• Cloud
  • Data
  • Security
  • Marketing
  • Finance
  • Entrepreneur
  • IT Life
  • Jobs
  • United Kingdom
    • Germany
    • Spain
    • France
    • Portugal
    • Latin America
    • Brasil
    • INTERNATIONAL
Silicon UK TECHNOLOGY POWERING BUSINESS
  • Podcast
  • Audio News
  • Whitepapers
  • Workspace
  • Silicon Reviews
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • RSS
  • Cloud
  • Data
  • Security
  • Marketing
  • Finance
  • Entrepreneur
  • IT Life
  • Jobs
  • United Kingdom
    • Germany
    • Spain
    • France
    • Portugal
    • Latin America
    • Brasil
    • INTERNATIONAL

All Tech News > category news Workspace

Facebook Introduces ‘Instant’ Two-Factor Authentication

Matthew Broersma, December 26, 2016, 9:30 am | Updated on 5 November 2019, 16:49

The ‘instant verification’ feature allows users to log into services using their phone number without having to receive a text message

Facebook has introduced a mobile login feature that allows users to take advantage of two-factor authentication without having to receive a text message.

The move is the latest effort by online services providers to find a balance between security and practicality at a time of increasingly frequent and large-scale data breaches.

SQL username password - Shutterstock: © hauhu

Instant verification

Facebook made the change to Account Kit, a developer kit that implements features for logging into services via phone number and email, and which works with Facebook’s main login system.

If the new “instant verification” feature is switched on, when a user enters their mobile phone number into an app from an Android device, the service checks to see if the number matches the verified phone number listed on the person’s Facebook profile.

This can only be done if the user is logged into the Facebook application on the same Android device, Facebook software developer Ethan Goldman-Kirst said in a blog post.

If there is a match, Facebook completes the verification without sending a one-time password via SMS.

“If there isn’t a successful match, a SMS will be sent with a verification code to complete the sign-in,” Goldman-Kirst wrote. “This feature is used only to improve the verification process in a secure way and no additional Facebook information is shared with the app.”

Security risk?

He said the feature is intended to “streamline the login process and rely less on SMS for those signing in with their phone number”. The company posted a video demonstrating how the feature works.

The change is intended to allow two-factor authentication to be used with less inconvenience to users, but one industry observer warned that the ease of use brings additional security risks with it.

An attacker could target someone’s mobile phone and abuse instant verification to log into multiple web accounts to collect their personal information, said security journalist David Bisson in a blog post.

An attacker who had gained access to a person’s Facebook account could change the saved mobile phone number, preventing the user from accessing accounts elsewhere, he said.

“To me, Instant Verification and Account Kit both feel a lot like reusing a single password across multiple accounts,” he wrote. “It’s convenient for sure, but it comes with a single point of compromise: a mobile phone and its corresponding contact number. If mobile users aren’t already dedicating enough attention to protecting their mobile devices or web accounts, is streamlining mobile logins using instant verification the best answer?”

Do you know all about security in 2016? Try our quiz!

Read also : UK Government, Tech Giants Agree To Tackle Online Fraud

Recommend this article:
0 0

NEWSLETTER

Subscribe to our best articles

Facebook
Twitter
Linkedin
X Brand Discovery

Brand Discovery offers Advertisers the opportunity to speak directly to our professional communities. It’s an ad format that blends in with the editorial content and overall page design giving non-intrusive, flowing advertising experience. Readers can easily identify their provenance with the “Brand Discovery” mention. For any further information, contact us at the following address: internationalsales@netmediaeurope.com

NEWSLETTER Subscribe to our best articles
The editors recommend
binance
Binance Sees $956m Funds Withdrawn, After CEO Pleads Guilty
Google Adds AI Chatbot Bard To Gmail, YouTube, Google Docs
Jon Payne is Director of Sales Engineering and Education at InterSystems.
Silicon UK In Focus Podcast: The State of MedTech
The Silicon In Focus Podcast reaches 100 episodes.
The Silicon UK In Focus Podcast is 100!
Sam Bankman-Fried. Image credit: FTX
FTX’s Sam Bankman-Fried Sued For More Than $1Bn
Image credit: European Commission
EU Agrees US Trans-Atlantic Data Sharing Deal
  • #Facebook
  • #login
  • #security
  • #two-factor authentication
Silicon UK

Follow us:

Facebook
Twitter
Linkedin
NEWSLETTER
About
Silicon UK is the leading source for IT news, analysis, features and interviews covering the technology that impacts your business. Keep up-to-date with the latest tech news and read in-depth features by subscribing to our newsletter and attending our events.
Our brands
  • NETMEDIA Group
  • NETMEDIA International
Legal Terms
  • Terms and Conditions
  • Privacy and Cookie Policy
Stay in touch
  • Advertise with us
  • Contact our Editorial team
  • Partnerships & WorldWide Program
NetMedia International :
  • Germany
  • France
  • Portugal
  • Spain
  • United Kingdom
  • WorldWide
↑
NetMedia International © Copyright 2023 All rights reserved. Part of NetMedia International. About NetMedia International