Your mobile phone number is almost as good as your fingerprint: very unique to you, and as a second factor authentication device via text message, acts as access control through which to access certain web sites.
SMS two factor authentication as it’s know is the sending of unique one time pass codes that turns your mobile phone into a recipient of a onetime password or “OTP”. Generally there's no software to install and it’s just a matter of registering your device with the website. OTPs are sent to smartphones upon entering your username, than a password or after you click a button on the site requesting the SMS OTP.
A fraudster trying to infiltrate your account would need not only your password and user name, but would also need to physically have your phone. This is a great layer of security. SMS two factor authentication can be used with site like Facebook, Twitter, your bank, Gmail, Paypal and others.
Web sites link your mobile number with your account for your protection. So next time an online company wants to send you a “code” via your smartphone, don’t get annoyed; feel secure instead, because that’s how the company knows you are you. In fact, companies will likely brand you as a highly suspicious user if you refuse to include your mobile device’s number as part of your registration.
Keep your guard up because fraudsters won’t be stopped from trying to succeed at their plans, however, and they know that the smartphone poses unique vulnerabilities to the user. For instance, people are more likely to click on a malicious e-mail link because the phone’s small screen makes it harder to detect suspicious web site addresses. Criminals are forever trying to get passwords and hack into accounts and wreak havoc. As technology continues to evolve in favor of the honest user, so does the technology of crime.
Your role is to always try to stay one step ahead of the criminals. There are ways you can protect yourself and never let crooks get ahead of you:
- Never use the same password for more than one account or web site, even though it’s more convenient to have one password for multiple sites. Every app and web site should have a unique password.
- Every access point you encounter should be safeguarded with a WiFi VPN service such as Hotspot Shield VPN that encrypts your wireless internet and surfing activities. This way, when you peruse cyberspace at hotels, airports and coffee houses, all of your activities are protected from hijackers.
- Ignore password request e-mails or security alerts, especially on your smartphone, as they are almost always fraudulent.
- Do you know if your phone (or iPad) is uploading your private data to cyberspace? Find out by installing an app security scanner.
- Never use third-party apps on your device (or “jailbreak” it). Never let your kids use your phone, either.
- Your device should be kept up to date with the latest operating system. System updates usually include security enhancements.
- When installing Android apps, read their security notices. Understand how your sensitive data will be exposed with these apps—before you hit “Okay.”
Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.
Follow Robert Siciliano on Twitter: www.twitter.com/RobertSiciliano