Tag: SMS (Short Message Service)

SMS (Short Message Service) is a text messaging service component of most telephone, Internet, and mobile device systems. It uses standardized communication protocols that let mobile devices exchange short text messages. An intermediary service can facilitate a text-to-voice conversion to be sent to landlines.

SMS technology originated from radio telegraphy in radio memo pagers that used standardized phone protocols. These were defined in 1986 as part of the Global System for Mobile Communications (GSM) series of standards. The first test SMS message was sent on December 3, 1992, when Neil Papworth, a test engineer for Sema Group, used a personal computer to send “Merry Christmas” to the phone of colleague Richard Jarvis. SMS rolled out commercially on many cellular networks that decade and became hugely popular worldwide as a method of text communication.
—Wikipedia, “SMS“

envelope and key on smartphone display, illustration - Credit: Shutterstock.com

Articles / CyberSecurity

Security Analysis of SMS as a Second Factor of Authentication

This article provides some insight into the security challenges of SMS-based multifactor authentication: mainly cellular security deficiencies, exploits in the SS7 (Signaling System No. 7) protocol, and the dangerously simple yet highly efficient fraud method known as SIM (subscriber identity module) swapping. Based on these insights, readers can gauge whether SMS tokens should be used for their online accounts. This article is not an actual analysis of multifactor authentication methods and what can be considered a second (or third, fourth, and so on) factor of authentication; for such a discussion, the author recommends reading security expert Troy Hunt’s report on the topic.