This paper examines the state of two-factor authentication (2FA) in Vietnam, focusing on its implementation across banking, e-commerce, and government services. It identifies low adoption rates among users, SMS-based vulnerabilities, and the transition to app-based authenticators. Recommendations include regulatory mandates and public awareness campaigns.
Click the "GET CODE" button. The 6-digit code will appear in the "CODE" field. 2fa vn
| Sector | 2FA Methods Used | Notes | |--------|------------------|-------| | Banking | SMS OTP, hardware tokens | Mandated by State Bank of Vietnam for online transactions > 5 million VND | | E-commerce (Shopee, Tiki) | SMS OTP, email codes | Optional for most users | | Government portals (e.g., VNeID, Dich Vu Cong) | App-based OTP, biometrics | Increasingly using VNeID app with 2FA | | Social media / email (Google, Facebook) | TOTP, backup codes | Users voluntarily enable | This paper examines the state of two-factor authentication
For years, Vietnam relied heavily on SMS verification. While convenient, this method has vulnerabilities. SIM swapping (where hackers clone a victim's phone number) and "Zalo hacks" (where scammers gain access to a user's Zalo account to intercept OTP codes) have made users wary. Click the "GET CODE" button
There is a growing movement in the tech-savvy Vietnamese community toward Authenticator Apps (like Google Authenticator or Microsoft Authenticator). These apps generate codes offline, making them immune to SIM-swapping attacks. As awareness grows, more Vietnamese users are migrating away from SMS to these more secure methods.