Adding SMS Auth to your mobile app (TLDR)

December 15, 2020

App and data security have been a big issue for developers for a while now and it’s only getting more important. Below is the TLDR version and here is the extended version.

What is two-factor SMS authentication (2FA)?

SMS Two Factor Authentication (2FA) is a security verification procedure that allows a company to more safely identify their users.

Flowchart showing how SMS auth works

Automate SMS authentication integration with 46elks

Using the 46elks API to add OTP means you can implement authentication processes in the way your team wants them to. Here are the basic building blocks to adding SMS OTP authentication to your mobile app:

  1. Create a 46elks account - Sign up
  2. Create a database to record the expected OTPs and user information
  3. Create a trigger in your application that does two things:
    • Generate an OTP and add it to the database along with the appropriate user information (and time if necessary)
    • Sends an SMS to the customer with the same OTP using the 46elks API
    
        

  4. Once the user has attempted to enter the password in your application you can assess this entry attempt against the expected OTP in your database
    • If it matches then you can allow entry
    • If it does not match then you can offer reattempts or simply deny the service

These are the broad building blocks and depending on your application you may need to tweak this flow slightly to provide your users with a great experience and secure your applications.

If you want to read the longer version of this article, you will find that here