- On 23 October 2020
Whether you need to authenticate your users for the first time when they sign up for your mobile or web app or welcome them back using 2FA or OTP, you need a very streamlined and user friendly method of verifying your users.
We all know security is paramount. Developers need to know the users are who they say they are, hence the need to confirm their identities. However, unsuccessful verifications turn users away and no developer wants to see their authentication methods failing left and right, causing users to churn.
Should you rely only on SMS or is there another way?
A time tested way is using the good old SMS, where every phone number is unique and it is arguably more secure than e-mail. However there are several shortcomings of just using SMS for user verification purposes.
It all comes down to several factors.
Users don’t take kindly to the hassle of juggling one time passwords and security codes. Let’s recreate a very common set of steps when you need to authenticate your valuable users:
- User initiates the process and receives the SMS containing your one time password or code.
- User opens the SMS. Due to the nature of security codes, user sees a random numeric or alphanumeric string.
- User might not be able to copy and paste the string depending on the SMS app. A small number of users might even proceed to break out a pen and a piece of paper and writes down the code.
- User returns to the app and punches in the code he/she just jotted down.
- This experience overall is very convoluted and time consuming for the user.
The problem with using SMS for user verification
This is the “ideal” scenario with SMS verification where everything goes your way. But SMS is an old-timey method by today’s standards and it has a multitude of drawbacks.
- SMS might take a while to arrive to its destination. It sometimes takes up to a day to successfully send/receive a text message. This is primarily due fact that mobile telecom operators might experience congestions from time to time and it leads to longer delivery times. The user doesn’t have time to wait a day to log in to your app, let alone minutes.
- Roaming is another problem all by itself. The user might be abroad at the time of authentication and might have opted out of roaming services just because telecom companies love to charge exorbitant amounts just to receive/make phone calls abroad. Although sending and receiving text messages don’t result in additional charges while roaming is active, it requires several network operators to work in tandem to deliver the text, resulting in delays. This alone might prevent your user from receiving your 2FA code via SMS.
What can be done about this?
Now that we know what problems we’re facing with SMS authentication, let’s talk solutions.
- One possible solution to our SMS woes might lie in using more than one SMS provider. While relying on more than just one provider is good practice, it becomes costly in the long run and it won’t solve the roaming issue.
- Streamlining your UI/UX. Instead of making your users jump through several hoops, you can offer alternative verification methods to your users and let them choose what works best for them.
- Employing other ways to authenticate your users alongside SMS. Messaging platforms like Telegram and WhatsApp are fast and secure ways to let your users log in quickly that has all the advantages of SMS but none of the drawbacks. And here’s the kicker: they are way cheaper than regular text messages and they don’t rely on a multitude of telecom network operators. The widespread availability of free wi-fi networks all around the world ensures internet connectivity, thus if your user has access to your app, chances are he/she has access to said messaging platforms. This is where VerifyKit comes in.
Authenticate your users through messaging platforms alongside SMS
Verifying your users directly from these messaging services eliminates all the hassle from your user experience while streamlining your user journey and reducing churn rates. Using WhatsApp and Telegram for authentication takes only seconds compared to the traditional SMS method and since it eliminates the need for the user inputting the code, it speeds up the process further and it boosts the successful verification rate to a whopping 85%. This is exactly what a developer wants: a seamless and hassle-free way to welcome users back.
Gone are the days of seeing your users churn in the verification step. Check out what VerifyKit can do for you today.