In 2021, LabsMobile increases the security of the platform due to the exponential increase of online fraud cases. To protect the clients’ data and their credits, we have activated 2FA authentication. In this way, non-authorized accesses will be stopped.
In the last year, with the COVID-19 pandemic, we have seen an exponential increase in the cases of SMS phishing and our platform hasa been a target for the last few months. We have suffered attacks and unauthorized accesses not allowed every day.
We should note that forbidden access can see all the data of the account (delivery history, databases, etc).Besides, they can use the available credits and they can purchase credits or even use up to the limit of the stored cards.
LabsMobile’s agreements with operators make them implement every available method to avoid non-desired or fraudulent messages. Not complying with these clauses or sending mass messages with fraud or phishing practices can harm LabsMobile in the form of sanctions, cancellation of agreements, or even complete blocking of routes.
So, access not allowed or even losing a password poses a risk for our clients and our platform, too. Then, we need to address and mitigate these risks, and 2FA authentication can increase security and avoid these risks.
We understand that this measure is a bit annoying for our clients but it’s for their safety and protection of their data. Many other digital platforms and financial institutions have already adopted these measures and they are likely to become standard in the near future.
You need to take into account that, once you have logged in, this access lasts for more than 24 hours.
When defining 2FA (Two factor authentication) you need to understand that login in has 2 steps, validating your identity. You need to prove you have authorization to access the account.
The most used methods for authentication for this type of processes are:
LabsMobile has adopted the first three as methods for its authentication process.
Once the user has entered (using the email or username and password), then you need to introduce the 2FA code (double-factor authentication code). This code will be sent via email (by default) and it’s also possible to receive the 2FA code via SMS or using the Google Authenticator app.
Using an authentication process it’s possible to resend the code and change the delivery method. After 5 failed tries, the access is blocked for 24 hours. You’ll need to contact our Support Center to unblock the access and verify that there’s no problem with the settings of the account.
Accounts that are obliged to log in via 2DA in WebSMS are:
– Accounts that have the LabsMobile design (not for white label).
– Accounts that have signed a service contract (have introduced the billing data and have validated a mobile phone).
– Accounts that have not signed the contract yet but have manually activated 2FA.
Cuentas que tengan el diseño LabsMobile (no para las de marca blanca).
The process is the following:
* There’s a maximum of 5 failed attempts within 24 hours. If you reach this maximum, no 2FA will be sent within 24 hours. You’ll need to contact support to enable access again or wait 24 hours.
* 2FA codes sent by SMS or email are valid for 30 minutes.
LabsMobile’s platform is safer now and so is the information stored in our clients’ accounts. This important data will not be compromised even if you forget or lose your password.
LabsMobile is seriously committed to maintaining SMS as a useful and efficient channel of communication, free of fraud and unsolicited messages.