Smart 2FA Overview

Understanding the smart 2FA Console and API

Getting Started with the Smart 2FA Console

Getting Started with the Smart 2FA API

Introduction

The CPaaS Smart 2FA application provides an intuitive out-of-the-box omni-channel smart 2FA solution.

What is 2FA?

2FA helps organizations protect their user accounts and verify the identity of online users. For example, companies like WhatsApp have built their empire of over 1 billion users on top of 2FA as a method for verifying user identity using SMS. Many other popular companies have followed the same method in their user sign-up process. These include Oracle Cloud, Expedia, SAP, Bank Of America, Amex, Uber, Microsoft, Apple, Airbnb, and many more.

Enhanced Security with 2FA

Nowadays, almost every popular application relies on 2FA as the best method to verify user identity when signing up or logging into an application online. According to a recent report by Google, NYU, and the University of California San Diego, receiving a secondary SMS code blocked 100 percent of automated attacks, 96 percent of bulk phishing attacks, and most direct, targeted attacks.

How 2FA Works?

User enters Enterprise application User visits an Enterprise website or mobile app and attempts to log into his account, authorize a transaction, or perform another action that requires two-factor authentication from a new device. Enterprise Application will have users profile including Mobile Number.

PIN code is sent to the user via SMS, phone call or email depending on API called From the Enterprise application, the developer will need to ask 2FA to send a verification code to the phone number by using the HTTP REST API Call.

Verification of 2FA Code Once a user receives 2FA code, they will try to authenticate by entering the same to Enterprise App. Enterprise application developers will need to pass the same 2FA Code also known as One Time Password (OTP) back to 2FA. 2FA will verify the code and provide appropriate responses.

Flexible, Dependable 2FA

The flexibility of using any channel (SMS, voice, email) makes sure your users get the OTP even when they experience issues with one of the channels. For example, if the user doesn’t get the OTP on their handset due to issues like “storage full,“ the Smart 2FA can send the OTP via email or via a voice call in hundreds of languages using a text-to-speech (TTS) engine.

Smart 2FA Advantages

  • Simple API: Simple APIs to Send OTP via various channels including SMS, voice, or email.

  • Control API: Control APIs like cancel existing OTP (while it is still active) to resend a new one. Or keep an old OTP active for a period of time while a new one is also sent. Many times there are network delays and users receive the first OTP after a delay while the system would have already generated a second OTP. In that case, allowing both the OTPs offers more options for users.

  • Rich API Set: Rich API set allows users to select any language for voice call via text-to-speech (TTS) with support for engines like VoiceRSS, Acapella, Amazon Poly, and Google Text-to-Speech.

  • Intuitive Console: Allows users to view usage reports by day, month, or year and search using filter criteria like country code, channel, delivery status, and more.

  • Safeguard Against Attack: Developers can leverage the limit feature of Smart 2FA to prevent inundating end users with OTPs. This feature also safeguards against attacks from malicious sources.