Known for its privacy and security features, Apple is reportedly planning to come up with authentication SMS messages to prevent phishing scams, reported PhoneArena.com. Apple engineers have reportedly put forward a proposal to work towards a standardised format for two-factor authentication SMS containing one-time passcodes that users receive during the login process.
The suggestion has come from engineers of Apple Webkit, a core component of the Safari browser which is the default browser on Apple devices. According to reports, the suggestion is backed by Google engineers working on Chromium. The new feature would rely on SMS messages that would contain the associated login URL inside.
Besides, the proposal aims to standardise the format of two-factor authentication (2FA), so that incoming messages are easily identified by browsers and other mobile apps. As a result of this, a browser would recognise the web domain inside the message, and automatically extract the OTP code to complete the login operation without further user interaction. With the advent of this feature, the process of receiving and entering an OTP would become automated, preventing the user from falling for a scam.
After the introduction of the feature, apps and browsers would obtain the OTP code and complete the two-factor authentication login process. In case of any mismatch, the auto-complete operation will fail, which, in turn, would enable human readers to see the website's actual URL, and compare it to the site they're trying to login.