AT&T, Sprint, T-Mobile and Verizon reveal plan for new phone-number based app authenticati...
On Thursday the four major national U.S. carriers -- AT&T, T-Mobile, Sprint, and Verizon -- revealed plans for a new authentication platform that could add an extra layer of security for people using apps on Apple's iPhone and other mobile devices.
The nameless technology will provide a "cryptographically verified phone number and profile data" for people using supported apps, the companies said in joint announcement. To achieve this, the platform will also rely on data such as how long a phone number has been held, its account type, IP address, and SIM card details.
"In addition, advanced analytics and machine learning capabilities will be used to help assess risk and protect customers," the announcement added, without elaborating on the point.
Developers will have to submit apps through a blockchain-based system. Internal trials of the technology are slated to start in the next few weeks, in preparation for launch later in 2018.
The platform is aimed at countering problems like fraud and identity theft. iPhone apps can sometimes use a hodge-podge of security measures, since apart from iCloud and on-device systems like Face ID, Touch ID, and passcodes, apps connect to external systems beyond Apple's control.
The nameless technology will provide a "cryptographically verified phone number and profile data" for people using supported apps, the companies said in joint announcement. To achieve this, the platform will also rely on data such as how long a phone number has been held, its account type, IP address, and SIM card details.
"In addition, advanced analytics and machine learning capabilities will be used to help assess risk and protect customers," the announcement added, without elaborating on the point.
Developers will have to submit apps through a blockchain-based system. Internal trials of the technology are slated to start in the next few weeks, in preparation for launch later in 2018.
The platform is aimed at countering problems like fraud and identity theft. iPhone apps can sometimes use a hodge-podge of security measures, since apart from iCloud and on-device systems like Face ID, Touch ID, and passcodes, apps connect to external systems beyond Apple's control.
Comments
This needs to stop.
It sounds like the only one that benefits is the ISP’s...
It won't. What a big bag of nothing.
The technology choices sound right but I'm more than a bit curious why this effort is being pushed through by a consortium of business vendors rather than a standards organization with government backing like IANA/CIS/NIST/etc. My guess would be that these vendors realize that without a drastic improvement in the overall security that their customers need (yesterday if not sooner) their whole business model could collapse. So while this is really something that governments and standards bodies should be addressing with a much greater sense of urgency - they just can't sit around and wait any longer. Action is needed.
Google has somehow managed to curb spam getting into my inbox, why can't the wireless carriers prevent scammers in third world countries from calling my phone with a spoofed number in order to steal my information?
*it the only kind of oversight they will be diligently pursuing.
Google does a pretty good, but not perfect, job of it.
Microsoft did a fantastic job of it, by deleting their app store, and then Windows Phone.
Tizen likewise does a great job by having no customers.
There is no practical exploit in the wild that requires this nonsense.
This is about the carriers trying to make themselves gatekeepers again. We know what happens when they're gatekeepers. They have control, and they use it ostensibly to protect their network, by crippling the user's ability to use it. When all updates for Android devices had to be approved by individual carriers who took months to evaluate and approve them, users were actively harmed by not getting timely security updates and features. It trained the device manufacturers to not bother with updates, because the carriers were simply too rigid as gatekeepers to be useful. They lost that control with Apple and Google over apps, and have lost it with Google over updates for the most part. When they have this control, they use it as a weapon against consumers.