On Tuesday (July 26), Coinbase introduced “Security Prompt”, which it described as “a faster and safer way for our users to verify their identity & activities when interacting with the Coinbase ecosystem.”
In a blog post published earlier today, Senior Product Manager Siyu Liu and Product Manager Chetan Rane introduced the new feature.
They wrote that Coinbase believes “users need to have access to the best security possible without sacrificing ease and convenience,” which is why they “require all Coinbase accounts to use 2-Factor Authentication (2FA).” Although Coinbase “offers both hardware key and authenticator app support on both web and mobile for 2FA,” a lot of customers “appreciate the convenience of SMS.”
So, they decided to take one more step toward user account security by designing and implementing a new feature called Coinbase Security Prompt, which they say is “a simpler, faster and safer 2FA method that improves overall account security.” Rather than send a code by SMS, Coinbase Security Prompt “sends users a push notification to their Coinbase mobile app, asking if they are trying to sign in,” as you can see in the video below:
Coinbase’s blog post went on to say that this means its customers “will automatically have a stronger security without losing the ease and convenience of using their phones, from anywhere.” It also mentioned that Coinbase Security Prompt is “resilient against SIM Swap attacks by removing the mobile carrier as an intermediary from the authentication process.” Furthermore, it “reduces the risk of phishing attacks by providing detailed information about where the request is coming from, such as the location or browser type.”
From now till the end of the year, “eligible users will gradually start to be automatically enrolled to complete their 2FA via Security Prompts” and “users who are still receiving SMS codes as their 2FA method can get access to Coinbase Security Prompts by downloading the Coinbase app.”
Coinbase describes “eligible users” as “those who have an active mobile login session, trying to login from a second device and are using our latest Coinbase app version.”