Apple engineers want to make two-factor authentication easier

On many secure websites, users often come across one-time passcode (OTP). A security system that sends a message of unique code to the user's device (usually on a smartphone), which they use on the website to verify themselves.

While it's a secure way, many users find it a bit frustrating and hard to implement as they have to check the mobile to receive the message or sometimes the code is too long to write down in the given minutes.

To tackle this issue, engineers at Apple have come up with a new approach to make the entire process work smoothly.

The plan is to add URL in the OTP message which can be easily performed by adding the login URL.

The other part of the design is to change the method of verification of OTP and two-factor authentication (2FA) in a way that mobile applications and browsers can automatically register the Unique code from the message without any external interference.

If the auto-complete function shows a different result, it would mean that the website user wants to visit isn't the same as the actual URL. If there is a mismatch, a message that instructs to stop would pop up.


Automating the verification process can help reduce the cases of people getting scammed on phishing websites.

The proposal already has the support of Google engineers, and a similar feature (i.e to extract OTP code from SMS) is already has been added to updated iOS version.

Apple Proposed a method for one of Your Biggest Security Problems
Photo: Motortion / Getty Images

Read next: The Latest In Physical Data Theft Threats (infographic)

No comments:

Post a Comment