zeeshan khan
It’s well known that it’s not the best idea to utilize text messages sent via SMS for safety codes that are used to verify your identity. In the past few years, code-generating applications as well as app-less methods of two-factor authentication have grown more commonplace, just as the IT sector is gradually shifting login credentials that utilize a more safe biometrics method for authentication. However, it is difficult to dispute the long-standing claim that SMS is preferable to no verification at all. I can now exclusively disclose that Gmail is finally considering doing away with SMS codes for authentication after having a confidential discussion with Google officials. This is all the information you require.
Authentication won’t be via SMS messages, says Gmail spokesperson
“Similarly to the way you want to go past credentials using things like passwords, we want to move away from using SMS texts for authentication,” Gmail spokesperson Ross Richendrfer informed me. This sparked an email exchange with Google that disclosed this, for the very first time, QR codes will be used in place of text message codes as authentication in order to “Reduce the effect of prevalent, worldwide SMS exploitation.”
At the moment, Google mostly employs SMS verification for two reasons: safety and misuse prevention. While the latter makes sure scammers don’t misuse Google’s services, the earlier is to confirm “that we’re working with the exact same person as before,” Richendrfer clarified. Google highlighted the creation of numerous Gmail addresses by criminals to spread viruses and trash as an illustration of this.
Read More: Google Launches ‘Career Dreamer’ to Empower Job Seekers
Gmail Is Eliminating SMS Codes
Richendrfer and his Google colleagues Kimberly Samra say that SMS codes pose several security issues. They are dependent on the customer’s carrier’s safety measures, are susceptible to phishing, and are not always accessible on the gadget to which the codes are received. “Every security value of SMS falls away if an attacker is able to deceive an operator into obtaining hold of an individual’s cell number,” Richendrfer stated.
Additionally, SMS verification numbers are frequently at the core of a lot of criminal activity. What Google calls “the traffic pumping” is a fairly recent fraud that the company has noticed in recent years. Although the technique is usually identical, I’ve also seen this referred to as toll theft and fake traffic exaggeration. “It’s when scammers try to get providers of online services to send a great deal of text messages to phones they control because they are compensated each time one of these communications is delivered,” Richendrfer and Samra will explain.
SMS to QR codes for Gmail Authentication
“We will be redesigning the way we validate telephone numbers during the next few weeks,” Richendrfer informed me. “Particularly, you are going to see a QR code that you must photograph with the camera on your smartphone app, rather than inputting your phone number to get a 6-digit code.”
As a lot of my writings will attest, I am not the biggest lover of QR codes, but for Google and Gmail users, this is still a significant safety event.
Google claims that there are two advantages to using QR codes for authentication:
- Decreasing the possibility that Gmail users may be duped into giving an attacker their security codes through phishing. First and foremost and this is pretty obvious because there isn’t an encryption algorithm for sharing in the first place.
- Eliminating Google users’ reliance on their mobile provider for anti-abuse safeguards, preferably in the majority of circumstances.Â
