Google is replacing SMS codes in 2-Step-Verification after the increase of SS7 attacks

Starting this week, 2-Step-Verification (2-SV) SMS users will notice an invitation to try Google prompts when they sign in. Google wants to change its two-step verification (2SV) method and replace one-time codes sent via SMS with prompts shown on the user’s smartphone.

This improvement in the Google two-step verification method happens after the increase of SS7 telephony protocol attacks that have enabled many hackers to take over people’s mobile phone numbers to obtain one-time codes via SMS and hack into user accounts.

According to Google:

“Instead of using a 2-Step Verification code to sign in, you can tap a prompt that Google sends to your phone. The prompt will ask if you’re trying to sign in.
Signing in this way adds the security of 2-Step Verification and is quicker than entering a verification code.”

“Overall, this is being done because SMS text message verifications and one-time codes are more susceptible to phishing attempts by attackers. By relying on account authentication instead of SMS, administrators can be sure that their mobile policies will be enforced on the device and authentication is happening through an encrypted connection.”

The Mobile Prompts method is scheduled to begin this week. Google users will need an Internet connection to use the Prompt feature. Every time users will try to log in, Google will display a prompt on the owner smartphone to approve the login request.

Related posts

Zoho Was Blacklisted by Domain Registrar TierraNet

Wannacry NHS Hacker Park Jin Hyok Charged

DDOS on Bank of Spain Claimed by Anonymous Catalonia