Apple Wants To Standardize SMS For One-Time Passcodes

While there are security dongles that allow users to generate one-time passcodes used in two-factor authentication, a more commonly-used method involves SMS. This is because not everyone might have a dongle, while there is a greater chance that the user might have their phone on them.

Advertising

However, the way OTP is handled varies from sender to sender, and it seems that Apple wants to standardize it moving forwards. In a proposal from Apple engineers working on WebKit, they have suggested that perhaps in the future, OTP SMS could be associated with a URL that could be included in the text message itself.

Secondly, by creating a standardized format, it would allow mobile apps to detect incoming SMS and recognize the URL, and in turn extract the OTP code from the SMS without users having to do anything on their end. This would create a much faster and efficient login process. It would also have the potential to help users avoid falling for scams by entering their OTP into a phishing website.

As it stands, iOS already has a feature that can extract OTPs from SMS and give users the option of auto-filling it in forms. However, depending on the format of the SMS, it doesn’t work all the time. Of course, whether or not this proposal will work and be adopted by others remains to be seen, but it sounds like a good idea.

Filed in Apple >General. Read more about and . Source: zdnet

Leave a Reply