Iconectiv, a communications brand owned by Ericsson, is warning about the dangers of mobile account takeover in a new white paper, arguing that such attacks can bypass authentication systems like fingerprint scanning.
Entitled Never Underestimate the Power of Identity, the paper asserts that certain kinds of fraud involve porting a victim’s phone number to a new mobile service provider, potentially allowing a fraudster access to the victim’s bank accounts, payment services, and more. In a summary of the report, Iconectiv CTO Chris Drake explains that “once a fraudster has moved the phone number to their device, passwords can be easily procured while biometrics and other security hardware on the original device are, essentially, bypassed.”
The solution, Drake argues, is enabling “[a]ccess to cross-network information in a timely manner”, which would “allow authentication through a consumer’s mobile identity to remain a powerfully simple yet effective version of multi-factor authentication.”
With smartphones increasingly becoming the vectors of consumer authentication thanks to technologies like fingerprint sensors and even iris scanning, it’s increasingly vital to ensure that such systems are not bypassed in security processes. Iconectiv’s warning thus appears to be a timely one, and its awareness of the issue should be reassuring to many as the company prepares to become the FCC’s Local Number Portability Administrator.