If you're a mobile user who also has social media, email, or one of about a zillion other types of accounts that require security measures to protect your personal information, chances are pretty good that you've used SMS authentication in the past. Usually, the site on which the account is hosted will send you a code via SMS text that you then copy and input on a dedicated page to confirm your identity. However, because phone numbers aren't private or impervious to spoofing, SMS identification isn't without its vulnerabilities.
Enter major U.S. mobile carriers AT&T, T-Mobile, Sprint, and Verizon. The companies have taken a break from ruthlessly competing against one another to form the Mobile Authentication Taskforce and address the SMS authentication issue, unveiling a plan for a next-generation mobile authentication platform at Mobile World Congress in Barcelona.
According to the details from the AT&T Newsroom, the team's new authentication solution will "deliver a cryptographically verified phone number and profile data for users of authorized applications with their consent," effectively strengthening the user's protection against identity theft, bank fraud, fraudulent purchases and data theft. The team also states that in addition to cryptographically verifying info, the system will use advanced analytics and machine learning capabilities to help assess risk and protect customers.
The group also plans to launch an official website for the system later this year where interested parties can learn more about it and service providers can sign up to participate as application developers.
Alex Sinclair, Chief Technology Officer of the Groupe Spéciale Mobile Association, emphasized the increasing need for better mobile security in a statement:
As mobile becomes the remote control for day-to-day life, mobile identity is key to making things simpler and more secure for consumers. The GSMA has been working with operators around the world to bring a consistent and interoperable, secure identity service and this taskforce will strengthen that effort by enabling a simple user experience quickly and conveniently in the U.S. market.
Unfortunately, this newly devised system isn't available to the public quite yet. However, the companies claim they will begin internal trials to test the solution soon, and hope to launch it to consumers by the end of 2018. Until then, I suggest using apps like Google Authenticator and AgileBits' 1Password for two-step verification in place of SMS methods.
Would you feel more comfortable with an alternative solution to SMS authentication? Share your thoughts in the comments!
We may earn a commission for purchases using our links. Learn more.