In my previous article, we talked about SMS based 2FAs and how this method is not a safe method to authenticate. Universal 2nd Factor, also abbreviated to U2F, the safest method to date provides good protection against phishing attacks, because the URL is also checked during the login process.
This topic of concern has been in debate for quite some time now. SMS isn’t a secure way to use 2FA. It has two key vulnerabilities. Firstly, the technology is susceptible to SIM Swap attacks.
Secondly, hackers can intercept SMS messages by intercepting the Signaling System No. 7 (SS7) phone routing system. The methodology was designed back in 1975 but is still used almost globally to connect and disconnect calls. It also handles number translations, prepaid billing, and crucially, SMS messages.
The other common way to use 2FA codes is to install a dedicated smartphone app. There are lots to choose from. But how secure are specialist 2FA apps? Their biggest weakness is their reliance on a secret key.
You can read up to 3 premium stories before you subscribe to Magzter GOLD
Log in, if you are already a subscriber
Get unlimited access to thousands of curated premium stories, newspapers and 5,000+ magazines
READ THE ENTIRE ISSUE