Descope’s nOTP Authentication: A WhatsApp Alternative to SMS for Enhanced Security

Whatsapp for OTP

Descope’s nOTP Authentication: A WhatsApp Alternative to SMS for Enhanced Security

background-1024x256 Descope's nOTP Authentication: A WhatsApp Alternative to SMS for Enhanced Security

Introduction

This week, US startup Descope is announcing what it claims is a new way to authenticate to websites via WhatsApp.

For the last decade, the online world has tried to solve the problem of password insecurity by migrating to multi-factor authentication (MFA), only to discover the technology has limits.

The Problem with MFA

The first issue is that most consumers don’t like it and try to avoid using it if they can. Using MFA on one website is mildly inconvenient but using it on every site quickly turns into a chore.

Businesses aren’t that keen either. Using MFA puts a barrier between the consumer and a transaction being completed, not to mention the cost of sending SMS texts that incur network charges.

Descope’s Solution: nOTP

Descope’s answer to that, nOTP (“no-tee-pee”), uses WhatsApp as the authentication channel, a platform chosen by the company because of its popularity among consumers and its use of end-to-end encryption (E2EE).

The user clicks a “log in with WhatsApp” button on a website or scans a QR code, which results in a code appearing in WhatsApp. The user hits “send” on this message as if it’s from them and they are automatically logged in to the site.

How nOTP Works

This works as a basic form of MFA because the user is authenticated through their WhatsApp identity, including its connection to their registered phone number.

The technology behind nOTP reflects the company’s underlying platform Descope Flows, developed as a way for companies to add any type of authentication to their website using a visual process requiring no coding.

Conclusion

The promise Descope is selling is that a developer can design and integrate their login process in a fraction of that time.

In essence, Descope Flows serves as an abstraction platform developers can use to create a complete login system, whether using nOTP or any other type of authentication.


You think you have a story worth everyone’s time? SUBMIT A STORY and we will publish it.

Share this content:

Post Comment