Two-factor authentication via SMS increases the security of each login. Unlike conventional systems, no additional devices, scratch lists or cards are required. The two-factor authentication makes possible a highly secure and tamper-free identification.
Imagine an online access that has to be specially well protected: for example, the Payment Portal of a bank. Ideally, one uses a password and user name as "low-level" identification. This represents the first level of security The second step is often carried out by a scratch list or even a number generator in form of a small device.
ASPSMS can be used for the second level: The customer receives a mobile transaction number (mTAN, OTP, Token, etc.) sent to his mobile phone by the payment portal. If the SMS-code is entered correctly when logging in, the person is identified as the authorized user. No additional equipment, cratch lists or cards are needed.
Use ASPSMS as SMS Provider for existing Systems
If ASPSMS is only used to send the SMS-code (OTP, mTAN, token, etc.), the program logic for generating, temporary storage and final verification is completely on the side of the system to be protected. This approach is unproblematic and is used by many ASPSMS clients. In particular, if a two-factor logic already exists on the side of the system to be protected.
ASPSMS can be used via SOAP web service very easily for Microsoft ASP.NET Identity projecets.
More security through the use of ASPTOKEN
When using ASPTOKEN, parts of the necessary application logic are outsourced to ASPSMS. The crucial security advantage is, that any system manipulations for unauthorized intrusion are much more difficult because the SMS-codes are not stored anywhere within the system to be protected.
When usinig ASPTOKEN, the SMS-codes are instead generated by ASPSMS, stored at ASPSMS and finally verified by ASPSMS. ASPSMS again has no knowledge of the security procedures on the side of the protected system.
This kind of "partitioning" makes sense in terms of security in any case, since the confidential information is no longer stored in a single location. Instead, only individual, relatively uncritical parts are available at each involved system.Available SMS tools and interfaces for ASPSMS
|Purpose and business examples|
|SMS tools for End Users|
|Microsoft Office Outlook 2013-2016: Email to SMS||free|
|Microsoft Office Outlook 2010 Mobile Service||free|
|SMSBLASTER web edition||free|
|SMS Blaster Windows Edition||free|
|SMS touch for iPhone and iPod touch||Shareware|
|ECO-SMS - Ökologische SMS!||Shareware|
|Cybersystems mscrmSMS||see price list for details|
|Jabber-Client Chatopus for Palm OS||small one-time payment|
|delight Software GmbH||see price list for details|
|ASPSMS Widget for Mac||free|
|SMS scripts and interfaces for developers|
|ASPSMS Dot Net Assembly on NuGet||free|
|ASPSMS JSON API (REST)||free|
|C# Microsoft ASP.NET Identity MVC (for SOAP)||free|
|Node.js interface for ASPSMS||free|
|PHP Class for ASPSMS SOAP web service||free|
|SOAP Web Service||free|
|ASPSMS SMTP Interface||free|
|VBscript Class (ASP)||free|
|PHP - Python - C# - Java||free|
|Jabber to SMS for Server Admins||free (open source)|
|SMS Blaster Visual Basic Source Code||free|
|Supported networks around the world|