Google has announced plans to phase out SMS text messages for multi-factor authentication, opting for more secure technologies. Initially introduced for Gmail in 2011, SMS has become increasingly insecure due to vulnerabilities like SS7 attacks and SIM swapping. The U.S. NIST has advised outdated SMS methods be retired, emphasizing the inherent risks when devices are stolen. Rising fraud via SMS scams has added urgency to this transition. As part of its commitment to enhance security, Google will develop new verification methods while moving away from traditional SMS-based authentication.
Google's transition from SMS-based multi-factor authentication stems from the identified vulnerabilities of SMS, which have made it an unreliable security measure for protecting accounts.
The U.S. government's NIST previously recommended replacing SMS-based authentication methods due to their security weaknesses, advocating for more secure alternatives.
As phone number theft through SIM swapping rises, traditional SMS authentication becomes ineffective, prompting Google to explore faceless verification methods.
The cost of SMS fraud schemes, like traffic pumping, signifies the growing risks associated with SMS multi-factor authentication, leading Google to phase out this approach.
Collection
[
|
...
]