Gmail is, reportedly, preparing to discontinue SMS-based authentication codes, shifting toward a QR code system for verifying user identity. One insider, as per Forbes, has claimed that plans are underway to replace text message verification with an alternative option aimed at enhancing security while reducing risks associated with phishing and fraud. The move aligns with broader efforts in the tech industry to move away from passwords and traditional two-factor authentication methods in favor of more secure approaches. While SMS authentication has been widely used, vulnerabilities have long raised concerns, with growing instances of cybercriminals exploiting text-based security codes to gain unauthorized access.
Google currently uses SMS-based authentication for both security verification and abuse prevention. The system helps confirm returning users and prevents large-scale fraudulent activity, including mass account creation for spam and malware distribution. However, SMS verification remains susceptible to phishing, and its effectiveness depends on the security protocols of mobile carriers. If attackers manipulate a carrier into transferring control of a phone number, SMS-based security loses its reliability. Company representatives cite this as a major reason for shifting away from text-based authentication, stating that fraudsters have increasingly leveraged weaknesses in the system to bypass security measures.
One emerging scam involves a method known as traffic pumping, where cybercriminals exploit SMS verification by triggering mass authentication messages to numbers under their control. Each delivered message generates revenue for the attackers, leading to financial losses for service providers. This type of abuse has become a growing concern, accelerating efforts to implement stronger authentication methods.
In the coming months, Gmail users will no longer receive six-digit SMS verification codes. Instead, a QR code will appear on the screen during authentication, requiring users to scan it with their phone’s camera to complete the process. The shift aims to eliminate phishing risks associated with text-based codes and reduce dependency on mobile carriers for account security. Google has not provided a specific timeline for the rollout but indicates that additional details will be shared soon.
Image: DIW-Aigen
Read next:
• Fake ‘Sadcore’ Posts on Facebook Monetize Sympathy Through Stars and Ads
• Analysis Shows Even though ChatGPT is Sending a Lot of Referral Traffic to News Websites, It Still Remains Small
Google currently uses SMS-based authentication for both security verification and abuse prevention. The system helps confirm returning users and prevents large-scale fraudulent activity, including mass account creation for spam and malware distribution. However, SMS verification remains susceptible to phishing, and its effectiveness depends on the security protocols of mobile carriers. If attackers manipulate a carrier into transferring control of a phone number, SMS-based security loses its reliability. Company representatives cite this as a major reason for shifting away from text-based authentication, stating that fraudsters have increasingly leveraged weaknesses in the system to bypass security measures.
One emerging scam involves a method known as traffic pumping, where cybercriminals exploit SMS verification by triggering mass authentication messages to numbers under their control. Each delivered message generates revenue for the attackers, leading to financial losses for service providers. This type of abuse has become a growing concern, accelerating efforts to implement stronger authentication methods.
In the coming months, Gmail users will no longer receive six-digit SMS verification codes. Instead, a QR code will appear on the screen during authentication, requiring users to scan it with their phone’s camera to complete the process. The shift aims to eliminate phishing risks associated with text-based codes and reduce dependency on mobile carriers for account security. Google has not provided a specific timeline for the rollout but indicates that additional details will be shared soon.
Read next:
• Fake ‘Sadcore’ Posts on Facebook Monetize Sympathy Through Stars and Ads
• Analysis Shows Even though ChatGPT is Sending a Lot of Referral Traffic to News Websites, It Still Remains Small
