RT Nick Szabo (@NickSzabo4)Two-factor authentication is a service, so I find it more likely that he paid for it rather than sold it.Using phone numbers for authentication is tantamount to having a digital ID, and a digital ID gets you most of the way towards being doxed.If you have given your phone number or email address to X, in my opinion there's a good chance you have also unknowingly given it to an "ex"-8200 intelligence asset. The name you gave when you signed up for the phone number can be readily lo ...

RT Nick Szabo (@NickSzabo4)Two-factor authentication is a service, so I find it more likely that he paid for it rather than sold it.Using phone numbers for authentication is tantamount to having a digital ID, and a digital ID gets you most of the way towards being doxed.If you have given your phone number or email address to X, in my opinion there's a good chance you have also unknowingly given it to an "ex"-8200 intelligence asset. The name you gave when you signed up for the phone number can be readily lo ...

RT Larry Chiang, 650-283-8008 (@LarryChiang)>>RT Nick SzaboTwo-factor authentication is a service, so I find it more likely that he paid for it rather than sold it.Using phone numbers for authentication is tantamount to having a digital ID, and a digital ID gets you most of the way towards being doxed.If you have given your phone number or email address to X, in my opinion there's a good chance you have also unknowingly given it to an "ex"-8200 intelligence asset. The name you gave when you signed up for th ...

Two-factor authentication is a service, so I find it more likely that he paid for it rather than sold it.Using phone numbers for authentication is tantamount to having a digital ID, and a digital ID gets you most of the way towards being doxed.If you have given your phone number or email address to X, in my opinion there's a good chance you have also unknowingly given it to an "ex"-8200 intelligence asset. The name you gave when you signed up for the phone number can be readily looked up unless you took spe ...

Core Insights - The digital payments industry is transitioning from one-time passwords (OTPs) to biometric-based authentication and passkeys to enhance transaction success rates and security [11][10][8] Industry Overview - OTPs have been associated with delivery issues leading to transaction failures, while biometric authentication is expected to improve transaction rates significantly [11][7] - Major banks in India operate at a success rate of 93-95% on the Unified Payments Interface (UPI), with business declines and technical declines being the primary reasons for transaction failures [11][12] Technological Advancements - Biometric authentication and passkeys are seen as effective solutions to reduce friction points in card transactions, which often lead to failures [5][11] - Visa's Payment Passkey utilizes a hardware-protected private key paired with a public key, minimizing reliance on telecom networks and enhancing security against phishing attacks [5][6] Cost Efficiency - The shift to biometric authentication is expected to significantly reduce the costs associated with sending OTPs, as the SMS delivery leg will be bypassed [7][6] - The digital payments industry processes billions of transactions monthly, indicating a substantial cost-saving potential with the new authentication methods [7][11] Regulatory Changes - The Reserve Bank of India (RBI) has issued new guidelines mandating that all digital payments must be verified using at least two factors of authentication, which can include biometric methods [12][10] - These guidelines aim to adopt more risk-based authentication models in response to increasing fraud instances in online payments [10][12]