We have all had that moment of frustration while waiting for an SMS one-time password to arrive so we can finally log into an app and quite frankly, not the most secure way to handle things these days.
The good news is that CelcomDigi is looking to ditch the SMS OTP (One-Time Password) by partnering with Google Firebase and Telenor Linx. They are launching a new secure API-as-a-Service that uses network intelligence to verify who you are, making the whole digital onboarding process much smoother.
By teaming up with Google, CelcomDigi has become the first telco in Malaysia to offer network-based phone number verification directly on Firebase. Instead of juggling text codes, the system allows for a one-tap experience where your identity is confirmed instantly. It is designed to work across everything from your banking and e-commerce apps to your favourite ride-hailing services.
The clever bit happens entirely in the background. Because there is a direct, trusted connection between the app and the mobile network, the verification is sorted without you needing to do a thing. Not only does this cut out the friction of manual entry, but it also makes life much harder for scammers. By moving away from SMS-based methods, the system is far less vulnerable to things like phishing, SIM-swapping, or OTP interception.
For the tech community, this is all about scalability and ease of use. CelcomDigi is providing developer-friendly APIs that bring telco-grade security into digital platforms without making things overly complicated. It means businesses can get users through the door faster, reduce their operational costs by moving away from expensive SMS services, and protect themselves against artificial traffic and fraud.
The leadership behind the move, including CelcomDigi’s T. Kugan and Google’s Micah Baker, have pointed out that this is really about building a more trusted digital ecosystem for Malaysia. It is a win for everyone involved: subscribers get a safer, more elegant way to browse and shop, while developers get a reliable, cloud-native way to handle authentication.