Snippet: Remember VHS? The Sony Walkman? What about the dot matrix printer? These are things that were considered state-of-the-art in the 1980s – but are now only a fond memory.

Remember VHS? The Sony Walkman? What about the dot matrix printer? These are things that were considered state-of-the-art in the 1980s – but are now only a fond memory. No-one in their right mind would, for example, release a new film only on VHS today. And yet incredibly, the SMS OTP, first conceived in the early 1980s, is still what secures online banking channels at most of the world’s financial institutions today.

We’ve moved on since the Walkman. We live in an age where our watches measure our sleeping patterns; our refrigerators order food for us; and apps tell us when we’re spending too much money. So why is it that OTP technology still factors in banks’ security plans when, in reality, it’s a relic that’s been obsolete for more than a decade?

In an industry as traditional and heavily regulated as banking, there is great hesitancy when it comes to straying from the known. And it’s true, banks do have a lot to fear. Implementing a new security method is a huge investment with no guaranteed returns. The new technology may cause trouble as the bank attempts to integrate it with its legacy systems. Customer adoption may be poor if the new technology is too complex. But the reality is that banks can no longer afford to remain stuck in the status quo.

The world is moving on, and banks should too: new regulations like PSD2 in Europe are demanding change, but so are customers. Competition is fiercer than ever, with challenger payment companies and digital-only banks threatening to step in where financial institutions fail. Yes, security by SMS OTP is much better than passwords, but its user experience leaves much to be desired, and its security is far from impenetrable.

The rapid development of technology has been accompanied by an equally rapid – and often more determined – evolution of new kinds of digital crime. SMS OTP, once thought to be the pinnacle of security, has also been proven to be vulnerable to hackers with the right motivation and resources. It’s lost its shining reputation to the new kid on the block, which offers what OTPs never can: the combination of security and a smooth user experience.

Push authentication doesn’t require the digital banking user to switch between apps, copy or remember numbers, or wait for a message to come through. With push authentication, communication between the bank and the user occurs over an isolated, encrypted channel that is not susceptible to the same attacks as passwords or SMS OTPs.

Furthermore, next to no input is required from the user – a single tap completes each simple, intuitive authentication event. With this kind of convenience, it’s not surprising that analyst firm Gartner expects push technology to dominate the authentication market in only two years’ time.

Subscribe to our blog.

Clara Chennells


Clara originally joined Entersekt’s marketing team as a copywriter, and is now based in the European headquarters in the Netherlands. In her current role, she is responsible for lead nurturing, organizing local events, managing relationships with local PR agencies, and serving as the liaison between the EU office and central marketing.

Entersekt Logo

Entersekt is an innovator of customer-centric fintech solutions. Financial services providers and other enterprises rely on our patented mobile identity system to provide both security and the best in convenient new digital experiences to their customers, irrespective of the service channel. With us, they can concentrate on their innovation roadmap, while delivering intuitive, low-friction digital experiences to their customers.