Usernames and passwords are no longer sufficient.
Traditional methods of relying solely on username and passwords to protect accounts simply cannot keep up with the evolving digital business landscape. Ensuring users are who they are is critical to prevent fraud and accounts being compromised. One of the most accurate ways to verifying a user is by interacting with them through a step up challenge response mechanism. However, challenging users too often introduces a negative online experience. Our SMS-based two factor authentication, provides a simple, secure and selective method for validating a variety of online and mobile transactions.
SMS-based two factor authentication is the industry’s preferred challenge response mechanism to validate an online user’s identity. In conjunction with ThreatMetrix Digital Identity Network, this identity-based approach leverages mobile phones and smartphones to satisfy two factor authentication requirement for something that the end user possesses.
ThreatMetrix provides the following key features for SMS two factor authentication:
- Identity-Based Two Factor Authentication All aspects of a person’s online devices and behavior can be placed into one unique Digital Identity – including email addresses, geo-locations, devices and both personal and business personas. A step-up challenge only needs to be presented when attributes or behavior deviates away from their normal Digital Identity based on business policies.
- Global SMS Reach – Ensure SMS-message delivery to mobile phone users in over 200 countries and territories in 87 languages.
- Long Message Support – Separates SMS message over 160 characters for the user’s mobile phone to reassemble the message back in the correct order as one SMS.
- Direct to Carrier Routes – Connects directly to thousands of worldwide carriers and employs a reliable method across multiple routes to help ensure the highest delivery and conversion rates.
- Smart Message Splitting – The solution prevents the breaking of critical pieces of information to ensure messages are delivered and viewed as intended. For example, information such as URLs and email are properly displayed when they are split within a long SMS message.
- Phone Number Cleansing – Phone number entered by end-user are properly formatted to ensure global delivery.
- Time-Based One-Time Passcode (TOTP – Verifies users in real-time by sending a one-time verification code via SMS that can be used to authenticate a known user or verify a transaction.
Two-Way Communications *
ThreatMetrix enables two-way SMS verification by sending an SMS with a one-time password that allows a user to reply via SMS with the code and approve or deny the request. This reduces user friction and operational cost for customers as the users can just use SMS for response and customers do not need to maintain a separate web-page to accept passcodes.
*Two-Way Communications feature is not available in all regions. Contact ThreatMetrix for specific details.
Mobile and Landline Phones
Enables global reach of users in more countries who do not wish to receive SMS-based messages and/ or have provided a number that is not equipped to receive them.
How It Works
ThreatMetrix Two Factor Authentication is enabled by ThreatMetrix Integration Hub. Integration hub seamlessly invokes any one time passcode (OTP) delivery platform so the verification can happen in context of the transaction’s risk assessment for any existing application, user experience or workflow. The following is an example a customer attempting to access an account: