Apple’s WebKit engineers are considering developing a standardized format for dynamic verification codes based on sMS services,media reported. ZDNet noted that Apple announced the proposal on GitHub on Thursday. This may help simplify the sign-in process for two-step authentication and provide better protection for users.
(From: GitHub, via Apple Insider)
For websites, businesses, and other entities, this is expected to simplify its OTP SMS mechanism and ensure that login credentials are part of a two-step authentication system. In addition to the user password, the other is the dynamic verification code based on SMS.
Because the format standards of each service provider are not uniform, it is difficult for the current software to automatically extract the necessary information from OTP SMS messages, resulting in users often having to enter the verification code manually.
To streamline the process and free users from their actions (copy and paste verification codes), Apple decided to plan a better approach and encourage more service providers to adopt them.
The proposed format uses a ‘lightweight text format’ that embeds actionable one-time code into an SMS message and links the code to a specific original URL.
As a result, the system’s inbox can automatically extract the verification code and pass it to the associated login website. Here’s an Apple-led sample text message format:
The verification code for your use of a website is 747723.
The first behavior of the above message is optional human-readable text to explain what message is coming in. The second line contains information that can be called by the program, and is recognized and escaped by special characters.
Reports say Apple has signed a deal with Chrome browser developer Google, but Firefox browser developer Mozilla has yet to make an official statement on the standard.