Starting this week, 2-Step-Verification (2-SV) SMS users will notice an invitation to try Google prompts when they sign in. They want to change its two-step verification (2SV) method and replace one-time codes sent via SMS with prompts shown on the user’s smartphone.
This improvement in the Google two-step verification method happens after the increase of SS7 telephony protocol attacks that have enabled many hackers to take over people’s mobile phone numbers to obtain one-time codes via SMS and hack into user accounts.
According to Google:
“Instead of using a 2-Step Verification code to sign in, you can tap a prompt that Google sends to your phone. The prompt will ask if you’re trying to sign in.
Signing in this way adds the security of 2-Step Verification and is quicker than entering a verification code.”
“Overall, this is being done because SMS text message verifications and one-time codes are more susceptible to phishing attempts by attackers. By relying on account authentication instead of SMS, administrators can be sure that their mobile policies will be enforced on the device and authentication is happening through an encrypted connection.”
The Mobile Prompts method is scheduled to begin this week. their users will need an Internet connection to use the Prompt feature. Every time users will try to log in, Google will display a prompt on the owner smartphone to approve the login request.