The United States National Institute for Standards and Technology is getting ready to ban SMS as a way to implement two-factor authentication, Cnet reported.
According to the report, a paragraph in the new draft of the Digital Authentication Guideline reads as follows:
“[Out of band verification] using SMS is deprecated, and will no longer be allowed in future releases of this guidance.”
South African banks and credit card companies like MasterCard and Visa all use SMS as an authentication mechanism.
To work around banks’ two-factor authentication systems, criminals commit SIM-swap fraud to gain control of their victim’s cellphone number.
While the US aims to ban SMS for two-factor authentication, the new draft guideline does allow for secure application or biometrics, such as a fingerprint scanner, to be used.