Service for secure SMS verification for websites?

Question

Is there a service that gives you a phone number to use for verifying SMS for company accounts on sites without needing a phone number?Are small to medium size startups all using someones personal phone number for SMS verification for Twitter for example?

richardesigns · Accepted Answer

This is a worrying thought! Does someone like Twilio do this? Might be worth having a look. We grappled with the same problem because we do device authentication as a single factor of authentication. In a SME setting, ideally the business signs up using ops@example.com and then they can register any number of devices to carry out the device authentication and remove any device remotely if, say, Barbara from accounts retires on Tuesday.

gtsteve · Answer

I had a similar concern where my number might be known to an adversary but the site I was using had to use SMS validation. So, I tried rolling a solution for this problem with Twilio but the range the number was assigned from was blocked because I guess others have had the same idea and used it to abuse the service.
I guess I'd propose that a company phone is allocated and kept in an office somewhere, not ideal though as it's a single point of failure.
Twitter however is reasonably rare in that you can't create subaccounts for individuals, most B2B products will let you do that.
An industry has sprung up around this however and there are Twitter management services however that will hold the credentials for you and allow you to accounts for named users etc.

Raed667 · Answer

At a previous company we had "the office phone" which had a number that everyone used. SMS notifications were forwarded to a desktop app if you were out of the office.

bradknowles · Answer

There is no such thing as secure SMS.

mattbgates · Answer

http://receive-sms-online.info/