Phone-based authentication involves sending a one-time password (OTP) to a user over a separate communication channel (e.g. SMS, MMS, WhatsApp, Facebook Messenger, Viber or even voice) from the IP channel (internet) used by the application, providing security in case the IP channel is compromised.