SOURCE: TextPower


April 28, 2014 06:00 ET

World's First Omni-Factor Authentication™ Technology to Debut at FinovateSpring 2014

Patent-Pending Method Using Simple SMS to Secure Websites Will Have First Public Demo at Silicon Valley Financial & Banking Technology Conference

SAN JUAN CAPISTRANO, CA--(Marketwired - Apr 28, 2014) - Sending a simple text message never did so much. TextPower, Inc., has developed a method to secure website and VPN logins using the world's most commonly used phone app, SMS, that is three times more powerful than any other solution in the market. The company is a leader in innovative text messaging software solutions and today announced that it will be a featured presenter at FinovateSpring 2014, on April 29 in San Jose, California. 

TextPower will demonstrate TextKey™, the world's first Omni-Factor Authentication™ (OFA) system that provides an unprecedented seven factors of authentication activated by the user simply sending a standard text message from their cell phone.

"Using a cell phone as an authentication device isn't unheard of, but increasingly hackers are finding ways to exploit conventional SMS-based authentication or install malware on mobile devices which undermines confidence in using them for authentication. All current SMS authentication services use the 'MT' (mobile-terminated) method, which means the authentication code, link or other identifier is sent to the phone and then the user is asked to enter the code onto a web page for authentication, which is less secure. TextKey turns that process upside-down and by doing so makes it more secure and easier to implement," explained Scott Goldman, CEO, TextPower. 

TextPower's patent-pending "MO" (mobile-originated) methodology reverses the process, allowing text messages to be used for authentication in a virtually unhackable manner. TextKey™ authenticates users by having them send a text message from their authorized cell phone -- TextKey verifies that the authentication message was sent from an authorized phone, containing the correct key, adding the correct PIN and to the correct destination. The software can be licensed for large institutions or the entire system can be used on a cloud-based SaaS platform which doesn't require the website to have any additional servers, appliances, software or remote hosting. As a result, any enterprise interested in protecting its website, VPN or app from hackers, thieves or discontented employees can now provide more secure authentication than even the most complex and expensive security key fob systems -- and at a fraction of the expense.

"With mobile applications at the forefront and virtually every customer checking their accounts and conducting transactions online, the financial and banking industry is driving the momentum for more secure text messaging and authentication technology, and we are thrilled that TextPower has chosen FinovateSpring 2014 for the launch of their new technology," said Eric Mattson, CEO, Finovate.

TextKey Omni-Factor Authentication
For the first time, up to seven factors of authentication can be used to verify information and secure a website, VPN or app -- all by the user sending a simple text message. TextKey's OFA includes:

1. Password -- every website's login or VPN system's first factor of authentication.
2. UDID (unique device identifier) -- also referred to as the "fingerprint" of the phone, the UDID must be verified by the carrier as a match to the mobile number before they will even transmit the SMS. This prevents spoofing, hacking and cloning -- or makes it unfathomably difficult.
3. Key -- the randomly-generated numeric combination that is every two-factor authentication system's second -- and last -- factor.
4. Mobile number -- only TextKey can verify the number from which the message is sent as being legitimate because only it uses a process where messages are sent from the phone instead of to it -- sending a message to a phone doesn't allow verification that it went to that phone or only to that phone.
5. PIN -- an optional PIN of 3 to 7 digits that is never displayed and must either precede or follow the key, making it impossible for a remote hacker to know the full key that must be sent from that authorized mobile device to authenticate an identity.
6. Dynamically assigned destination -- TextKey randomly assigns the short code -- the 5 or 6-digit number allocated by cellular carriers for commercial automated-to-person text messaging -- that the key must be texted to. This makes it virtually impossible for a hacker to intrude, even if there is a previously unknown malware installed they still won't know where the authentication code has to be sent; even customers won't know where the key will have to be texted to until TextKey tells them. 
7. An optional hidden, self-reporting anti-hacker link that reveals the key only once when the link is clicked; further attempts to reveal the code send an alarm to the website

About FinovateSpring
FinovateSpring is a demo-based conference for innovative startups and established companies in the fields of banking and financial technology. Held in San Jose, the event offers an insight-packed glimpse of the future of money via a fast-paced, intimate, and unique format. FinovateSpring is organized by The Finovate Group. For more information on the event or to view videos of previous demos, please visit

About TextPower, Inc.
TextPower, Inc. provides alerting and authentication solutions to a variety of industries worldwide using text messaging (SMS). The company's software and text messaging services help companies enhance their revenues, decrease costs and improve customer service. TextPower's authentication product, TextKey™, replaces the smartphone app, hardware token or security fob previously needed to verify the identity of online users for password-protected applications. TextPower's mission-critical infrastructure employs geo-redundancy for the industry's highest reliability, providing delivery to virtually every cell phone in the United States and connections to most recognized wireless operators around the world. Visit, email or call 888.818.1808 for more information.

Contact Information

  • For more information contact:
    Dan Chmielewski
    Madison Alexander PR
    Email Contact