Skip to main content

T-Mobile adds extra security to port-out process to avoid SIM swapping

For customers looking to change providers from T-Mobile, there are about to be extra security measures in place. T-Mobile is adding a new security layer to its port-out process, requiring users to create a PIN. This feature is called Account Takeover Protection, and it aims to lessen the risk of fraud during this process.

According to The T-Mo Report, users transferring their number need to create a six-digit PIN from T-Mobile’s app or site. They’ll then need to provide it when changing their phone number to a different provider. This extra step is in place to make it harder for hackers to steal phone numbers in “SIM swapping” attacks.

T-Mobile told The Verge, that it’s “putting Number Transfer PINs in place to add an additional layer of security to protect customers from unauthorized port outs. These PINs will be put in place soon.”

The T-Mo Report also states this is currently only available for postpaid accounts. Sprint customers awaiting migration can add Account Takeover Protection prior to migrating. It is unsure when or if this feature will be available for prepaid users.

Carrier competitors Verizon and AT&T already require PIN creation for the port-out process. SIM swapping attacks, where a fraudster convinces a provider to transfer someone else’s phone number to them, have become popular.

Scammers like to perform these attacks because it provides a slew of personal information like name, address, birth date, etc. It’s a way for them to gain access to your private information to take not only your identity but your money.

The FCC has recommendations for how to protect yourself here.

The port-out process can improve more

This is a much-needed feature and a simple way to protect your T-Mobile account. With the severity of the consequences of SIM swapping attacks, creating a six-digit PIN feels like no problem. 

It’s good T-Mobile is implementing additional security after its data breach just seven months ago that compromised the information of over 50 million people. While there’s more to do, this is a step in the right direction.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel