OTP SMS vs. Flash Calls: Multi-Factor Authentication Solutions Compared
Fraud and data theft continue troubling online services, costing them huge losses. The estimated cybercrimes cost to companies will reach $8 trillion in 2023.
By 2025, the number is expected to grow to $10.5 trillion. This is a huge problem, and different measures are being formulated to tackle this problem and mitigate these losses.
These measures include SMS OTPs, Flash Calls, Biometric verification, push notifications, etc. These measures are together known as multi-factor verification, providing additional security for users to verify their identities and confirm transactions.
The need to prevent online theft and password hijacking has prompted brands to incorporate multi-factor verification methods into their cybersecurity architecture.
This article will examine two common methods, OTP SMS vs. Flash Calls. We take a deep dive into their meanings and their benefits. You will also see the issues with Flash Calls as it affects mobile network operators and the future of Flash Calls.
What is Flash Call Verification?
Flash call, as the name implies, involves a rapid call to a user’s phone number to authenticate the validity or authenticity of the number.
Think of apps like WhatsApp and Tiktok that give a dropped call when you open an account. The app calls the number to verify it before opening the account.
The unique thing about this call is that you don’t have to answer the call. It is simply a missed call.
Flash Calling has become a very cheap method of verification that companies are exploiting to provide seamless security for user data. Projections put the rise of flash calling to 130 billion calls by 2026 from less than 60 million in 2021, a growth rate of 185,000% in just half a decade.
Experts agree that flash calling is indeed disruptive to the old order of SMS 2FA and has more benefits. Mobile security expert James Williams of the Mobile Ecosystem Forum put it best when he wrote in this post:
“So there has been a hunt for something else which has the ubiquitous characteristics of SMS (but is perhaps more secure) and something that creates practically zero friction in customer experience.
This is potentially Flash Calling.Flash Call is the new kid on the block in the multi-factor authentication ecosystem and will become the dominant authentication method in years to come”.
What is OTP SMS?
You may wonder what SMS verification code means or why One-Time Passwords via SMS are the most common form of Multi-factor Authentication in today’s market.
OTP, or One-Time Authorization, contains alphanumeric codes or random numbers to verify a login attempt or the user’s identity sent to the user’s phone number. It is a useful method for companies to stay ahead of cybercriminals and protect their user data. Fintechs are some of the leading users of OTPs via SMS to authenticate payments.
To guarantee the security of the transaction, an OTP SMS is an additional security with random codes. The cheap costs and ease of deployment of OTP SMS make the OTP SMS vs. authentication apps battle tilt in favor of the former.
Password security expert Troy Hunt stated:
“Anyone saying “SMS-based 2FA is worse than a password alone” is missing something fundamental.
Now, if you’re talking about account recovery with SMS alone, yeah, that’s bad but that’s also 1FA and a completely different discussion. Let me double down further: there are times when SMS is actually a preferable implementation.
My parents, for example, struggle with authenticator apps, and that’s before we even get to the problem of migrating them on device rotation. SMS is flawed, but universally understood.”
Although OTP SMS is flawed, it remains a simple method for users. Using only a username and password is insufficient protection for the user account.
How Does Flash Call Verification Work Compared to OTP SMS?
Flash Call verification is a type of Multi-factor Authentication method like OTP SMS. The difference is in the outlook and operation of each one.
Flash call verification operates automatically where the user gets a single ring call to complete a process like a transaction or downloading an app.
The secret of Flash calls is in the incoming calls’ numbers. The relevant numbers are immediately used to authenticate the user’s identity.
Unlike text message authentication, which needs some action from the user, like opening the SMS to read the content of the OTP, Flash call uses APIs to copy and use the numbers automatically.
In other words, it’s a hands-free verification process.
This uncomplicated verification method makes flash calls widely used for companies looking to cut operation costs.
Benefits of SMS vs. Flash Call Verification
Small businesses looking to add security features to their work process may opt for SMS or Flash Call verification due to several benefits they uniquely offer.
We have provided the benefits of OTP SMS vs. Flash Calls below.
Benefits of SMS OTP Verification
SMS OTP is a cost-effective multi-factor authentication method suitable for small businesses. Of course, they incur costs on each SMS delivered to customers, but it is less expensive to implement than other verification methods like biometrics or hardware tokens like flash memory.
SMS-based authentication has proven very effective in preventing data theft and fraud. The random six or four digits generated every time to verify a transaction are more difficult to bypass or guess. The only guaranteed way to beat it is to be in physical possession of the user’s phone or to swap the user’s SIM.
Easy to integrate
With the right partner, SMS OTP can easily integrate into your business. It connects SMS APIs to the website or business that needs it. This API enables it to send instant messages to verify transactions. For instance, BSG’s RESTful API helps you integrate your business to send SMS OTP to your customers worldwide.
SMS authentication doesn’t rely on internet access to work. Just a mobile network service is enough to make it function optimally. Every device with a mobile network service can receive and use SMS OTP.
Better Customer experience
The call is unanswered and comes at no cost to the 2FA service provider. Instead, the network service provider bears the costs.
Benefits of Flash Call Verification
The call is unanswered and comes at no cost to the 2FA service provider. Instead, the network service provider bears the costs. Compared to SMS OTP, businesses can save a fortune on multi-factor verification.
Flash Call verification needs no manual input from the user to work. Most times, the user must be made aware that verification has already occurred. He only sees a missed call as evidence. This verification method is especially useful for less tech-savvy people like older citizens, who may see other verification methods as too much hassle.
Compared to OTP SMS, flash calling is noticeably faster. The call is usually instant and has no limit, provided the call network quality is good. Verification is also instant, unlike SMS or Email OTP, where you must wait to receive the message and then use the information.
Users worldwide can use Flash Calls if there is a network service. As a business, you don’t have to worry about users getting missed calls as the service relies on a mobile connection available in every country.
Flash Call Challenges
Flash Call has its issues. Experts have identified problems with using Flash Calls, especially on how it affects telcos revenues
The impact on telcos revenue
Flash calling offers a cheaper alternative to 2FA via SMS, and enterprises are increasingly adopting it globally.
However, Mobile Network Operators providers do not generate revenues from flash calls even though they provide the service to make it happen. Flash calls are not received as they are too short to be answered by the end user.
This makes it hard for MNOs to track these calls and monetize them. Telcos make money from received calls, and so without receiving the calls, their revenues are slashed.
One way out is for MNOs to restrict flash calls from working on their network since they are machine-generated calls. Unfortunately, they cannot ban these calls as they are legal in most countries.
A more collaborative approach is to charge enterprises a fee lower than the SMS charge for every flash call made. Flash calling is a lucrative sector, with reports putting revenues from flash calling at $48.4 billion in 2022. It is expected to rise to about $1.2 trillion by 2032.
MNOs need to come up with quick solutions to benefit from this windfall. After all, they make flash calling possible through their infrastructure, and they are entitled to receive some compensation for this service.
In contrast to SMS, where a charge is placed on sending one, telcos generate healthy revenues from enterprises using SMS for 2FA.
With the increasing crossover into flash calling, revenues from SMS are seriously threatened. To make matters worse, MNOs incur the operating costs of maintaining adequate call quality.
They are also faced with managing the increasing traffic on their network from more use of flash calls.
Comparing Flash Call vs. SMS OTP, the latter is already making huge waves in online verification. Its key benefits are speed, cheapness, and automation than SMS OPTP.
However, the progress will be determined by compromises and policies of MNOs toward flash calls. On the other hand, SMS OTP has better potential to generate revenue for operators. Therefore, combining SMS and flash calls gives the best of both worlds.
If you want to integrate SMS into your existing communication channels, BSG can help you achieve this. Contact us.