Smart Nation Provide an alternative way to generate a 2FA
Many organizations require 2FA to log into their website, e.g. banks and stock broking firms. They use the mobile phone as the device to generate the 2FA.

They do not consider the problem faced by a customer who loses the mobile phone. I have experienced an occasion where  I lost the mobile phone and another occasion when my mobile phone died. 

On both occasions, I had great difficulty in accessing my bank account and my stockbroking account. 

The cyber security experts should consider this problem. They should provide an alternative channel for the customer to provide the 2FA authentication, instead of relying solely on the mobile phone. 

I suggest that the alternative solution could be a widely used authentication device, such as Google Authenticator. Allow the customer to register this authenticator ID, so that it can be used as an alternative. 

I find that the cyber security protocols do more harm than good. Anyway, if they provide an alternative, they will reduce the harm. 

Tan Kin Lian

Add Comment

---