Go to ...

RSS Feed

Expat, Two-Factor Authentication and Windows Phone – Life made difficult

This time, a personal story about 2FA and Windows Phone making this expat’s life somewhat difficult.

In my opinion, globalization or global integration is a very positive phenomenon. The world is becoming smaller when more and more people are free to travel and even move abroad without permissions and visas, freight moves more freely, and so on. Using the European Union and especially the Schengen Area as an example, residents in 26 European countries can freely move inside that area, buy property, and work in whichever country they themselves choose.

Another positive integration example is SEPA, the Single Euro Payment Area, which regulates payments and financial institutes in an area consisting of 36 European countries. It uses standardized account numbering and sorting codes, fast transfers within the area and so on.

For an expat like me, a citizen of one EU country living in another, this integration has mostly made life easier. At least, that is, before 2FA (Two-Factor Authentication) started make life harder instead. I still need access to tax authority, banking and other services in my native Finland. Rapidly changing laws and regulations now require 2FA to sign up for and to sign into practically all government, state, city and county services, financial institutes, insurance services and such. Don’t take this wrong, I am strongly in favor of multi-factor authentication and online security.

This has brought me an interesting issue with some services I need to use from my native Finland. As a big Windows fan, I am still using an old Nokia Lumia 925 mobile phone with Windows Phone 8.1. It’s simply the best smart phone I have seen or tried, and until recently, armed with the Microsoft Authenticator App, it has helped me through all possible 2FA scenarios. I use it to sign-in to GoDaddy where we host Win10.guru, on Twitter, all MS and Azure AD accounts, my insurance company, and so on.

Recently, I met my first obstacles to 2FA success on that device. A couple of Finnish online services I need, essential services, only accept their own authentication app, or alternatively verification codes sent per SMS (text message). The problem I have with their approach is that these apps can only be installed on Android or iOS devices, not in Windows and especially not on Windows Mobile devices. At the same time, I never receive the verification codes required to sign in, which are sent to my phone as SMS. For the past few days, I’ve been on the phone with a technician from one of the Finnish services I need, and with another from my German mobile operator.

Yesterday, the mobile operator technician gave me a case number and asked me to go to their service center in city where I live, giving them the case number to check my case online. I went there early today. A very nice young man told me instantly that he might know the reason why my verification codes are not arriving; I have turned on a complete block for any calls or text messages to and from any premium rate numbers, paid service numbers. An example: As a big Formula 1 race fan, every time I watch a race on TV here in Germany, I [sarcastic] could win a car [/sarcastic] if I send a text message to local paid service number 44644. Such texts cost 1.50 EUR. Because I have blocked these type of numbers, I have never won that car 😉

OK, so this one specific Finnish service sends its verification codes from a free service number, a number with five digits as used here in Germany. Sent from Finland, when it arrives to my operator in Germany, it is blocked as a paid service number because it is not listed as free service number in Germany. Otherwise it would be allowed to come through to my phone. As an example of allowed texts from free service numbers, I have no issues in receiving Microsoft verification codes when needed, even when they hide their service number and I will only see Microsoft as sender, or texts from my local transport company, from number 82000, when buying a so called phone ticket for tram:

After visiting the service center earlier today, and again calling both technicians, things are looking better. Both the service in Finland and my mobile operator know what the problem is, and both should be able to fix it. In Finland, the service will change the number used to include a country code, for example if the verification codes are sent from number 12345, they should instead be sent from +35812345 (Finland is +358). Without the country code, a number with only five digits can too easily be mixed with a local five digit service number. The German operator should add these foreign free service numbers to its list of allowed numbers. Anyway, plan B is already in motion. After a Skype call just now with a distant relative back in Finland, she agreed to buy me a Finnish prepaid SIM card today, and then mail it to me. I have an old Nokia N95 mobile phone in the basement, which with a Finnish SIM will then become my verification phone able to receive text messages from Finnish services.

I’ll have to wait and see. I am satisfied that both the service in Finland and German mobile operator are clearly taking this seriously, and I am hoping the issue gets resolved within days.

IT and the tech industry are often the pacemakers, showing the way to the future. Yet, surprisingly often, political decision makers change regulations and laws too fast, making the technology and businesses wait at the station for the next train to follow changed laws.

Finally, before anyone asks about it: no, I would not like to bin my Windows Phone and get an Android device instead! What I have tested and seen, I simply do not like Android, and iOS even less. I am totally happy with my Windows Phone, except of course now with this “App not available for your phone” thing.


Author: Kari Finn

A former Windows Insider MVP, Kari started in computing in the mid 80’s writing code for VAX / VMS systems. Since then, he’s worked in a variety of IT positions. He specializes in Windows image capture, customization, repair and deployment as well as Hyper-V virtualization. Kari is a proud Team Member at number #1 Windows site TenForums.com.

3 Responses “Expat, Two-Factor Authentication and Windows Phone – Life made difficult”

  1. Toni Fasth
    October 16, 2019 at 16:45

    Windows Phone is a perfectly capable Mobile OS. Makes no sense to me that it was killed so fast. Even though I’m a big Android fan, I was considering getting myself a Lumia, if not as a primary phone but at least as a secondary one until the apps would mature a bit.

    All this 2-factor authentication is a big issue many times for me. It’s getting better, but more often it hasn’t worked for me at all, especially when receiving the codes as SMS. The codes never arrive or thru arrive after the request validity has already expired.

    • October 16, 2019 at 20:00

      With PayPal, it’s more a rule than an exception, that the verification code text message arrives after the given 5-minute period to enter the code has expired.

      • Toni Fasth
        October 16, 2019 at 20:15

        hahah, I absolutely agree with that statement!

Leave a Reply