Google backs Apple's SMS OTP standard proposal

SMS OTP 2FA

Google is now backing a standard proposed by Apple engineers in January to create a default format for one-time passcodes (OTP) sent via SMS to users during the two-factor authentication (2FA) process.

The standard, proposed by Apple engineers working on the Safari WebKit project, has now reached the status of official Web Platform Incubator Community Group (WICG) specification draft.

The proposal aims to fix some issues with the current state of SMS 2FA/OTP codes, all of which have different formats, unique per the websites sending the codes.

In January, Apple engineers came up with the idea to structure these messages and have the same identical format for all SMS 2FA operations going forward.

The primary contribution that the new standard makes is to mandate that all SMS OTP messages contain the URL of the website that has the code.

According to the new proposal, the new SMS format for OTP codes would look like below:

747723 is your WEBSITE authentication code.
@website.com #747723

The first line is intended for human users, allowing them to determine from what website the SMS OTP code came from.

The second line is for mobile apps and browsers, which will be able to extract the OTP code and finish the 2FA operation. If there’s a mismatch and the auto-complete operation fails, then the user will be prompted to review the SMS and enter the code by hand.

Experts believe that mismatching errors will most likely take place during attacks with modern phishing kits that can bypass 2FA codes.

“This proposal attempts to reduce some of the risks associated with SMS delivery of one-time codes,” Apple and Google engineers wrote in a revised explainer.

“It does not attempt to reduce or solve all of them. For instance, it doesn’t solve the SMS delivery hijacking risk, but it does attempt to reduce the phishing risk.”

However, despite the palpable security benefits, for the time being, Mozilla has not expressed any public interest towards supporting the new standard. Standard proposals have gotten stuck at the WICG before; however, Apple’s proposal has received overwhelmingly positive reviews since it was put forward in January.

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

For a Hedge Against Inflation - Click the Rocket!

E-Crypto News Executive Interviews

Blockchain/Cryptocurrency Questions and Answers

Stressed about crypto
The Worst Places in the World to Buy and Hold Crypto
January 27, 2023
What Are Crypto Index Funds?
What Are Crypto Index Funds?
January 19, 2023
money
Can You Make Money Anymore With Crypto in 2023?
January 13, 2023
What Is Stagflation And How Does It Affect The Crypto Markets?
What Is Stagflation And How Does It Affect The Crypto Markets?
January 12, 2023
passive crypto
How To Minimize Risks When Investing in Crypto
December 28, 2022

Automated trading with HaasBot Crypto Trading Bots


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin23,000 0.32 % 0.03 % 1.30 %
Ethereum1,595.7 0.18 % 0.90 % 3.95 %
Tether0.9993 0.06 % 0.17 % 0.14 %
USD Coin1.000 0.44 % 0.25 % 0.18 %
BNB283.64 0.09 % 0.32 % 2.79 %
XRP0.4687 0.46 % 4.02 % 4.38 %
Binance USD1.000 0.15 % 0.14 % 0.18 %
Cardano0.3907 0.75 % 3.31 % 7.45 %
Dogecoin0.09069 1.09 % 5.74 % 4.88 %
Polygon1.140 0.26 % 3.59 % 11.54 %

bitcoin
Bitcoin (BTC) $ 23,044.17
ethereum
Ethereum (ETH) $ 1,596.98
tether
Tether (USDT) $ 1.00
usd-coin
USD Coin (USDC) $ 1.00
bnb
BNB (BNB) $ 310.23
xrp
XRP (XRP) $ 0.413681
binance-usd
Binance USD (BUSD) $ 1.00
cardano
Cardano (ADA) $ 0.39176
dogecoin
Dogecoin (DOGE) $ 0.090753
matic-network
Polygon (MATIC) $ 1.14