News

Apple developing format to replace one-time passcodes

Apple is working with Google engineers to build a more refined and secure alternative to the one-time passcodes sent via SMS that are part of the typical ‘two-step’ authentication systems.

Apple WebKit engineers released the first draft for its proposals earlier this year, and it was recently given the green light to become part of the Web Platform Incubator Community Group (WICG).

Google backed the proposal in January, and the draft published last week was co-edited by the company’s senior director of engineering Farnaz Azmoodeh and Apple’s Theresa O’Connor.

The initiative was born from a desire to build a better method for sending the one-time codes that confirm login credentials when users attempt to sign in on certain platforms.

Many websites do make use of OTP instead of SMS, but there has not yet been a standardised method of formatting for these messages, which has raised fears about data security.

The WICG publication noted that the current method is often “unreliable and error prone” and that it could lead to some users inputting codes to malicious sites without them realising.

Users also have to manually enter the passcodes when they are on a website, which can be laborious.

Apple wants to create a refined solution that offers better security and a more enjoyable user experience.

The new format uses a “lightweight text format” to deliver a code, and users can then extract it and log into a website without having to go through any manual processes.

“This proposal attempts to reduce some of the risks associated with SMS delivery of one-time codes,” a source close to the development of the new system says.

The source adds that the system won’t solve all of the issues but will reduce the risks associated with phishing and generally make the process more secure.

Tags

About the author

Chris

I've been a passionate evangelist for Apple and the Macintosh throughout my working life, my first love was a Quadra 605 working with a small creative agency in the south of Norfolk UK in the mid 1990's, I later progressed to other roles in other Macintosh dominated industries, first as a Senior graphic designer at a small printing company and then a production manager at Guardian Media Group. As the publishing and printing sector wained I moved into Internet Marketing and in 2006 co-founded blurtit.com which grew to become one the top 200 visited sites in the US (according to Quantcast), at its peak receiving over 15 million visits per month. For the last ten years I have worked as an Affiliate and Consultant to many different business and start ups, my key skill set being online marketing, on page monetisation, landing page optimisation and traffic generation, if you would like to hire me or discuss your current project please reach out to me here.

You can also follow me on: and

Add Comment

Click here to post a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.