Upload
fortytwo
View
256
Download
0
Embed Size (px)
Citation preview
Fortytwo’s solution to authenticate your customers more securely, by sending a verification code to their mobile phone.
Two-Factor Authentication
Passwords aren't as secure as they used to be and if someone gets a hold o� a user’s password, they may be able to compromise the account without any di�culty. Even stronger passwords are at risk of compromise.
Two-factor authentication solves this problemTwo-factor authentication is one of the best ways to protect against remote attacks such as phishing, brute-force, credential exploitation and other attempts to take over an account. Without the physical device, remote attackers can’t pretend to be the account holder in order to gain unauthorized access.
A password is now the weakest link
76% of attacks on corporate networks involved weak or stolen passwords.
Two-factor authentication provides a second layer of security to any type of login by requiring extra information or a physical device for access, in addition to the username and password.
The factors may include:
Something you know - a unique username and password
Something you have - a phone
Something you are – such as a biometric fingerprint, voice print or retina scan
By choosing two di�erent channels of authentication, you can better protect your users’ logins from remote attacks.
Why two-factor authentication?
How it Works?
Password
Username
Submit
Verification Code
Login
Your verification code is: 424242
Your Website Fortytwo API User Mobile Phone
2. Send code via SMS
5. Validation Request
6. Valid/Invalid Response
Once the user's login details has been captured, an authentication request is sent to Fortytwo through an API. Fortytwo will process the request and send a verification code to the user's mobile phone by SMS. The user will need to enter the code on the login page to verify their credentials. A
validation request is then sent back to Fortytwo, which will return a valid or invalid response.
Fortytwo SMS Gateway
1. Authentication Request 3. SMS
4
WELCOME ACCESS DENIED
7
Verification codeThe verification code sent to the user’s mobile phone is a one-time code. The code can either be numeric, alpha or alphanumeric. As a client, you can also choose the character length of the code and if it’s case sensitive. As a default, codes are 6 digits and numeric.
The code is only valid for 5 minutes for each transaction request.
PricingYou will only be charged for the SMS sent, no additional charges apply for this service.
1563
1.
2.
3.
4.
5.
APIThe API supports the following user-configurable parameters:
Customer/user phone number where SMS should be sent
Verification code complexity and length (e.g. numeric, 6-digit or alphanumeric 8-char uppercase)
Callback URL to receive delivery reports, if required
Configurable Sender ID per request
Transaction ID per authentication session
Why work with Fortytwo?Born in Sweden but headquartered in Malta, since 2001 we are backed by a multicultural team of messaging professionals, a robust technical team and a customer service team, available 24/7. We’re proud to be GSMA certified, accredited by the Swedish Post and Telecom Authority and part of the Fortytwo Group.
Our specialised team has develop our own SMS Center based around our carrier grade proprietary telecommunication system.
A2P SMS 1,000+ Networks 24/7We deliver messages to over 1,000 GSM network operators worldwide and are connected to most major carriers.
A robust technical team and 24/7 customer service team with multilingual agents.
Contact us and discuss the solutions that best fit your business.