Mumbai: RBI has asked regulated entities like banks to consider alternatives to SMS-based one-time passwords for the second factor. certification, While options exist, a mobile phone is central to all of them.
Bankers say OTPs are susceptible to ‘social engineering’ Fraud Where someone extracts the password from the customer or obtains it through SIM swap.
Most common Option To otp There is an authenticator app that requires the user to obtain the password from another application on the phone. Service providers have also developed other options such as tokens within mobile apps. Although this establishes the origin of the message, it still requires a phone.
Route Mobile, which provides a communications platform as a service, sends approximately four billion OTPs every month on behalf of various service providers. Rajdeepkumar Gupta, MD and CEO of Route Mobile, said, “The increase in digital adoption also increases the potential for digital fraud. We are seeing a gap between emerging markets, which are seeing high growth without any discussion on rising frauds. Are.” He said rising fraud has prompted the company to launch a TruSense division under Root Mobile UK to prevent identity theft.
TruSense has introduced OTP-less authentication, where the service provider will have a direct data connection with the user’s device, identify the number, and the user has to exchange a token with the device without entering an OTP. According to David Wigger, executive VP in charge of digital identity, biometrics are not a good standalone authentication option because advances in AI have brought a new risk of deepfakes by bypassing facial recognition.
“For the Indian market, the mobile phone is the best identifier as the customer must verify his identity before receiving a connection. Emails are not as good as it is easy to generate fake email identities. Also, no one can generate emails without KYC. “Can,” Wigger said.
Bankers say OTPs are susceptible to ‘social engineering’ Fraud Where someone extracts the password from the customer or obtains it through SIM swap.
Most common Option To otp There is an authenticator app that requires the user to obtain the password from another application on the phone. Service providers have also developed other options such as tokens within mobile apps. Although this establishes the origin of the message, it still requires a phone.
Route Mobile, which provides a communications platform as a service, sends approximately four billion OTPs every month on behalf of various service providers. Rajdeepkumar Gupta, MD and CEO of Route Mobile, said, “The increase in digital adoption also increases the potential for digital fraud. We are seeing a gap between emerging markets, which are seeing high growth without any discussion on rising frauds. Are.” He said rising fraud has prompted the company to launch a TruSense division under Root Mobile UK to prevent identity theft.
TruSense has introduced OTP-less authentication, where the service provider will have a direct data connection with the user’s device, identify the number, and the user has to exchange a token with the device without entering an OTP. According to David Wigger, executive VP in charge of digital identity, biometrics are not a good standalone authentication option because advances in AI have brought a new risk of deepfakes by bypassing facial recognition.
“For the Indian market, the mobile phone is the best identifier as the customer must verify his identity before receiving a connection. Emails are not as good as it is easy to generate fake email identities. Also, no one can generate emails without KYC. “Can,” Wigger said.
