Why Two-Factor Authentication?

Fortytwo’s solution to authenticate
your customers more securely, by
sending a veriﬁcation code to their
mobile phone.
Two-Factor
Authentication

Passwords aren't as secure as they used to be and if
someone gets a hold off a user’s password, they may
be able to compromise the account without any
difficulty. Even stronger passwords are at risk of
compromise.
Two-factor authentication
solves this problem
Two-factor authentication is one of the best ways to
protect against remote attacks such as phishing,
brute-force, credential exploitation and other attempts
to take over an account. Without the physical device,
remote attackers can’t pretend to be the account
holder in order to gain unauthorized access.
A password is now the
weakest link
76% of attacks on
corporate networks
involved weak or stolen
passwords.

Two-factor authentication provides a second layer of security to any type of
login by requiring extra information or a physical device for access, in addition
to the username and password.
The factors may include:
Something you know - a unique username and password
Something you have - a phone
Something you are – such as a biometric ﬁngerprint, voice print or retina scan
By choosing two different channels of authentication, you can better protect
your users’ logins from remote attacks.
Why two-factor authentication?

How it Works?
Password
Username
Submit
Verification Code
Login
Your
verification
code is:
424242
Your Website Fortytwo API User Mobile Phone
2. Send code via SMS
5. Validation Request
6. Valid/Invalid Response
Once the user's login details has been captured, an authentication request is sent to Fortytwo
through an API. Fortytwo will process the request and send a verification code to the user's mobile
phone by SMS. The user will need to enter the code on the login page to verify their credentials. A
validation request is then sent back to Fortytwo, which will return a valid or invalid response.
Fortytwo SMS Gateway
1. Authentication Request 3. SMS
4
WELCOME ACCESS DENIED
7

Verification code
The verification code sent to the user’s
mobile phone is a one-time code. The
code can either be numeric, alpha or
alphanumeric. As a client, you can also
choose the character length of the code
and if it’s case sensitive. As a default,
codes are 6 digits and numeric.
The code is only valid for 5 minutes for
each transaction request.
Pricing
You will only be charged for the SMS sent,
no additional charges apply for this
service.
1563
1.
2.
3.
4.
5.
API
The API supports the following
user-configurable parameters:
Customer/user phone number where SMS
should be sent
Verification code complexity and length
(e.g. numeric, 6-digit or alphanumeric
8-char uppercase)
Callback URL to receive delivery reports, if
required
Configurable Sender ID per request
Transaction ID per authentication session

Why work with Fortytwo?
Born in Sweden but headquartered in Malta, since 2001 we are backed by a multicultural
team of messaging professionals, a robust technical team and a customer service team,
available 24/7. We’re proud to be GSMA certiﬁed, accredited by the Swedish Post and
Telecom Authority and part of the Fortytwo Group.
Our specialised team has develop
our own SMS Center based around
our carrier grade proprietary
telecommunication system.
A2P SMS 1,000+ Networks 24/7
We deliver messages to over 1,000
GSM network operators
worldwide and are connected to
most major carriers.
A robust technical team and 24/7
customer service team with
multilingual agents.

sales@fortytwo.com
www.fortytwo.com
Contact us and discuss the
solutions that best ﬁt your business.

Why Two-Factor Authentication?

More Related Content

What's hot

Similar to Why Two-Factor Authentication?

Recently uploaded

Why Two-Factor Authentication?