I am thinking of implementing 2-way authentication in my web app…besides email I will ask for the user’s phone to and verify it with SMS message…
And here is the problem to the above scheme(from a business view)…
The users if the app will have a trial period of 2-3 months…meaning cash flow after these 2-3 months.
Which means I have to cover the cost of the sms service before I have started making any money out of the app. Am I saying it correctly?If that is the case what are my alternatives based on your experience?
One-time passwords can be delivered not only in SMS on e-mail. Pay attention to the Android/iOS app Protectimus SMART. It is free, you will pay only for the software part of the two-factor authentication solution from Protectimus, but it is not very expensive if compared to their business rivals. Also, this company works on the implementation of OTP delivery via Push messages. I advise you to talk to them, I guess they will help you to find an advantageous way out.