100% Out-of-Band Authentication
Instead of placing a voice call to the user, PhoneFactor SMS Authentication sends a one-time passcode to the user’s mobile phone via an SMS text message. The user sends a text message reply that contains the one-time passcode to authenticate. Because the one-time passcode is both sent and confirmed through SMS, the process is completely out-of-band.

Standard OTP Authentication
Instead of replying to the SMS text message, organizations can allow users to enter the one-time passcode directly into the login interface. As with a security token, the user must enter a one-time passcode to verify the possession of a trusted device. But unlike tokens, PhoneFactor leverages a device the user already has – their phone.

PIN Security
Add a third layer of protection by requiring users to provide a personal identification number (PIN) in addition to the one-time passcode to authenticate.

User Choice
Configure all users for SMS Authentication or allow users to choose between a voice call and SMS text message for authenticating. Users simply choose a method during enrollment or at any time from the User Portal. This enables the ultimate flexibility for your users and a single platform for your IT team to manage.

Custom Messages
Customize the PhoneFactor experience for your users. Increase usability with SMS text messages specific to your company and home language, and customize the automated welcome e-mail that is sent to users.

Support for Transaction Verification
Details about transactions can be provided in the SMS text message. So, even if the user’s authenticated session has been hijacked, the attacker cannot complete a transaction without the user’s explicit approval.

Robust, Scalable Authentication Platform
SMS Authentication is available as an add-on to the PhoneFactor Extended Edition, which include support for directory synchronization, user self-service, redundancy, and robust reporting and logging capabilities.