, accessed 1 million 2FA messages in June 2023 originating from tech giants like Google, Meta, and Amazon. While some companies denied direct ties with Fink, Google acknowledged SMS 2FA's security flaws. In Nigeria, banks and social media use third-party SMS providers, raising concerns despite laws against misuse. SIM-swap scams further compromise SMS security, allowing fraudsters to intercept 2FA codes. Experts recommend using more secure alternatives like biometric verification or authenticator apps.

Sentiment: Positive ( 0.76 ) Bias: Neutral

Comments