Apple wants to standardize two-factor authentication messages; Google is backing it

2comments
Apple wants to standardize two-factor authentication messages; Google is backing it
Apple typically keeps collaborations with rivals to a minimum. But today some of the company’s engineers have proposed an idea that could improve security and prevent phishing scams, and Google is on board.

Apple and Google want to minimize phishing scams


Engineers of Apple Webkit, a core component of the Safari browser, have suggested companies work towards a standardized format for two-factor authentication SMS messages that contain one-time passcodes to prevent users from falling victim to phishing scams.

The proposal, which is now backed by Google engineers working on Chromium, would introduce new SMS messages that are associated with specific URLs. In other words, the messages would contain the associated login URL inside. 

The format of these messages would then be standardized, which would allow mobile browsers including Safari and Chrome to automatically recognize the associated URL and complete the login process without further input from the user.

By ensuring codes work only on the intended websites, the possibility that users could fall victim to scams by inputting their code on a phishing site is also minimized.

The new message format is represented below. The top line is designed for human users, whereas the bottom is intended for compatible browsers.

747723 is your WEBSITE authentication code. 
@website.com #747723

Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Build your personal phone library
Register For Free

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless