Skip to main content

Major US carriers working together on next-gen ‘mobile authentication platform’ to replace weak SMS system

We typically see the big four US carriers competing in a cut throat fashion to steal customers from each other, but even the strongest rivals can be frenemies sometimes. The Mobile Authentication Taskforce — AT&T, Verizon, T-Mobile, and Sprint — have released product details for what it calls a “next-generation mobile authentication platform.”

From the sound of it, this system could be the carrier solution to replace the inferior SMS-based authentication method used by tons of services today. The problem with SMS as a second method is that phone numbers are not private and aren’t impossible to spoof.

This highly secure solution will deliver a cryptographically verified phone number and profile data for users of authorized applications with their consent. Authentication security is strengthened by processing unique attributes such as a network verified mobile number, IP address, SIM card attributes, phone number tenure, phone account type and more. In addition, advanced analytics and machine learning capabilities will be used to help assess risk and protect customers.

The group says developers will be able to register with the new system and rely on “private and permissioned blockchain technology” to maintain app integrity. The effort to build out the new system started last year:

Formed last year to develop a mobile authentication solution to help protect enterprises and consumers from identity theft, bank fraud, fraudulent purchases and data theft, the Mobile Authentication Taskforce has dedicated resources developing a highly secure and trusted multi-factor authentication platform powered by the carrier networks. The taskforce vision includes interoperability with GSMA’s Mobile Connect technology.

For now, the new system is not yet available, but the group says it will start testing it internally soon. Ultimately, the task force wants consumers to be able to use the new system by the end of the year, and a new website for developers to enroll in the system will also debut this year.

For now, relying on app-based authentication from services like 1Password, Authy, or Google Authenticator is the most secure approach to two-step verification and two-factor authentication where supported.


Subscribe to 9to5Mac on YouTube for more Apple news:

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Zac Hall Zac Hall

Zac covers Apple news, hosts the 9to5Mac Happy Hour podcast, and created SpaceExplored.com.

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications