Secure your platform with single-use codes and 2FA

Move from static passwords to single-use codes

Do you use the same password for multiple accounts? If you do, you may be at higher risk of being compromised by eavesdropping, brute-force attacks, or phishing attempts. To illustrate, a fraudster needs only to have access to one password to access your email, clean out your bank accounts, steal your personal information, and wreak all sorts of havoc in your life.

Here’s the truth: static passwords are fraught with vulnerabilities. This is why one-time passwords (OTPs) are so important as an additional layer of security. OTPs are uniquely generated and sent to a user via SMS, voice, or messaging apps such as WhatsApp, Viber, or Zalo, and can be used to replace or enhance static passwords.

Because OTPs are time-sensitive, and valid only once, even if a fraudster were able to obtain one somehow, they would not be able to exploit it once the validity had expired or the genuine customer had already used it.

OTPs are a crucial part of two-factor authentication (2FA) or multi-factor authentication (MFA). 2FA has become the minimum standard for authentication and fraud prevention, and has been proven by Google to block 100% of automated bot attacks and 99% of bulk phishing attempts.

And while OTPs and 2FA can be sent via SMS or messaging apps, voice messaging is also a good way to send voice codes that leave no paper trail to exploit. It also provides an inclusive way for businesses to serve customers with visual impairments or disabilities.

Learn more about 8x8 Verification API

Protect multiple stages of your user journey

Beyond just the sign-in stage, it’s important (and a best practice) to secure other key points in the user journey that can be high risk. These include:

Account recovery requests
Password resets
Transactions such as payments or deposits
Requests to change or disable security features
Requests to change or access sensitive data

Adding an extra layer of security for such requests can help both users and businesses protect personal data, prevent fraud, and save on hefty recovery costs.

Find out more about securing your customers at different stages of the user journey