T-Mobile is adding PIN protection to its port-out process


T-Mobile will be adding a new layer of security to its port-out process with the addition of a PIN, according to the company. According to The T-Mo Report, which obtained an internal document, the new number transfer procedure would require users to obtain a six-digit PIN from T-Mobile’s app or site and provide it when attempting to change their number to a different provider, which could make it harder for bad actors to steal phone numbers in “SIM swapping” attacks.

In a statement to The Verge, T-Mobile Media Relations confirmed the company is “putting Number Transfer PINs in place to add an additional layer of security to protect customers from unauthorized port outs. These PINs will be put in place soon.”

According to The T-Mo Report, the process will only be available to postpaid customers to start, not including people signed up through the Lifeline program.

It’s good to hear that T-Mobile may be adding this feature, as it could help prevent SIM-swapping attacks, where a scammer convinces a telecommunications provider to transfer a phone number into their control. As Android Police notes, Verizon and AT&T have already implemented number transfer PINs. While it might not prevent all SIM-swapping attacks (in theory, an attacker with a T-Mobile account and device wouldn’t have to go through the port-out process since the number would be staying in the same network), the PIN requirement can act as another line of defense in addition to T-Mobile’s existing account takeover protection tools.

SIM swap, or porting-out, attacks have seemingly become popular with cybercriminals in recent years and have been implicated in high-profile cases like when then-Twitter CEO Jack Dorsey’s Twitter account was hacked. They’re attractive for a few reasons: they provide a wealth of information (many two-factor codes are still sent through SMS), and it can be difficult for a victim to realize they’ve been attacked and recover from it. The Federal Communications Commission recommends immediately contacting your cell carrier if you suspect someone has swapped your SIM, but that can be difficult to do given that your phone will no longer be functional.

T-Mobile’s reputation for security has taken a few hits recently, as the company has been affected by a string of data breaches and cybersecurity incidents. While some have been relatively minor, one in August 2021 affected over 50 million people.

Update March 17th, 6:55PM ET: Added confirmation and statement from T-Mobile.


Source link

Related articles

Xbox Series X consoles are available for Best Buy’s Totaltech members

The Xbox Series X is sometimes a little easier to buy than Sony’s PlayStation 5, but that doesn’t mean it’s a simple endeavor. The good news is that Best Buy has...

Our Flag Means Death creator David Jenkins fancies a fine narrative fabric

For many people, Our Flag Means Death was an unexpected history lesson about the adventures of Stede Bonnet, the real 18th-century pirate who loved the high seas almost as much as...

How to change your default browser in Windows 11

If you’ve updated your PC from Windows 10 to Windows 11, you may have noticed that when you click on a link for a website, a PDF document, or a variety...

Fortnite’s Zero Build mode is bringing people back to the game

Fortnite’s latest season kicked off a big shakeup: developer Epic Games removed building, perhaps the game’s most iconic feature, from the core battle royale modes. It was a risky move that...

What Elon Musk’s Twitter ‘free speech’ promises miss

Thursday morning, Elon Musk offered to buy Twitter to save free speech. “I invested in Twitter as I believe in its potential to be the platform for free speech around the...

Latest articles