The death of the SMS OTP

The National Institute of Standards recently issued a ruling on digital authentication that states SMS messaging as a second authentication factor should now be considered insecure. While sending an SMS for OTP is still better than having no additional authentication factors, the NIST ruling suggests that organizations wanting to raise the bar on their security standards consider more secure authentication methods.

You can read the rest of my white paper for Vasco (reg. req.) here.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s