ÜBERTECH | A ZDNet Multiplexer Blog What's this?

SMS to the Rescue

Technology keeps getting more complicated, which is why good, old-fashioned SMS is often the best solution.

I love SMS for its elegant, infinitely useful simplicity. I’ve rounded up ways different companies have used it to their advantage here and here , and I’m about to do it again.

The Swedish program SMSlivräddare (or SMSLifesaver) uses SMS to improve the survival rates for cardiac arrest victims. Whenever someone in Stockholm dials the emergency services number, all CPR-trained volunteers within a 500-meter radius receive an SMS alerting them to the caller’s location. A nearby volunteer can get to the scene faster than emergency personnel, and the first few minutes are critical. (Incidentally, have you heard about the Staying Alive CPR campaign? Here’s the very funny video that explains how you can help someone in cardiac arrest with hands-only CPR.)

 If you need to get a message out to your entire company right now, what will you do? MIR3 is using SMS for its ‘intelligent notification’ solutions that can send time-critical voice or text information quickly to one person or hundreds of thousands of people at once. It’s an advanced service that provides global access, high-volume throughput, and two-way communication to recipients regardless of their mobile networks, and it’s built on good, old-fashioned SMS.

With online banking, you can never have enough security, but equally you need to make sure security doesn’t impair usability. To achieve multifactor authentication (more than one verification that you are who you say you are), some banks issued OTP (one time PIN / passcode) generators to consumers, but with the cost of these being anywhere from $25 - $100, it’s not cheap. And if you want to access your bank account while you’re at work, you’d need to carry the OTP generator with you. Other banks tried mini-calculator type devices to work with your bankcards, like this one from HSBC. These are even more inconvenient.

Smart banks have realized you can achieve the same benefits without issuing devices. To put it simplistically, multifactor authentication should require users to produce:

  • Something they know (such as a password, username, mother’s maiden name, etc.)
  • Something they have (such as a mobile phone or photo ID)
  • Something they are (such as your fingerprint, voice or iris)

So, the easiest solution for OTPs is to just send an SMS to the phone registered to the account, as this Citi Mobile FAQ explains. The bank improves security, with the minimum of inconvience for the customer and with nothing extra to carry arround to access your online banking.

All of which goes to show, there still a lot of potential left in SMS-based services even in this increasingly smartphone world.