Every day, cybercriminals grow more brazen and sophisticated. The latest cybercrime, described by Joseph Cox in his article A Hacker Got All My Texts for $16, is particularly disturbing because it requires almost no technical knowledge and targets the victim’s phone number without them even knowing. Fortunately, Prove already has the capabilities to prevent this new fraud from taking hold.
Phone numbers and mobile phones have become the master keys to our digital lives. At Prove, we have architected a trust and identity platform to help the nation stay several steps ahead of attackers that exploit vulnerabilities in our telecommunication systems.
This latest SMS theft hack used an SMS marketing platform called Sakari to exploit a service called OSR (Override Services Registry). The OSR serves a critical function in our communications infrastructure because it allows VoIP (Voice Over Internet Protocol) landlines and certain MVNOs (Mobile Virtual Network Operators) to receive SMSes. In this case, the attackers were able to fraudulently add entries to the OSR to send copies of SMSes to themselves. This allowed the attackers to retrieve SMS one-time passcodes.
The good news is that Prove’s Trust Score™ has already designed the capability to detect and stop this fraud. Consumers’ digital life experiences are increasingly mobile, and their daily touchpoints with a variety of service providers are exploding rapidly. Whether logging into a dating app, verifying an e-commerce payment, or proving eligibility for vaccination, the need for frictionless safeguards to protect the individual and online communities is higher than ever. Prove’s technology works behind the scenes to offer its clients the control and confidence to manage the spectrum of digital-native use cases, preventing fake account opening to authorizing high-value financial transactions and everything in between.
When a Prove client asks if a phone number is safe to send a text message to or engage with, Prove will check the OSR, among many real-time checks, including SIM swap, to calculate a real-time Trust Score™. A low Trust Score™ will tell Prove clients to apply the appropriate policy, such as not sending the given SMS.
As Prove continues to protect consumers from fraud by bolstering SMS with modern, real-time fraud protection, Prove is proud to join forces with leaders from a wide array of industries to call for a wholesale reduction of using SMS for authentication purposes.
To learn how you can protect your clients and prevent fraud, visit www.prove.com.
Join 1,000+ companies and 500 banks, including 9 of the top 10 US financial institutions, that are already using Prove to accelerate revenue, mitigate fraud, and enhance customer experience. Contact us today.
Contact us to learn how leading companies are using Prove Pre-fill to modernize the account creation process by shaving off clicks and keystrokes that kill conversion.
Get in touch to find out how we can help you identify your customers at every stage of their journey and offer them seamless and secure experiences.
Let our expert team guide you through our identity verification and authentication solutions. Select a date and time that works for you.
Find out how we can help you deliver seamless and secure customer experiences that comply with PSD2/SCA. Select a date and time that works for you.