tags:

views:

277

answers:

4
+4  Q: 

iPhone or Android apps that use SMS based authentication?

What are some iPhone or Android applications that use SMS as their primary means of user authentication?

I'm interested to see such apps in action. SMS-auth seems like a natural approach that is well-situated to mobile contexts.

The basic workflow is: to sign up, a user provides a phone number; the app calls a backend webservice which generates a signed URL and sends it to the phone number via an SMS gateway; the user receives the SMS, clicks the link, and is thus verified and logged in. This results in a very strong user identity that is difficult to spoof yet fairly easy. It can be paired with a username or additional account attributes as needed for the product requirements.

Despite the advantages, this does not seem to be in much use - hence my question. My initial assumption is that this is because products and users are wary of asking for / providing phone numbers, which users consider sensitive information. That said, I hope this becomes an increasingly more commonplace approach.

A: 

It's not very common to have SMS gateway available! Also using it (sending SMS messages) costs quite a lot compared to sending emails.

Much easier to just generate and send verification email.

JOM  2010-06-01 04:52:45
It's definitely easier, agreed. It's also easier not to even send an email ;). SMS is expensive, as well, yes. But you have easily an order of magnitude more powerful trust in your users as real, unique individuals. (bulk VOIP numbers being one area of trouble in this regard, but there are ways to deal with that, too.)
JSW  2010-06-01 22:55:51
+1  A: 

This is mostly used for employee authentication ... there is a strong value in replacing the older physical tokens with a new SMS based two-factor authentication to ensure that the users accessing your corporate systems have not had their credentials stolen. We're a technology leader in this space and is the partner that worked with Citrix Systems to develop SMS Authentication for their iPhone Receiver. The benefit is that you gain strong two-factor authentication in an easy to use fashion specifically for the iPhone that do not support multiple applications at the same time. For other systems such as the VPN client from Cisco and most other Windows and Android phones, you can run multiple apps and therefore establish a secure connection using standard vpn and ssl vpn technologies.

The Citrix Receiver for iPhone was one of the most downloaded business apps on the store, I've been told.

If you want to learn more about it check out both the Cisco VPN and the Citrix Receiver implementations for SMS Authentication at http://blog.smspasscode.com/

I hope this information is helpful to you.

Rgds Lars SMS PASSCODE

Lars Nielsen  2010-06-01 09:48:26
Lars, I've seen your site and the Citrix receiver app as one of the only iphone examples of SMS auth. Per my question are you aware of any other apps, especially consumer-focused apps, which employ SMS auth?
JSW  2010-06-01 22:57:07
Agreed, have seen that in business apps. Do something on website, receive pin code via SMS and use it to login. Should have read the question more carefully, since it seemed to be more generic. I would still say using this system for non-business apps is too expensive == cost per each login.
JOM  2010-06-03 09:10:01
A: 

WhatsApp does. The app sends a SMS to the phone number you entered, and if you receive the message, they create your account and you can use the app.

retsrif  2010-10-01 18:10:40
A: 

Loopt for iPhone is a good example. As part of initial sign up you provide your phone number and are sent a confirmation SMS to complete the process. It's simple and painless.

JSW  2010-10-04 22:26:31

related questions

How do we get arround Apple's decission to skip sms templates for iPhone?
iPhone App Crashing - Error Question
Can I write native iPhone apps using Python
Does the Iphone 1/2 have a compass inside?
How do you beta test an iphone app?
Is it just the iPhone simulator that is restricted to intel only Mac's?
iPhone App Minus App Store?
Deleting messages from Exchange IMAP mailbox on iPhone
Is there a multiplatform framework for developing iPhone / Android applications?
How can I launch the Google Maps iPhone application from within my own native application?
Tips for a successful AppStore submission?
iPhone app that access the Core Location framework over web
Virtual Mac?
What's a good machine for iPhone development?
How can I develop for iPhone using a Windows development machine?
Recommended iPhone Development Resources
Best Wiki for Mobile Users
How to programmatically send SMS on the iPhone?
iPhone - Exchange Calendars in Public Folders
iPhone web applications, templates, frameworks?
Understanding reference counting with Cocoa / Objective C
How-to articles for iPhone development, Objective-C
What are the correct pixel dimensions for an apple-touch-icon?
How do I give my web sites an icon for iPhone?
iPhone app in landscape mode