AT&T, Sprint, T-Mobile, and Verizon Detail Plans for 'Next-Generation Mobile Authentication Platform'

Discussion in 'iOS Blog Discussion' started by MacRumors, Mar 1, 2018.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Last September, AT&T, Verizon, Sprint, and T-Mobile announced a team-up with the mission of developing a mobile authentication solution for both businesses and consumers. One of the main reasons the carriers created the "Mobile Authentication Taskforce" was to help users who have to manage "dozens of difficult-to-remember passwords" for numerous apps.

    Today at Mobile World Congress, the taskforce has revealed more details about its upcoming platform, and set a launch date for later in 2018. AT&T said the solution will create a cryptographically verified phone number and "unique profile" that's specific to the user's smartphone or tablet, strengthened by processing attributes such as a network verified mobile number, IP address, SIM card attributes, phone number tenure, phone account type, and more. The solution will only work with apps authorized by the taskforce, and at the consent of the user.

    [​IMG]

    The companies' combined resources will further analyze data and activity patterns on a mobile network to predict, "with a high degree of certainty," whether the user is who they say they are.
    To confirm a user's identity and allow them entry into their own secure data, the solution will also use machine learning, advanced analytics, and run a risk assessment engine with AI to confirm that all of this data matches -- or doesn't match -- the main user's identity. VentureBeat reported that the Mobile Authentication Taskforce's platform is expected to be "simpler and more secure" than current heavy-duty password and data protection solutions, like two-factor authentication.

    According to the GSM Association, which represents the interests of mobile operators worldwide, the solution will not only provide mobile device owners with an easier way to manage passwords, but also help to "decrease fraud and identity theft, and increase trust in online transactions." With the four largest U.S. network carriers working together, AT&T said that the taskforce will bring "significant capabilities and insights" to build a modern security and identity protection system.
    Ahead of the launch, registered developers will be able to submit to the taskforce and begin ensuring that their applications will be compatible with the new mobile authentication platform. This submission process itself will be highly secure as well, using "private and permissioned blockchain technology to help ensure application integrity."

    Developers and other service providers will be able to sign up to participate as an application developer when the taskforce's website launches "later this year," and in the next few weeks internal trials of the system will begin.

    Article Link: AT&T, Sprint, T-Mobile, and Verizon Detail Plans for 'Next-Generation Mobile Authentication Platform'
     
  2. tkukoc macrumors 65816

    tkukoc

    Joined:
    Sep 16, 2014
    Location:
    Wish I Was In Space!
    #2
    Because when I think secure.. I think mobile carriers.o_O
     
  3. mcdspncr macrumors regular

    mcdspncr

    Joined:
    Jul 2, 2011
    #3
    Not sure I fully understand all the tech involved in this, but there’s no way I’m letting the carriers have my passwords.

    Also, ironic name for the taskforce - MAT, as in what we’ll feel like when the carriers and NSA walk all over our rights to privacy.
     
  4. rorschach macrumors 68020

    rorschach

    Joined:
    Jul 27, 2003
    #4
  5. Xavier macrumors 68030

    Joined:
    Mar 23, 2006
    Location:
    Columbus
    #5
    It seems like a way for carriers to collect user information under the guise of security. Cue a new standard verizon/att app on your phone, preinstalled?

    "The solution will only work with apps authorized by the taskforce, and at the consent of the user."
     
  6. elvisimprsntr macrumors 6502

    Joined:
    Jul 17, 2013
    Location:
    Florida
    #6
    "The solution will only work with apps authorized by the taskforce, and at the consent of the user."

    Follow the money, people. Meaning a way to track a customer and sell data and advertising to the highest bidder, or to get into the mobile payments game for a small transaction fee.
     
  7. coumerelli macrumors 6502

    Joined:
    Apr 7, 2003
    Location:
    state of confusion.
    #7
    I don’t read it this way at all. The solution replaces multi factor authentication by using analytics of my phone and use. If I’m at home going about my day, but “I” try to log in to one of these authenticated apps/services several hundred or even thousands of miles away, the login will fail for the imposter. Yet I’ll still carry on normally - without the burden of mutifactor authentication. No passwords are given to carriers here.
     
  8. DaveOP macrumors 65816

    Joined:
    May 29, 2011
    Location:
    Portland, OR
    #8
    I laughed out loud, well played sir. I agree, I don't need the carriers trying to save passwords for me. I really hope this is opt-in, or can be opted out.
     
  9. avanpelt macrumors 68030

    Joined:
    Jun 2, 2010
    #9
    All I want from my mobile carrier right now is for them to be able to detect when caller ID has been spoofed to be the same area code and prefix as my cell number and then prevent that call from reaching my phone. That nonsense has gone on long enough.
     
  10. ssl0408 macrumors 65816

    Joined:
    Sep 22, 2013
    Location:
    New York
    #10
    No thanks, carriers. Just provide the cell coverage that I need and that’s all. You will never get any passwords from me.
     
  11. cmwade77 macrumors 65816

    Joined:
    Nov 18, 2008
    #11
    They can't even prevent people from spoofing caller ID, why would I trust them with something as sensitive as my passwords or anything at all related to logging in? Nope, not going to happen.
     
  12. now i see it macrumors 68030

    Joined:
    Jan 2, 2002
    #12
    The end game (if someone is naive enough to jump on board with this scheme) is carrier lock in and control. Good luck switching to T-Mobile (for example) when all your passwords are stored over at AT&T. This scheme is not to help the customers. It's to empower the providers. Same old story since forever.
     
  13. Xavier macrumors 68030

    Joined:
    Mar 23, 2006
    Location:
    Columbus
    #13
    Ah, so it could be that approved apps are now using a sort of tokenized credential, specific per device, to login. So no passwords necessarily, but an identification code that would be hard to steal.

    It doesn't change that by opting in, you are granting access to your device.
     
  14. luvbug macrumors regular

    luvbug

    Joined:
    Aug 11, 2017
    #14
    One rule in the modern world: Everything is a scam, everything. With that in mind, no thanks carriers.
     
  15. nt5672 macrumors 68000

    Joined:
    Jun 30, 2007
    #15
    I don't wan't anyone running some algorithm which determines who I am. I know who I am and if I supply the correct password then I want my access. My password security, is my responsibility. Now I know if you are a millennial, then taking responsibility is hearsay when it can be done for you for free, so just call me old fashioned.

    Now, if they want to make generating public and private keys more user friendly, and allow them instead of insecure passwords, then as long as I can change them anytime, I am all for it. But security is my responsibility and I am not handing that off to some carrier, who we know from experience, does not have my privacy or security in any of their priorities.
     
  16. jecowa macrumors regular

    Joined:
    Mar 15, 2006
    #16
    I think a lot of times they are actually using a VOIP phone provider to rent access to a phone number in your area. Try looking up some of the numbers that call you on maybe http://freecarrierlookup.com/
     
  17. collegitdept macrumors regular

    Joined:
    Nov 17, 2009
    #17
    Thanks Apple!

    Because of your asinine privacy policy - that's now becoming an illogical ideology *and* excuse for poor product/services - iOS users lack a proper identity management platform, and are forced to expose our data to more risk, less security, and less privacy - with 2 consequences:

    1. Use simple passwords and reuse the same password everywhere
    2. forced to rely on Google Single-Sign-on, Amazon ID, Facebook ID, or now their mobile carriers


    Same for no system-level iOS SPAM call filters:
    1. live with it and suffer
    2. force to use an inferior and fragmented solution (giving others our data) from risky 3rd party apps, or carrier specific service
     
  18. thisisnotmyname macrumors 68000

    thisisnotmyname

    Joined:
    Oct 22, 2014
    Location:
    known but velocity indeterminate
    #18
    can't stop spoofed caller ID numbers, want's to become my authentication to everything.

    No thanks.
     
  19. collegitdept macrumors regular

    Joined:
    Nov 17, 2009
    #19
    And Apple refuses to do either.... so we suffer

    How is this a premium experience again?


     
  20. AxiomaticRubric macrumors 6502

    AxiomaticRubric

    Joined:
    Sep 24, 2010
    Location:
    On Mars, Praising the Omnissiah
    #20
    Sooooooo if I do something completely random using their apps:

    "This is a courtesy message from Mobile Authentication Taskforce. Your mobile device has been disabled. Please tap here to contact a customer service representative and verify your identity."
     
  21. eltoslightfoot macrumors 6502a

    eltoslightfoot

    Joined:
    Feb 25, 2011
    #21
    HAHAHAHAHAHAHAHA! You win the internet today.
     
  22. Solomani macrumors 68040

    Solomani

    Joined:
    Sep 25, 2012
    Location:
    Alberto, Canado
    #22
    Ohh hahaha….. like I'd trust my entire password keychains to a company like Verizon. LMAO
     
  23. topgunn macrumors 65816

    topgunn

    Joined:
    Nov 5, 2004
    Location:
    Houston
    #23
    I agree. There seems to be a lot of FUD in these comments. This isn't using AT&T in the place of LastPass.

    Many of us already use our phones as a method of multi-factor authentication. This seems to me to be the next iteration of that only easier to use and more secure for the end user.
     
  24. collegitdept macrumors regular

    Joined:
    Nov 17, 2009
    #24
    This is exactly it. And the reason they're doing it, is because Apple refuses. And identity management on iOS is a really big sore spot.





     
  25. Crow_Servo macrumors regular

    Crow_Servo

    Joined:
    Feb 17, 2018
    Location:
    America
    #25
    Don’t forget, this might combat fraud within the carriers too. Reducing fraud saves the carriers money. That could be one of the motivations behind this idea.
     

Share This Page