In part one of this post, Rob Malcom of Mblox & CLX, explored the recent draft NIST guidelines on digital authentication that suggested the depreciation of SMS based 2-factor authentication (2FA). Here, he sets out his recommendations for businesses, carriers and consumers and his conclusions on the NIST proposals.
NIST outlines two primary concerns, one being very specific to virtual numbers (i.e. numbers not associated with a physical device, such as VOIP or numbers linked to an app), or a physical number that has been configured to be received via an IP service. This includes numbers such as those provided by Skype, or even accessible on iMessage via your desktop.