SMS verification is widely used by Apps and Social media.
mobile phone verification
. I remember getting an email this morning from a local business owner that said they had received several complaints about her parking signs advertising rental property on public roads and in front of other vehicles, so she decided to make them visible by creating "naps."
for rent at my favorite old-fashioned motel - the Ritz El Camino. In fact all around are these large posters asking passersby not only where your kids were born, but also how much you paid last year…I have no idea why people don't get it or if their neighbors would really notice….hope someone sees any pics 🙂 My name is Susan Taylor,and
The present issue is also a problem often encountered during test environment. There are many solutions, and various methods have their advantages and disadvantages. Let’s discuss and see below next.
If you are considering and think about this problem clearly, in fact, the key point is to first think about the process of receiving sms in with your mobile phone number and receive SMS online. The process is clear, and the solution is clear, but your privacy and data maybe collected unwittingly.
The first step: the process of logging in with the mobile phone number verification code:
- Enter your mobile phone number on the page and click to get the verification code
- The backend receives the mobile phone number, verifies the correctness of the mobile phone number format, and then calls the SMS gateway to send the verification code. The SMS gateway is only responsible for sending the SMS. The mobile phone number and SMS content to be sent are provided by our system to the SMS gateway. Therefore, our system must store the correspondence between the mobile phone number and the verification code in one place, it may be cached (reddit), it may be a database, or it may be elsewhere.
- The phone receive SMS online
- Enter the verification code on the page and click Submit
- The system receives the mobile phone number and verification code of the login request, and then retrieves the verification code of the corresponding mobile phone number in the place where the corresponding relationship between the mobile phone number verification code is saved, and then compares whether the two verification codes are replaced. The replacement login is successful and inappropriate If the login fails, of course the verification code must be effectively integrated
mobile phone verification data, which may allow criminals to steal your identity and access bank accounts.
(This is what happened in 2010.) According a 2014 report by the National Coalition Against Money Laundering, more than $6 billion was spent on "unlawful transactions." The FBI warns against collecting personal information without consent or for any reason other then legally compelled disclosure of that particular account number. And it's unclear how much money hackers might be able find out from credit reporting agencies; this year at least one cybersecurity firm said there were reports of Russian-affiliated hacktivists purchasing computers as part:
In fact, the fifth-step verification process is a key step to determine whether we log in successfully, so what are the solutions for the fifth step?
Solution 1: Let the back-end set a universal code, so when logging in, if it is this code, the login is successful by default, which is equivalent to a back door. At this time, you need to confirm with the back-end. Only the designated mobile phone number is the universal code. Effective, this can avoid the loss caused by accidentally sending the universal code to the online environment to the greatest extent.
Solution 2: Let the backend remove the SMS verification code login process, and directly enter the phone number to log in. This way the code changes a lot, and the risk of sending the wrong code online is very high
Solution 3: Obtain the login authentication information by yourself, such as token, and write it into the code so that you can skip the login process. The bad thing is that you have to do it manually every time you run it.
In fact, it can be seen that there are some disadvantages in Option 1, Option 2, and Option 3. It is either that development assistance is needed to modify the code logic, or it is more troublesome to make, and there is a better solution.
Optimal solution: As can be seen from step 2, the verification code of the SMS actually exists somewhere, then we can directly obtain the verification code by operating the database, operating redis, or calling the interface, and then we can enter the correct verification code Code, so there is no need to develop and modify the code, and it is not troublesome, that is, we need a little more knowledge when writing automated scripts, but the effect after running through is better than the previous scheme.
It can also be seen from the above that now automation is not just that we know selenium and appium. In fact, automation must be used well. The skills of code operation database, operation redis, and operation interface also need to be mastered and used flexibly in automation. , There will be a multiplier effect.
The above is a personal understanding. If you have any objections, you can discuss it in the group.