Google will no longer use the double authentication by SMS on Gmail, because of the lack of security offered by this system. Instead, the company plans to develop a new device with QR codes.
To connect to a Google service like Gmail, YouTube or Google Docs, Google requires double authentication (2FA for Two-factor authentication In English or two -factor authentication in French) to all users of its online services. So, as soon as you connect to your account using your identifiers on an unusual device, for example the computer of a loved one, you are asked to confirm that it is indeed you Help from another method, as indicated a code sent by SMS.
But SMS verification has many flaws. Mal intentioned people can completely hack operators’ installations, intercept the non -encrypted codes from start to finish or make attacks by Sim Swapping. Also, Google has decided to stop using this authentication method, as reported Forbes. “Just as we want to avoid the use of passwords thanks to solutions like Passkeys, we want to move away from sending SMS messages for authentication”said a spokesperson for the company. Another technology is envisaged to replace it.
Double authentication Gmail: a fallible solution
Specialists alert for years on the risks associated with double authentication by SMS. Also, Google should, in the coming months, develop a new solution which is based on QR codes. Concretely, instead of receiving a six -digit code on your phone, you will have to scan one with the camera of your smartphone to validate their connection. In this way, no code can be intercepted or shared by mistake. The Mountain View firm did not wish to share more details.
But this is not the only reason that pushes Google to change the authentication system. Indeed, the company wishes to fight against traffic pumping. It is a fraud aimed at exploiting communication systems (SMS, calls) to artificially generate traffic to surcharged numbers, controlled by fraudsters. The crooks thus trigger thousands of requests for codes sent to their own numbers and collect a commission on each SMS issued, at the expense of the services which emit them. A scheme that makes the invoice for businesses soar …
Still, for those who use only one screen, this 2FA solution does not seem most practical. In this case, it will be necessary to fall back to other alternatives, such as, access keys, material safety keys, Google prompts, emergency codes or validation codes generated by a 2FA application.