Back to Blog

Beta Available for Authy OneTouch Mobile SDK

2016-09-16_1955
Can security get any simpler? With our Mobile SDK, yes it can.

Authy has been leading the way towards simpler security since our inception. In a previous blog post, we discussed the advantages of OneTouch, our latest authentication advancement, over other available 2FA services, including our own.

In short, Authy OneTouch is more security with less hassle. A user needs only to approve or deny a request and the authentication is complete. Here’s how it works:

  1. After accessing a protected function (a login, a purchase, etc.), Authy sends the user a push notification to a trusted device, informing them of the activity.
  2. The user responds to the notification and sees the activity details via the Authy app.
  3. The user presses either Approve or Deny, informing the app to take the appropriate action.

Since there are no codes to enter, Authy OneTouch is not prone to phishing or man-in-the-middle attacks. This makes it notably more secure than SMS, soft tokens, and hard tokens, which already provide more security than username and password alone.

Introducing the Authy Mobile SDK

While Authy makes authentication super simple for the user, things just got better for the developer, too. OneTouch has primarily been available in the free Authy app, but many in the coding community have wanted to embed this feature directly into their existing mobile apps. You spoke. We listened.

Today, we’ve updated the public beta of our OneTouch Mobile SDK, so developers everywhere can have a modern and rich authentication and approval process right inside their own applications. In addition to performance improvements, this release adds support for iOS and Android, taking us one step closer to providing 2FA for all! You can also use this SDK to provide a passwordless login experience for your users, akin to the sort of logins we are now seeing from Google. You can read more about how to implement a passwordless login experience here.

For this SDK to work, you need to have the beta flag enabled on your Twilio account, please email us at [email protected] to set you up and you’ll then be able to download the SDK and integrate it into your app. There have been no changes to the Authy API, so if you’ve already worked with our APIs, you’ll feel right at home.

The Authy Mobile SDK In Action

Below you’ll see an Authy OneTouch demo that shows the Mobile SDK in action. As you can see it’s embedded into the OWL BANK site, and upon logging in, the user receives the Approve / Deny prompt right on their device. It’s that easy! And because its white labeled, you get to create an authentication experience that is an organic and genuine part of your brand experience.

Simple to code. No security know-how required.

The Authy service is backed by an expert security operations team and a fraud-trained help desk—so you don’t have to build security systems to guard against attack. Instead, you’ll be able to strengthen — even replace — the traditional username and password login for your websites, SaaS products, and mobile apps. You also don’t need to worry about reliability or maintaining cloud service. Authy protects over 10,000 websites with a 99.999% uptime and 400ms average API response time. Plus, Authy APIs have been tested and used by more than 20,000 developers since 2012.

Remember, to download the SDK and integrate it into your app you must have the beta flag enabled on your Twilio account. Please contact us at [email protected] to get started. Enjoy!

You also may be interested in:

Join Authy at Twilio. We’re hiring!

About the author Authy

Authy is simple & secure two-factor authentication, available as a free mobile or desktop app, from Twilio. To get yours, click on the download button at the top of the page.

We can text you a link to get started:

Close