The verification process protects your data or funds from access by unauthorized persons and consists of three components:
1. Identification — the process of recognizing a user by the identifier.
2. Authentication — gives proof that the user is exactly who they claim to be.
3. Authorization — granting certain rights.
Generally, on the personal account page, the system first asks you to enter an identifier. This can be a username, first and last name, email address, or a mobile phone number or disposable number, depending on the resource.
The data indicated during registration must be entered to gain access. This procedure is necessary to identify the person behind the monitor. If the user entered an identifier, and the system found a record about a user with that name in its database, the identification was completed.
After identification, an authentication process follows, in which, the user needs to prove that he/she is the person who registered under the credentials by:
· biometric data: face scanners, fingerprints, or retinas
· pin codes, passwords, pattern keys, secret words
The most common type of authentication data is a password or SMS code. After the user enters them, the system checks whether they match the user. This is how authentication takes place.
If everything is complete, and the login-password pair is correct, the system will provide the user with access to their resources and perform operations, that is, authorization will occur.
The process of verification is typical for online banking, e-mail, social media, and other resources, and a free virtual number can be used for this.
One-factor Verification
As smartphones have become a part of our lives, they represent one of the ways to confirm the identity of the user for accessing various resources. In this case, a one-time password is generated either using a special application or comes via SMS – this is the simplest method for the user, and a temp number phone can be used to get it.
Today, you can receive SMS online, and the process is the following:
· The user enters the login and password specified during registration. If this pair is correct (login is in the database and corresponds to the password), the system sends a one-time password with a limited validity period.
· The user enters a one-time password and, if it matches, gets access to the account.
Even if an attacker somehow obtains a username and password for an account, after entering these data, the system will send a one-time code with a limited duration to the user’s linked mobile phone. Without a one-time code, a fraudster will not be able to steal money.
If the virtual number was used for account creation, this type of fraud becomes totally impossible.
