New global research by the Ponemon Institute, sponsored by mobile interaction service provider tyntec, has revealed that on average almost 50% of One-Time Passwords(OTPs) fail to arrive due to invalid mobile numbers provided by end-users. For the study, the Ponemon Institute surveyed more than 1,800 IT and IT security practitioners around the world.
The research also revealed that 65% of respondents felt the traditional username and password approach was insecure. As a result, 90% of global IT managers say their organizations plan or consider the possibility to adopt SMS-enabled two-factor authentication (2FA) in 2014 in order to improve online security.
The majority of international respondents (31%) cited on average 11-20% is the amount of OTPs that fail to be delivered. Of that, almost 50% on average fail because an invalid mobile number was entered by the end-user. As well as end-users providing invalid mobile numbers, OTPs can also fail due to technical error if companies choose to deploy cheap SMS solutions which offer poor delivery rates.
To combat these technical difficulties, 66% of respondents said they would be interested in verifying where end-users are located and to check their mobile number is valid in real-time. The research confirmed that currently only 4% of respondents verify mobile numbers before sending OTPs.
In addition, 55% of all those surveyed, considered SMS-enabled two-factor authentication to be more secure than other 2FA methods. 71% of respondents prefer SMS-enabled 2FA because it’s an easy solution for their end users.
For more information, go to http://www.tyntec.com/resources/whitepapers.html.
