In this article, we’ll explain what is a bot for two-factor authentication and how 2FA chatbots (two-factor authentication with messaging service chatbots) work. We’ll look at the pros and cons of this one-time password delivery method and figure out which is best: 2FA bots or SMS authentication. Table of contents: How did the Protectimus Bot token come to be?How does two-factor authentication with chatbots work?2FA Chatbots: the pros and consSMS authentication: pros and consIn summary: 3 reasons to stop using SMS authentication and start using 2FA chatbots How did the Protectimus Bot token come to be? One of our clients (a payment system with 2,000,000 active users) was spending about $30,000 per month on SMS delivery. They were using SMS to send out one-time passwords and system notifications (withdrawals and deposit notifications, informational messages, etc.).  This client gave us the task of developing a one-time password delivery method that would be just as convenient for end-users as SMS authentication, but more secure and less expensive.  The solution we came up with while looking for SMS two-factor authentication alternatives is using 2FA chatbots on messaging services. Additionally, the Protectimus 2FA chatbots can be used to deliver both one-time passwords and notifications of any kind. Now, our client is saving about $20,000 per month that they used to spend on SMS messages. 2FA chatbots in instant messaging apps solve the majority of problems associated with SMS authentication: first, it’s more secure; second, it’s FREE! What’s more, chatbots are virtually just as easy to use as SMS. Learn more about Protectimus Bot How does two-factor authentication with chatbots work? Currently, the ProtectimusBot chatbot is available on three messaging services: Facebook MessengerTelegramViber Practically every smartphone user already has at least one of these free messaging apps installed. When a user enables two-factor authentication via Messenger, Telegram or Viber they: Choose one of the messaging services listed and find the ProtectimusBot on it.Request their unique ID using the /getid command.Input the ID they receive into the system they wish to protect.Then, the Protectimus two-factor authentication service will create a token and send it to the user via the 2FA chatbot.The user confirms that they received the one-time password by inputting it into the appropriate field. This also completes the token issuing process. After that, all one-time passwords and messages from the service will be sent through the 2FA chatbot. Two-factor authentication using chatbots in messaging apps for Android and iOS is free for both our clients and their end-users. You’ll find an example of how the Protectimus Bot token is issued in the video below. Let’s look into the technical side. The chatbot-based software OTP token supports all two-factor authentication algorithms: HOTP, TOTP, and OCRA. Because of this, the ProtectimusBot 2FA chatbots also support CWYS (Confirm What You See) data signing functionality. Data signing involves generating a one-time password based on data from the operation the user is performing; for example, transaction data can be used: the amount, currency, recipient, time, etc. This feature is indispensable for payment systems and banks. It’s impossible to use the one-time password, generated on the basis of such unique data, to sign an illicit transaction, even if an attacker intercepts the OTP. Currently, only four Protectimus tokens support CWYS functionality: the 2FA app Protectimus Smart, as well as Protectimus Mail, Protectimus SMS, and the 2FA chatbots. | Read also: The Pros and Cons of Different Two-Factor Authentication Types and Methods 2FA chatbots vs. SMS authentication  2FA chatbots: the pros and cons Pros Chatbots for two-factor authentication are available at no cost to both clients and their end-users.The Protectimus Bot 2FA chatbot allows you to deliver both one-time passwords...