Background

2-Factor Authentication (2FA) is a cloud messaging security solution that confirms the identity of the user and protects the system from phishing or hacking attacks.

A one-time PIN (PIN code) is generated and sent to the user’s mobile phone. The user receives the PIN code and types it into the application to confirm the identity. If the PIN number that was sent out to the user matches the one that is received, the user is allowed to continue with the process.

Sequence Diagram

1. User enters the Phone number into the client’s application (mobile or web). The other option is that the client pulls the phone number from his user database.
2. Application sends a request for the PIN code with the user’s phone number to RT Two-FA API.
3. RT Two-FA API generates the PIN and verification ID, and sends the verification ID back to the application along with response status
4. Telco delivers the SMS with the PIN code to the user
5. User enters the received PIN code into the application
6. Application sends the verification-check request with the PIN code and verification ID
7. RT Two-FA API verifies the received PIN and sends the response to the application