AT&T, Sprint, T-Mobile, and Verizon Detail Plans for 'Next-Generation Mobile Authentication Platform'

Last September, AT&T, Verizon, Sprint, and T-Mobile announced a team-up with the mission of developing a mobile authentication solution for both businesses and consumers. One of the main reasons the carriers created the "Mobile Authentication Taskforce" was to help users who have to manage "dozens of difficult-to-remember passwords" for numerous apps.

Today at Mobile World Congress, the taskforce has revealed more details about its upcoming platform, and set a launch date for later in 2018. AT&T said the solution will create a cryptographically verified phone number and "unique profile" that's specific to the user's smartphone or tablet, strengthened by processing attributes such as a network verified mobile number, IP address, SIM card attributes, phone number tenure, phone account type, and more. The solution will only work with apps authorized by the taskforce, and at the consent of the user.


The companies' combined resources will further analyze data and activity patterns on a mobile network to predict, "with a high degree of certainty," whether the user is who they say they are.
Formed last year to develop a mobile authentication solution to help protect enterprises and consumers from identity theft, bank fraud, fraudulent purchases and data theft, the Mobile Authentication Taskforce has dedicated resources developing a highly secure and trusted multi-factor authentication platform powered by the carrier networks. The taskforce vision includes interoperability with GSMA's Mobile Connect technology.
To confirm a user's identity and allow them entry into their own secure data, the solution will also use machine learning, advanced analytics, and run a risk assessment engine with AI to confirm that all of this data matches -- or doesn't match -- the main user's identity. VentureBeat reported that the Mobile Authentication Taskforce's platform is expected to be "simpler and more secure" than current heavy-duty password and data protection solutions, like two-factor authentication.

According to the GSM Association, which represents the interests of mobile operators worldwide, the solution will not only provide mobile device owners with an easier way to manage passwords, but also help to "decrease fraud and identity theft, and increase trust in online transactions." With the four largest U.S. network carriers working together, AT&T said that the taskforce will bring "significant capabilities and insights" to build a modern security and identity protection system.
“As mobile becomes the remote control for day-to-day life, mobile identity is key to making things simpler and more secure for consumers,” said Alex Sinclair, Chief Technology Officer, GSMA. “The GSMA has been working with operators around the world to bring a consistent and interoperable, secure identity service and this taskforce will strengthen that effort by enabling a simple user experience quickly and conveniently in the US market.”
Ahead of the launch, registered developers will be able to submit to the taskforce and begin ensuring that their applications will be compatible with the new mobile authentication platform. This submission process itself will be highly secure as well, using "private and permissioned blockchain technology to help ensure application integrity."

Developers and other service providers will be able to sign up to participate as an application developer when the taskforce's website launches "later this year," and in the next few weeks internal trials of the system will begin.



Top Rated Comments

(View all)
Avatar
16 weeks ago
All I want from my mobile carrier right now is for them to be able to detect when caller ID has been spoofed to be the same area code and prefix as my cell number and then prevent that call from reaching my phone. That nonsense has gone on long enough.
Rating: 33 Votes
Avatar
16 weeks ago
Because when I think secure.. I think mobile carriers.o_O
Rating: 21 Votes
Avatar
16 weeks ago
EFF Provides Evidence to Courts of Verizon Wireless, Sprint and AT&T Participation in NSA Spying ('https://www.eff.org/deeplinks/2015/09/eff-filings-show-phone-companies-participation-nsa-spying-no-state-secret')

The only question is whether anyone will be dumb enough to participate in this. You might as well skip the middlemen and just mail a list of your logins directly to the US government.
Rating: 20 Votes
Avatar
16 weeks ago
Not sure I fully understand all the tech involved in this, but there’s no way I’m letting the carriers have my passwords.

Also, ironic name for the taskforce - MAT, as in what we’ll feel like when the carriers and NSA walk all over our rights to privacy.
Rating: 15 Votes
Avatar
16 weeks ago
They can't even prevent people from spoofing caller ID, why would I trust them with something as sensitive as my passwords or anything at all related to logging in? Nope, not going to happen.
Rating: 15 Votes
Avatar
16 weeks ago
One rule in the modern world: Everything is a scam, everything. With that in mind, no thanks carriers.
Rating: 9 Votes
Avatar
16 weeks ago
No thanks, carriers. Just provide the cell coverage that I need and that’s all. You will never get any passwords from me.
Rating: 7 Votes
Avatar
16 weeks ago
It seems like a way for carriers to collect user information under the guise of security. Cue a new standard verizon/att app on your phone, preinstalled?

"The solution will only work with apps authorized by the taskforce, and at the consent of the user."
Rating: 6 Votes
Avatar
16 weeks ago
"The solution will only work with apps authorized by the taskforce, and at the consent of the user."

Follow the money, people. Meaning a way to track a customer and sell data and advertising to the highest bidder, or to get into the mobile payments game for a small transaction fee.
Rating: 6 Votes
Avatar
16 weeks ago
The end game (if someone is naive enough to jump on board with this scheme) is carrier lock in and control. Good luck switching to T-Mobile (for example) when all your passwords are stored over at AT&T. This scheme is not to help the customers. It's to empower the providers. Same old story since forever.
Rating: 5 Votes
[ Read All Comments ]