Project Verify is AT&T, Sprint, T-Mobile & Verizon's solution to mobile security
The four major U.S. wireless carriers in March announced plans for a new authentication platform for the iPhone and other mobile devices. Now, the effort has a name.
The Mobile Authentication Taskforce, consisting of wireless carriers Verizon, AT&T, Sprint and T-Mobile, announced that its effort to prevent fraud and data breaches has a name, Project Verify.
"It's time for a comprehensive solution that reduces friction, combats fraud, and builds trust. The Mobile Authentication Taskforce is building that solution now," the website says.
On March 1, the carriers had announced plans to build an app authentication platform.
"The Project Verify solution will change identity management and security, replacing passwords with more secure, device-based, multi-factor authentication," the taskforce said. "Consumers will be in the driver's seat, choosing what information they share. They simply log in with their mobile device -- Project Verify does the rest."
The material states that the carriers are "building" the technology, so it's not clear exactly when it might be ready, nor how well it will actually work. The Project also released a video discussing the program, in the broadest of terms.
The members are the four leading U.S. carriers, although Sprint and T-Mobile are in the process of merging.
The Mobile Authentication Taskforce, consisting of wireless carriers Verizon, AT&T, Sprint and T-Mobile, announced that its effort to prevent fraud and data breaches has a name, Project Verify.
"It's time for a comprehensive solution that reduces friction, combats fraud, and builds trust. The Mobile Authentication Taskforce is building that solution now," the website says.
On March 1, the carriers had announced plans to build an app authentication platform.
"The Project Verify solution will change identity management and security, replacing passwords with more secure, device-based, multi-factor authentication," the taskforce said. "Consumers will be in the driver's seat, choosing what information they share. They simply log in with their mobile device -- Project Verify does the rest."
The material states that the carriers are "building" the technology, so it's not clear exactly when it might be ready, nor how well it will actually work. The Project also released a video discussing the program, in the broadest of terms.
The members are the four leading U.S. carriers, although Sprint and T-Mobile are in the process of merging.
Comments
The biggest pet peeve of mine is being sent a text message and copying the code into an app or website to verify. The Verify Project eliminates that completely. A well-implemented project would make it impossible to "hack" because it would utilize several factors that verify the legitimate user. Even if you spoof a few factor, it would not be possible once all the factors are calculated.
Of course, you may think, "What if someone steals your phone?" Well, we have FaceID, TouchID, passcodes, biometrics for phones and it's no longer acceptable if you don't use them anymore. But let's say, you are stupid and didn't do anything to protect it, you can easily call the phone carrier and it will disable your phone which in turn makes Verify useless.
If Verify project is open sourced and anyone can measure the incoming and outcoming data associated with Verify, we can know what's going on.
I support the project. The speculation on "data" being shared is ridicuous - it's already happening now, Verify cannot do that if it just hashes all data.
The issue isn’t whether or not they have your factor information already, it’s that now they will now be able to use those factors to unlock app data from your phone.