Online marketplaces such as Mercari and Carousell, online dating apps like Tinder, and “sharing economy” giants like Uber all have one thing in common: they use phone number verification. More and more companies are realizing the value of phone verification when customers perform important actions such as signing up, changing their password, or making a large purchase.
What is Two-Factor Authentication (2FA)?
Traditionally, users have protected their accounts and personal data with a single layer of security, such as a password. However, this comes with a serious drawback: anyone can use the password if it falls into the wrong hands.
As massive data breaches continue to expose millions of people’s login credentials for online services, companies and users are both realizing that their information is no longer secure using only single-factor authentication.
Two-factor authentication (2FA) requires users to present two different ways of verifying their identity. Perhaps the most common form of 2FA is phone verification. Upon entering their password, users must also enter a code that is sent to their mobile device via a text message or phone call.
Why Do Companies Implement 2FA Phone Verification?
According to a study by the Ponemon Institute, 82 percent of companies report having problems with “bad actors” in their user base, creating issues such as fraud, spam, fake reviews, and theft of confidential information. What’s more, they estimate that 10 percent of all user accounts don’t belong to a real person.
(Perhaps this isn’t surprising when 72 percent of companies say that it’s “difficult” or “very difficult” to stop these bad actors from creating multiple fake accounts.)
For companies whose primary revenue model is to monetize their user base, the effects of fake and malicious users may be severe. Facebook, for example, has admitted that at least 12 percent of its active accounts are fakes or duplicates. CEO Mark Zuckerberg has announced that the company will spend more time rooting out these bad actors, which he hopes will “significantly impact our profitability going forward.”
Armed with fake accounts, scammers have exploited the vulnerability of online platforms to make massive profits. A Spotify user in Bulgaria, for example, allegedly used more than 1,000 accounts to artificially promote low-quality playlists, taking more than $1 million from the Spotify royalty pool for artists.
Similarly, Amazon’s Kindle store has been the victim of multiple scams to inflate the rankings of low-quality e-books, including one effort that used more than 80,000 fake accounts. Because Amazon doesn’t verify new users’ email addresses, creating these accounts would have been trivially easy.
More recently, bad actors have not only threatened to erode the trust of the company the burrow in, but their transgressions can extend beyond, as in the case of #borderfreecoffee prank conceived by bad actors lurking in Twitter, who spread fake news about Starbucks Coffee offering free coffee to all illegal immigrants, causing distress to both the immigrants, and Starbucks Coffee.
Given the fact that fake accounts and bad actors are an endemic problem for businesses online, phone verification can go a long way in retaining a real, satisfied, engaged customer base.
Why You Need 2FA Phone Verification
Adding phone verification to your business not only helps you cut down on fake accounts and make transactions more secure, it also gives real users more peace of mind. 80 percent of consumers say that they’re worried about their security online, and 45 percent say that they’re “extremely concerned” or “very concerned” about their accounts being hacked.
In an increasingly mobile world, phone verification makes sense as the method of choice for businesses to implement 2FA. 99 percent of text messages are opened by the receiver, and 95 percent of them are read within 3 minutes. Phone verification 2FA is unique since it is the only 2FA that can verify a user’s identity as well as her contactability in a single swoop.
What’s more, phone verification should be implemented as soon as possible within the business lifecycle. The more fake accounts are created, the easier it will be for bad behavior to spread and for other fake accounts to multiply. Twitter has already declared war against fake users by launching a massive initiative to regain back trust from its user base, as well as to protect its business.