Messente avatar logo

When building it doesn't make sense anymore

Yuriy Mikitchenko

28 Nov 2017 -

5 min read

Yuriy Mikitchenko

28 Nov 2017


2 min read

As regulations like the General Data Protection Rule and the new Payment Services Directive roll in, technology departments reassess the security tools they currently use and try to understand which new tools will be deemed necessary. Regarding new tools, it’s fair to ask, “do we build our own, or do we seek out a partner and buy the tool."

Analyzing needs and understanding the costs behind them is a daunting and time-consuming task, so for two-factor authentication, we’ve done the work for you.

You have two options: build and maintain a two-factor authentication system in house, or deploy an API and use a trusted partner’s toolkit. We surveyed our customers to find out how long it takes to deploy our tools, as well as how long it would take them to build tools like ours.

Option 1: Build your own.

Based on our survey, as well as our own experience, it takes 5-6 weeks of full-time developer hours to build an SMS-only 2FA solution for an online service. Step up to a time-based one-time password system, and it will be 8-10 weeks. Assuming that the average cost of an in-house developer is €1,750-2,000 per week, a fully-functioning in-house solution will cost €14,000 to €20,000. Add 50% if the work is outsourced.

And that’s only to build the system. The technology team would also be required to maintain SMS delivery quality and manage connections to network operators. Then add the cost of sending SMS messages to variable costs. At the end of the day, you’ll need to dedicate people on your tech team to maintain the 2FA solution, which adds to ongoing costs.  

Pro: More control over specific functionality.

Cons: Longer implementation time, larger investment, and handling all service and quality issues internally.

Option 2: Use an API from a trusted partner.

This same customer survey tells us that developers dedicate 8-24 hours to deploy every verification and authentication tool available from Messente. We have no deployment costs, so deploying our tools costs €350 to €1,200 of developer time.

Also, Messente does not charge for support and delivery quality (SMS.)

Variable costs will be similar, if not less, on the SMS side of things, as we maintain much higher volumes than a single business would; we have bargaining power with higher SMS volumes and have more options for SMS routing. One-time password costs are typically half of SMS costs per authentication. (Contact us if you’re interested in pricing.)

While building your own 2FA solution negates the one-time password variable costs, our data shows that 70% of authentications are still SMS PIN codes, so an SMS fallback option is crucial for successful 2FA adoption. Also, the tech team would need to maintain the one-time password system and mobile app.

Pros: Significantly lower implementation time and costs, optimized SMS delivery routes by the partner, and have the partner handle any delivery quality issues.

Con: Less control over specific functionality.

Overall, leaving it to the experts with two-factor authentication makes more sense. While making your own gives you more control over functionality, Messente is completely open to customer feedback, and we build our tools to suit customer needs. 

You can download Verigator and try our demo to see how it works for yourself.

Whitepaper: Impact of Two-Factor Authentication on data breaches

Yuriy Mikitchenko

Head of Marketing

A transplant from the United States, Yuriy brings his marketing know-how to Messente. His background is in B2B marketing and sales, working with tech corporations and startups in the Portland, Ore. and Seattle, Wash. area. Now he's giving Estonia a fresh perspective on overall marketing.

We're here to help you connect with your customers. Let's start talking.

Email again:

Further reading

Consider this in the bidding process - Part 2

16 Jan 2018

Continuing last week’s discussion around things that companies must consider when selecting a global SMS messaging...

Marcus Kallavus

2 min read

Consider this in the bidding process - Part 1

09 Jan 2018

Selecting an SMS provider from a pool of many can be daunting task. What should be considered when...

Marcus Kallavus

2 min read

Personalized support and why there is no way around it

02 Jan 2018

We often see client support packaged into software products, whether it includes general support tickets, to live chat,...

Uku Tomikas

2 min read

SMS boosts CRM services and it can't be overlooked

19 Dec 2017

SMS messaging has become an expected feature in customer engagement platforms, which involves communicating information to people. Even...

Marcus Kallavus

2 min read