AT&T, Verizon, Sprint Announce Plan For Stronger Multi-Factor Authentication

March 5, 2018

Several major telcos have unveiled a plan to enhance the security of mobile accounts, which has been a source of concern for members of the cryptocurrency community. The proposed system will reportedly employ blockchain technology.

  • On March 1, the Mobile Authentication Taskforce, a cooperative effort between telcos AT&T, Sprint, T-Mobile, and Verizon, revealed that it has been working on a “next-generation mobile authentication platform” that could significantly enhance mobile account security.

    This system could address the practice of fraudulent porting, a scheme in which a hacker impersonates a victim in order to transfer their phone number to a SIM card owned by the hacker and prevents the original owner of the number from reversing the change by setting a new password. Gaining ownership of a person’s phone number potentially enables hackers to take over accounts on other platforms, such as email services, that are associated with that number. ETHNews previously reported that MetaCert CEO Paul Walsh was a victim of this type of attack.

    The threat of unwanted porting has led some cryptocurrency holders to keep their mobile accounts separate from email addresses linked to exchanges and other virtual currency services. More generally, it has prompted them to be cautious about how they store information related to their holdings, because while banks typically reimburse customers for stolen funds in cases of identity theft, there is no such trusted intermediary in the cryptocurrency world. If a person’s digital assets are stolen, they are next to impossible to recover.

    According to a press release:

    “This highly secure solution will deliver a cryptographically verified phone number and profile data for users of authorized applications with their consent. Authentication security is strengthened by processing unique attributes such as a network verified mobile number, IP address, SIM card attributes, phone number tenure, phone account type and more.”

    Machine learning techniques will be used to analyze data and “assess risk,” and the system will allow approved parties to “submit applications through a system using private and permissioned blockchain technology to help ensure application integrity.”

    Trials of the system are expected to begin in a matter of weeks, and the taskforce hopes that it can be rolled out by the end of 2018. 

    “As mobile becomes the remote control for day-to-day life, mobile identity is key to making things simpler and more secure for consumers,” said Alex Sinclair, CTO of GSMA, the European mobile trade group that organized the Mobile World Congress, where the taskforce is slated to unveil additional details about the platform.

    Source: Read Full Article