tt.One
tyntec

12.03.14 10:30 AM

Global research reveals almost 50% of failed One-Time Passwords are on average due to invalid mobile numbers

90% of IT managers plan to adopt SMS-enabled two-factor authentication this year as majority abandon traditional security measures

Ponemon Whitepaper - OTP SMS

London, U.K. – 12th March 2014 – New global research by the Ponemon Institute, sponsored by mobile interaction service provider tyntec, has revealed that on average almost 50% of One-Time Passwords(OTPs) fail to arrive due to invalid mobile numbers provided by end-users. For the report titled ‘Unlocking the Security Potential: The Key to Effective Two-Factor Authentication’ the Ponemon Institute surveyed more than 1,800 IT and IT security practitioners around the world.

The research also revealed that 65% of respondents felt the traditional username and password approach was insecure. As a result, 90% of global IT managers say their organisations plan or consider the possibility to adopt SMS-enabled two-factor authentication (2FA) in 2014 in order to improve online security.

Influx of failed One-Time Passwords
The majority of international respondents (31%) cited on average 11-20% is the amount of OTPs that fail to be delivered. Of that, almost 50% on average fail because an invalid mobile number was entered by the end-user. As well as end-users providing invalid mobile numbers, OTPs can also fail due to technical error if companies choose to deploy cheap SMS solutions which offer poor delivery rates.

To combat these technical difficulties, 66% of respondents said they would be interested in verifying where end-users are located and to check their mobile number is valid in real-time. The research confirmed that currently only 4% of respondents verify mobile numbers before sending OTPs.

In addition, 55% of all those surveyed, considered SMS-enabled two-factor authentication to be more secure than other 2FA methods. 71% of respondents prefer SMS-enabled 2FA because it’s an easy solution for their end users.

Solution: mobile number verification
Thorsten Trapp, Co-Founder and CTO for tyntec commented: “To service providers looking to increase security for their users, the ability to pre-verify mobile numbers is essential. In addition to accruing costs in messaging fees, invalid mobile numbers also result in unauthenticated One-Time Passwords, un-activated accounts and un-met expectations on behalf of both the sender and end-user. Companies therefore need to ensure that the balance between cost and reliability is optimised right from the beginning. By performing a validity check of the mobile numbers provided in real-time, companies can instantly notify users. As a result, service providers can improve customer satisfaction with fewer complaints, reduced customer support costs and higher conversion rates.”

Larry Ponemon, Chairman and Founder of the Ponemon Institute, added: “Enterprises and internet companies know that the traditional username and password is simply not enough anymore. However, companies deploying SMS-enabled two-factor authentication need to ensure that one-time passwords aren’t being sent to invalid mobile numbers. As a result, the research confirmed that 67% of respondents said customer experience improves when SMS-enabled two-factor authentication is combined with real-time verification of the receiver’s mobile number.”

tyntec is a specialist provider of global SMS interaction solutions, allowing large enterprises access to high-quality mobile authentication services. tyntec allows companies in a wide range of sectors to implement two-factor authentication via its OTP SMS service in a reliable, secure and straightforward way.

For more information, download the free report and infographic at http://www.tyntec.com/resources/whitepapers.html.

 

Methodology:
Research was conducted by the Ponemon Institute in January 2014 in four global regions: North America (NA), Europe, Middle East and Africa (EMEA), Asia-Pacific plus Japan (APJ) and Latin America plus Mexico (LATAM). The study utilised a demographically balanced omnibus sample of IT and IT security practitioners positioned in Forbes Global 2,000 companies with bona fide credentials. Survey procedures were based on scientific methods that permitted extrapolation and population inferences.

About tyntec
tyntec is a mobile interaction specialist, enabling businesses to integrate mobile telecom services for a wide range of uses – from enterprise mission-critical applications to internet services. The company reduces the complexity involved in accessing the closed and complex telecoms world by providing a high quality, easy-to-integrate and global offering using universal services such as SMS, voice and numbers.Founded in 2002, and with more than 150 staff in six offices around the globe, tyntec works with 500+ businesses including mobile service providers, enterprises and internet companies.

About Ponemon
InstitutePonemon Institute is dedicated to independent research and education that advances responsible information and privacy management practices within business and government. Our mission is to conduct high quality, empirical studies on critical issues affecting the management and security of sensitive information about people and organizations.

Press contact tyntec
tyntec
Caroline Dreier
+49 89 202 451 140
press(at)tyntec.com

Press contact PR agencies
MWW PR (UK)
+ 44 208 875 7970
tyntec(at)mww.com


Back to press releases