One of the methods that currently exists to keep your Apple account safe, your ID with access to iCloud, is the two-step verification. It consists of an authentication system whereby the user who wants to access their account must enter a random number that is generated and received on trusted devices. There are programs that generate those numbers like Authemticator.
Apple is willing for this modality to continue to exist but with changes that make it even more automatic. He also wants the system to be standardized. In this way there would only be one way to corroborate the identity and not as now that each company and page does it in its own way. Google agrees with Apple on this view. I don't know if Google is getting more restrained or Apple is getting carried away by the information sales giant.
Apple Proposes Simpler, Standard, Automatic Two-Step Verification
Until the moment when the two-step verification is activated in Apple and we want to access our account, we must enter a code that is generated on other trusted Apple devices that the user has previously had to register. We can do something similar in Google, logging in from a trusted mobile phone. But this system for Apple has its days numbered.
The Californian company wants the two-step verification to be done through text messages. Similar to SMS messages that are received on the phone but with a novelty. So far this code that is received must be entered manually by the user to confirm their identity. Apple wants the person to have no intervention in this process and that it is added automatically and only on the site of origin. With this, productivity would be gained and intermediate steps would be saved.
The way to achieve it is not difficult. Simply, the message that is sent must be written in a simple text but in such a way that the machine can read the code and being associated with a URL knows that it is a login code and therefore must enter it in the correct field and access to the information. In this way the two-step verification would be automatic and fast. But it is also that Apple wants this way of proceeding to become a standard for any platform and Google agrees with this idea. Who does not seem too convinced is Mozilla, who has not yet spoken out for this protocol.
A similar measure already exists, although at the banking level and is not entirely safe.
In September 2019, a system was implemented at the banking level whereby access to accounts must be done by verifying the user through an SMS message to the mobile. A controversial two-step verification because it has been shown not to be the safest of all although it is the most used. Something similar happens with WhatsApp and Telegram. The first is the most used but the second is better.
There have already been cases in which they have intercepted that message sent through the operator and the "bad baba" hackers have been able to access the user's complete data panel without the user noticing. It is more secure, for example, access modes such as Google Authenticator, but of course, many platforms still do not support this method. It also happens that there are companies that generate their own system, such as Microsoft.
That is why Apple wants to standardize this process so that the user always has the same way of proceeding when it comes to two-step verification. I do not know if this will come to fruition although Apple and Google agree. At least for the moment I am not convinced at all. Simplifying the message so that it can be read by web services gives me the impression that it will generate less security. In this topic everything standard is easy to access illegitimately.
