Many businesses require the security of 2FA (Two-Factor Authentication) or MFA (Multi-Factor Authentication) to protect their users and prevent fraud.
At MessageBird, we believe in the power of omnichannel messaging to delight customers by connecting with them asynchronously on their preferred channels; omnichannel also provides an excellent means for implementing 2FA or MFA. By leveraging a channel like WhatsApp, we’ve seen customers save up to 40% on costs while also increasing conversion rates and effectiveness.
Using OTPs for 2FA or MFA
An OTP (or one-time password) is a short message containing a one-time, auto-generated password that is sent to a user's phone in order to verify an attempted login or transaction.
You probably experienced this the last time you checked your bank account or logged into a service from a new browser or device.
That short message you receive is called a Two-Factor Authentication (2FA). 2FA requires both a correct username and password as well as the OTP sent to the user's phone, thus requiring two factors to authenticate a user's log in.
Deliverability with Traditional OTPs
Sending OTPs through short messaging channels like SMS is widely used; however, channels like WhatsApp have emerged as a great way to complement SMS and increase the deliverability of OTPs.
Low deliverability is usually due to your SMS API provider outsourcing their message operations to third-party aggregators. The provider you’re paying for SMS might not even operate the network across which your messages travel. Your provider might also use indirect routes ("gray routes") to avoid paying network owners for messages sent, resulting in even worse reliability.
The more parties involved in delivering your SMS messages, the more likely you are to encounter delivery issues.
Customers need a reliable communication infrastructure and supernetwork designed to avoid traditional deliverability issues. As a licensed carrier, MessageBird’s network directly connects with telco operators around the world to drive the best prices and highest deliverability for our customers.
One-Time Passwords with WhatsApp and SMS
Given that dramatic user preference, we want to enable any business to engage customers on WhatsApp — even for sending OTPs.
Tokopedia, the largest online marketplace in Indonesia, started using WhatsApp for OTP and was able to increase results across the board:
- 10% increase in one-time password success rate
- 26% of one-time password validations came via WhatsApp
- 58% higher delivery rates compared to SMS
Benefits of Omnichannel 2FA and MFA with MessageBird
WhatsApp Official Partner
Just like with SMS, there are WhatsApp API providers that rely on other providers. This dependency leads to reliability and deliverability issues.
MessageBird is one of the first global WhatsApp Solution Providers, integrating directly with the WhatsApp Business API to power you to reliably communicate with customers all over the world.
End-to-end encryption from verified senders
WhatsApp offers end-to-end encryption, verifying every business sending OTP messages and displaying a security message with every 2FA sent.
You can build 2FA into your application with our Verify API or empower your entire team to create, update, and launch 2FA solutions using custom or pre-built flows with Flow Builder. Without having to write a single line of code.
If your OTP is not delivered, MessageBird’s omnichannel platform allows you to use fallback messaging channels including WhatsApp, SMS, Voice, Messenger and others.
Flow Builder also gives you even more flexibility and automation. For example, within Flow Builder you can create a flow that checks if a message has been delivered, then checks if it has been read; if the message stays unread for a certain period of time it can automatically send a second message through another channel.
Authenticate at scale
Our network is built for global scalability, powered by direct connections with over 240 carriers worldwide and a state-of-the-art Smart Routing Engine. For WhatsApp API, we support up to 200 requests per second, with burst traffic of up to 1000 requests per second.
In our next post, we’ll show you how to set up 2FA with WhatsApp using OTPs sent with Flow Builder.
The power of omnichannel authentication
Whether you are sending 2FA or MFA authentication messages through WhatsApp or SMS, using an omnichannel platform like MessageBird to send one-time password notifications will help you save money, protect your customers and increase deliverability rates, while also reducing your SMS bills.
With MessageBird, you can rest assured that your authentication transactions and timely notifications are always delivered at scale. The collective power of our omnichannel platform is cost-effective, secure and scalable – it’s a complete solution to your one-way messaging.