Two-factor authentication (2FA) is a security staple, but effective implementation requires advanced technology. Santos, a leading Indonesian e-commerce platform, recently upgraded its 2FA system by integrating SMS Masking and WhatsApp Business API. This approach not only safeguarded against replay attacks but also reduced operational costs through automated verification via messaging channels.
Why Santos Chose SMS Masking for 2FA
Faced with OTP token hijacking attempts from Malaysian hackers, Santos adopted SMS Masking to add an extra security layer. By masking phone number serial, this method protects user privacy and mitigates risks of identity theft.
WhatsApp Business API for Faster Verification
Alongside SMS Masking, Santos implemented WhatsApp Business API for OTP delivery. This hybrid strategy improved response times and user engagement, especially in regions with unstable internet connectivity. Data analysis showed a 300% ROI within six months post-implementation.
FAQ
Is SMS Masking secure? Yes, as it obscures phone number patterns, preventing targeted attacks.
Can WhatsApp replace SMS for OTP? Technically possible, but Santos' dual integration offers redundancy and reliability for large-scale operations.