Wednesday, July 17, 2024

Rethinking Authentication: RBI’s Initiative to Eliminate OTP Dependency Raises Concerns

The Reserve Bank of India has asked other banks to switch to MMS-based options other than OTP for second-factor authentication.

However, despite the removal of the need for OTP, the user will still need his smartphone for authentication. Because new methods of authentication will also be linked to the user’s mobile phone in some way or the other.

Other options for OTP exist

According to bankers, OTP is required in social engineering scams and SIM swaps. In this type of scam, the customer can easily become a victim of cyber criminals.

In this context, Authenticator app can be considered better for the second option of OTP. In this type of authenticator app, the user needs to enter the password from another phone app.

Apart from this, service providers may consider tokens as a better option in mobile applications instead of OTP. This means that despite eliminating the need for OTP for authentication, the need for the user’s mobile will not be eliminated.

This work can be done without OTP

TruSense has introduced an OTP-less authentication service. In this service, the service provider has a direct data connection with the user’s device.

After identifying the number, the service can be used by exchanging the token with the device. There will be no need to enter OTP anywhere in this entire process.

Even biometrics are not safe in this era of AI

However, according to experts, biometrics cannot be considered a better authentication option in today’s time. With the increasing use of AI, facial recognition can also become unsafe due to deepfakes.

For the Indian market, a customer’s mobile phone remains the best means of verifying his or her identity.

Even emails cannot be trusted in this regard, because in the digital age, fake emails can also be generated easily. This type of email can be generated even without KYC.


Most Popular