U.S. carriers talk more about Mobile Authentication Taskforce and Project Verify

projectverifycarriers

Details on the major four U.S. carriers’ Mobile Authentication Taskforce have been trickling out over the past year, and today a little more information has been revealed.

AT&T, Sprint, T-Mobile, and Verizon gave a preview of their Mobile Authentication Taskforce’s Project Verify effort this week, detailing how they plan to beef up user security that’s less dependent on passwords. The prototype uses the carriers’ proprietary, network-based authentication features and other methods to verify a user’s identity. Once the user signs up and gives consent, the service then creates a device-based ID that is used as the profile for the authentication process.

“Addressing user authentication-related risks could help safeguard consumers from attacks designed to acquire login credentials and mobile phone numbers for use in fraudulent schemes such as phishing and social engineering,” the group said in its announcement. “It could also help provide businesses and consumers with extra layers of protection from identity theft, bank fraud, fraudulent purchases and data theft.”

The Mobile Authentication Taskforce also launched a website for Project Verify to help share more information on its effort and get developers on board.

Remembering logins and passwords for all of your different apps and services can be a pain, and sometimes this can result in issues like users forgetting their passwords or selecting predictable passwords that are easier to remember but less secure. Project Verify is trying to fix that problem. It’s good to see the four carriers coming together to tackle this issue, but they’re also not the first ones to try and take on the problem of passwords and user security. We’ll just have to wait and see how well Project Verify works and how widely it’s adopted.

Sources: Mobile Authentication Taskforce, Project Verify

Tags: , , , ,

  • Ben

    I remain skeptical that these guys are doing this for the users’ benefit. I call bs on this one. It’s like saying give me the keys to your sports car so I can gas it up for you.
    “Once the user signs up and gives consent, the service then creates a device-based ID that is used as the profile for the authentication process.” Seems like another great way to monitor activity and serve up ads.
    Potentially another prime target for hackers. My fingerprint reader and iris/facial recognition still work very well.

  • icwhatudidthere

    Ain’t no way I’m letting these incompetents handle verification of my identity. They’ve all had major security lapses and that’s not even getting into all the various little technical issues that pop up.

  • steveb944

    All the major networks joining forces to track us and give us a number… Thanks big bro!