check before: 2024-12-01
Product:
Entra
Platform:
Online, World tenant
Status:
Change type:
Feature update, User impact, Admin impact
Links:
Details:
Summary:
Starting December 2024, Microsoft Entra will reintroduce WhatsApp as a channel for delivering MFA OTPs in India, with expansion to more countries. Users with WhatsApp will receive OTPs there, with SMS as a fallback. Organizations can disable this feature or opt for more secure methods like Microsoft Authenticator.
Details:
In late 2023, Microsoft Entra started leveraging WhatsApp as an alternate channel to deliver multifactor authentication (MFA) one-time passcodes (OTPs) to users in India and Indonesia. We saw improved deliverability, completion rates, and satisfaction when leveraging the channel in both countries. The channel was temporarily disabled in India in early 2024. Starting early December 2024, we will be re-enabling the channel in India and expanding its use to additional countries.
[When this will happen:]
Starting December 2024, users in India and other countries may start receiving MFA text messages via WhatsApp. Only users that are enabled to receive MFA text messages as an authentication method and already have WhatsApp on their phone will get this experience. If a user with WhatsApp on their device is unreachable or doesn't have internet connectivity, they will quickly fall back to the regular SMS channel. In addition, users receiving OTPs via WhatsApp for the first time will be notified of the change in behavior via SMS text message.
The sender agent in WhatsApp where users will see the OTPs will be branded as Microsoft with a verified checkmark.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2024-11-06
updated:
2024-11-06
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
Pictures
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
User Confusion
Users may be confused by the change in the delivery method for MFA OTPs, leading to potential login issues.
- roles: End Users, Helpdesk Support
- references: https://learn.microsoft.com/entra/identity/authentication/concept-authentication-methods-manage, https://techcommunity.microsoft.com/t5/microsoft-entra-blog/it-s-time-to-hang-up-on-phone-transports-for-authentication/ba-p/1751752
Increased Support Tickets
The change may lead to an increase in support tickets as users encounter issues with receiving OTPs via WhatsApp.
- roles: Helpdesk Support, IT Administrators
- references: https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-phone-options#text-message-verification, https://techcommunity.microsoft.com/t5/microsoft-entra-blog/it-s-time-to-hang-up-on-phone-transports-for-authentication/ba-p/1751752
Security Concerns
Users may have concerns about the security of receiving OTPs via WhatsApp compared to traditional methods.
- roles: End Users, Security Officers
- references: https://learn.microsoft.com/entra/identity/authentication/concept-authentication-methods-manage, https://techcommunity.microsoft.com/t5/microsoft-entra-blog/it-s-time-to-hang-up-on-phone-transports-for-authentication/ba-p/1751752
Dependency on Internet Connectivity
Users without internet access may face difficulties in receiving OTPs, leading to login failures.
- roles: End Users, IT Administrators
- references: https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-phone-options#text-message-verification, https://techcommunity.microsoft.com/t5/microsoft-entra-blog/it-s-time-to-hang-up-on-phone-transports-for-authentication/ba-p/1751752
Documentation Updates
Existing documentation may become outdated, requiring updates to reflect the new OTP delivery method.
- roles: IT Administrators, Compliance Officers
- references: https://learn.microsoft.com/entra/identity/authentication/concept-authentication-methods-manage, https://techcommunity.microsoft.com/t5/microsoft-entra-blog/it-s-time-to-hang-up-on-phone-transports-for-authentication/ba-p/1751752
Configutation Options**
XXXXXXX ... paid membership only
Opportunities**
XXXXXXX ... free basic plan only
Potentional Risks**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.