Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into heidist-fix

Author: HeidiSteen

articles/active-directory/authentication/concept-certificate-based-authentication-technical-deep-dive.md

@@ -79,17 +79,17 @@ Azure AD CBA is an MFA (Multi factor authentication) capable method, that is Azu
 If CBA enabled user only has a Single Factor (SF) certificate and need MFA
    1. Use Password + SF certificate.
    1. Issue Temporary Access Pass (TAP)
-   1. Admin adds Phone Number to user account and allows Voice/SMS method for user.
+   1. Admin adds Phone Number to user account and allows Voice/text message method for user.
 
 If CBA enabled user has not yet been issued a certificate and need MFA
    1. Issue Temporary Access Pass (TAP)
-   1. Admin adds Phone Number to user account and allows Voice/SMS method for user.
+   1. Admin adds Phone Number to user account and allows Voice/text message method for user.
 
 If CBA enabled user cannot use MF cert (such as on mobile device without smart card support) and need MFA
    1. Issue Temporary Access Pass (TAP)
    1. User Register another MFA method (when user can use MF cert)
    1. Use Password + MF cert (when user can use MF cert)
-   1. Admin adds Phone Number to user account and allows Voice/SMS method for user
+   1. Admin adds Phone Number to user account and allows Voice/text message method for user
 
 
 ## MFA with Single-factor certificate-based authentication

articles/active-directory/authentication/concept-mfa-licensing.md

@@ -44,7 +44,7 @@ The following table provides a list of the features that are available in the va
 | Protect Azure AD tenant admin accounts with MFA | ● | ● (*Azure AD Global Administrator* accounts only) | ● | ● | ● |
 | Mobile app as a second factor | ● | ● | ● | ● | ● |
 | Phone call as a second factor | | | ● | ● | ● |
-| SMS as a second factor | | ● | ● | ● | ● |
+| Text message as a second factor | | ● | ● | ● | ● |
 | Admin control over verification methods | | ● | ● | ● | ● |
 | Fraud alert | | | | ● | ● |
 | MFA Reports | | | | ● | ● |
@@ -70,7 +70,7 @@ Our recommended approach to enforce MFA is using [Conditional Access](../conditi
 | Configuration flexibility | | ● |  |
 | **Functionality** | 
 | Exempt users from the policy | | ● | ● |
-| Authenticate by phone call or SMS | ● | ● | ● |
+| Authenticate by phone call or text message | ● | ● | ● |
 | Authenticate by Microsoft Authenticator and Software tokens | ● | ● | ● |
 | Authenticate by FIDO2, Windows Hello for Business, and Hardware tokens | | ● | ● |
 | Blocks legacy authentication protocols | ● | ● | ● |

articles/active-directory/authentication/concept-mfa-regional-opt-in.md

@@ -6,7 +6,7 @@ services: active-directory
 ms.service: active-directory
 ms.subservice: authentication
 ms.topic: conceptual
-ms.date: 09/11/2023
+ms.date: 09/12/2023
 
 author: aloom3
 ms.author: justinha
@@ -24,12 +24,12 @@ As a protection for our customers, Microsoft doesn't automatically support telep
 
 In today's digital world, telecommunication services have become ingrained into our lives. But advancements come with a risk of fraudulent activities. International Revenue Share Fraud (IRSF) is a threat with severe financial implications that also makes using services more difficult. Let's look at IRSF fraud more in-depth.  
 
-IRSF is a type of telephony fraud where criminals exploit the billing system of telecommunication services providers to make profit for themselves. Bad actors gain unauthorized access to a telecommunication network and divert traffic to those networks to skim profit for every transaction that is sent to that network. To divert traffic, bad actors steal existing usernames and passwords, create new usernames and passwords, or try a host of other things to send SMS messages and voice calls through their telecommunication network. Bad actors take advantage of multifactor authentication screens, which require an SMS or voice call before a user can access their account. This activity causes exorbitant charges and makes services unreliable for our customers, causing downtime, and system errors.  
+IRSF is a type of telephony fraud where criminals exploit the billing system of telecommunication services providers to make profit for themselves. Bad actors gain unauthorized access to a telecommunication network and divert traffic to those networks to skim profit for every transaction that is sent to that network. To divert traffic, bad actors steal existing usernames and passwords, create new usernames and passwords, or try a host of other things to send text message messages and voice calls through their telecommunication network. Bad actors take advantage of multifactor authentication screens, which require a text message or voice call before a user can access their account. This activity causes exorbitant charges and makes services unreliable for our customers, causing downtime, and system errors.  
 
 Here's how an IRSF attack may happen:  
 
 1. A bad actor first gets premium rate phone numbers and registers them.  
-1. A bad actor uses automated scripts to request voice calls or SMS messages. The bad actor is colluding with number providers and the telecommunication network to drive more traffic to those services. The bad actor skims some of the profits of the increased traffic.  
+1. A bad actor uses automated scripts to request voice calls or text messages. The bad actor is colluding with number providers and the telecommunication network to drive more traffic to those services. The bad actor skims some of the profits of the increased traffic.  
 1. A bad actor will hop around different region codes to continue to drive traffic and make it hard for them to get caught.  
 
 The most common way to conduct IRSF is through an end-user experience that requires a two-factor authentication code. Bad actors add those premium rate phone numbers and pump traffic to them by requesting two-factor authentication codes. This activity results in revenue-skimming, and can lead to billions of dollars in loss.  
@@ -46,7 +46,7 @@ For SMS verification, the following region codes require an opt-in.
 | 998         |  Uzbek                                         |
 
 ## Voice verification
-For Voice verification, the following region codes require an opt-in.
+For voice verification, the following region codes require an opt-in.
 
 | Region Code | Region Name                                    |
 |:----------- |:---------------------------------------------- |