Salesforce delivers mobile verificationDownload PDF
- Reach a broader user base
- Decrease fraudulent registrations
- Better user experience
Salesforce was founded in 1999 with a vision to reinvent CRM in the cloud, pioneering enterprise cloud computing in the process. Today, Salesforce is powering innovation in sales, service, marketing, community, analytics, apps and more, enabling companies of all sizes to connect to their customers in new ways. The company is fully committed to providing the highest level of security and, as online threats escalate, has constantly innovated to help keep its customers secure in their online environment.
Salesforce has always been forward thinking, including bringing to market one of the first risk-based authentication offerings through its email Identity Confirmation option in 2007. When a user attempted to access their account from a computer, and their browser or IP address which was not recognized, Salesforce would challenge them with a verification code sent to the email account on record.
While innovative in 2007, Identity Confirmation by email suffered a variety of usability challenges as mobile computing took hold across enterprises.
Salesforce realized early on that mobility was becoming a major focus for businesses on a global scale. As part of this focus, Salesforce felt the need to move away from email based verification and authentication to a solution that not only enabled mobile computing, but leveraged a more secure infra-structure. This was a key driver in finding an alternative authentication solu-tion to email and offering SMS Identity Confirmation made perfect sense.
To meet these challenges, Salesforce replaced email two-factor authentication as its default feature for Identity Confirmation with authentication via SMS using Telesign.
This brought numerous advantages. The mobile phone is the most universal personal device on the planet. By using this as a trust anchor, Salesforce was able to reach a broader user base, across the entire globe.
Salesforce uses a variety of methods to verify that a login source is authorized. Now, whenever a Salesforce user logs on to a computer, browser or IP address that’s not recognized, their Identity Confirmation system triggers a one-time passcode (OTP) which is sent by SMS through Telesign to the user’s mobile phone number on record.
Identity Confirmation by SMS has been so effective it is now the default option for all Salesforce customers with verified mobile phone numbers.
Users who do not have a mobile number on record are prompted to enter a mobile phone number upon login. (While email Identity Confirmation is still available, this is only an option for system administrators who wish to re-enable this function for users without mobile devices.) “We needed a partner that could scale to support our ever expanding global footprint. Telesign delivered the scale we were looking for.” Chuck Mortimore, VP, Product Management, Identity and Security.