Mobile Authentication Pros and Cons

The popularity of mobile devices increases every day. Smartphones, tablet computers, smart watches – today these lightweight portable ‘mini-computers’ are sold better than traditional desktops and laptops.

This trend is set by the rhythm of modern life, full of flights and journeys – often on the other end of the world. Today, a lot of people don’t work in the traditional offices. They can work remotely in comfortable conditions – either at home or during the journey. A small, lightweight mobile device is convenient to be kept within reach of the hand.

In this situation, there is an urgent need in reliable authentication methods to access personal and especially work-related accounts. Thus, the significance of mobile authentication cannot be overestimated.

It is worth noting that the mobile authentication can denote two different things:

  1. User authentication as the owner of the smartphone or tablet.
  2. User authentication in any service that supports two-factor authentication (2FA), using the smartphone as a token – mobile authenticator.

Let us consider the second option in more detail as the more versatile and interesting one.

One-time password token Protectimus SMART for mobile authenticationOTP token Protectimus SMART for mobile authenticationProtectimus SMART OTP token for mobile authentication

Two-factor authentication process generally consists of two stages. At first, you enter a common reusable password assigned to you on a particular website. And the system checks the entered combination of symbols with the one stored in its database.

If the first check is successful, there is the second step of user authentication, which finally confirms the right to enter the account. Usually, the system requires the OTP password (one-time password), which can be delivered to the user in different ways.

And it is this very stage, the second stage of 2-factor authentication, the mobile gadgets can provide invaluable help.

Mobile authentication in 2FA

1. Getting one-time password by SMS.

When logging into a computer or laptop, the user enters the OTP passwords sent in SMS to confirm his identity. SMS authentication is considered very comfortable because the user doesn’t have to do anything to get the password. There is no need to go to the bank or post office for additional user authentication – hardware token. There is even no need to install any special software: the SMS function is originally installed on every phone. The user shouldn’t have anything else but a cell phone, a thing that almost everyone has today.

But as you know, every coin has two sides – and this authentication method is not an exception. The fact is that mobile communication channels are protected rather weakly and theoretically fraudsters can connect and intercept the OTP password. Besides, the signal quality may be low. This means SMS can  be received too late, and the one-time password, valid only for a short time, becomes of no use.

2. The smartphone as a one-time password generator.

There are more modern and reliable ways to get the OTP password. For example, a special program that generates one-time passwords may be installed on the smartphone. This turns the device into a full OTP token or mobile authentication. Developers have created several applications of this type, suitable for a variety of mobile operating systems. Protectimus also has one – it is called Protectimus Smart. It can be installed free on Android and iOS smartphones, as well as on the smart watches Android Wear. The software token has a fairly wide range of settings. You can select the length of the generated OTP password or the algorithm of its generation. Besides, it supports the data signature function CWYS (Confirm What You See).

However, the mobile authentication can also have a weak point – imperfect data protection of its mobile operating systems. Moreover, if earlier iOS was considered almost invulnerable to viruses and hacking, today the hackers have reached even the Steve Jobs’ brainchild: experts confirmed the presence of loopholes in iOS protection. As for Android, its vulnerabilities became known long ago.

Despite some shortcomings, the mobile authentication is convenient for users – primarily because it does not require any additional devices for authentication. It must be acknowledged that the numerous advantages of mobile authentication method offset its shortcomings.

Author: Denis Shokotko

Once upon a time, in a small town there lived a boy named little Denis. As years went by and the boy grew up, his interest in everything new and unknown grew, too. Denis was particularly interested in information technologies. And, his feelings were reciprocated. His new hobby was so fascinating that he decided to devote the rest of his life to it. Soon after that, he developed his first software program, then another one and another one, and more... In software development, no one could compare to him. His talent could not but be noticed and appreciated. Before long, he is among the originators of a new innovative project. And now, Protectimus in Denis’ life is like a mistress that would not share him with another or put up with any unfaithfulness :)

Share This Post On

2 Comments

  1. Greate post. Keep posting such kind of information on your blog. I’m really impressed by your site. Hey there, You’ve done an incredible job. I’ll certainly dig it and individually recommend to my friends.I’m confident they’ll be benefited from this site.

    Post a Reply
  2. Admiгing the dedication you put into your site and detailed information you prеsent. It’s great to come across a blog every oncе in a whіle that isn’t the same old reɦashed mateгiaⅼ.
    Excellent read! I’ve savеd your site and I’m adding your RSS feeds to my Google account.

    Post a Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from Protectimus blog.

You have successfully subscribed!

Share This