Preventing Fraud After a Carrier Breach

Preventing Fraud After a Carrier Breach
Back to Blog
July 17, 2017
Jeff Hickman

The target of the latest breach to hit the news is Verizon, who announced last week that the data from over 14 million customers was leaked online — leaving phone numbers, names, and most critically, account PIN codes publicly exposed. Any subscriber who has called Verizon customer service in the previous six months could be at risk. With one-time-passwords (TOTP and OTP) via SMS a popular second-factor method, how safe is your mobile phone number? The answer is “not safe” when you consider that illicit phone number porting is a strategy designed to overwhelm SMS-based multi-factor authentication methods. Fortunately, there are authentication solutions built to protect you from this kind of fraud.

The SecureAuth adaptive access control platform includes phone number fraud prevention, a protective layer that allows organizations to identify, block and protect against attackers attempting to exploit second-factor authentication delivery to phone numbers and mobile devices. These capabilities meet and exceed NIST guidelines for SMS authentication, by blocking the most common ways that phone number fraud attacks are carried out — including SIM card porting fraud. SecureAuth is able to mitigate the impact of this breach by providing the following protections:

Breach Protections

Block Recently Ported Numbers: After a breach, attackers will port a legitimate phone number, from a legitimate user, to a new device. Attackers will then use the newly ported phone number in an authentication process. SecureAuth detects if a phone number has recently been ported and prevents authentication using that number until the porting has been verified by the end user

Block by Number Class: All numbers are associated with a class of phone (e.g. Virtual, Mobile, Landline). SecureAuth detects what class a specific number is and allows customers to block particular phone class(s) from use during authentication

Block by Carrier: All numbers are associated with a carrier network and there are hundreds of carrier networks globally (e.g. Verizon, AT&T). SecureAuth detects what carrier a specific number is associated with and allows customers to block particular carrier networks by network or by country.

One-time passcode (OTP) Spam Prevention: Attackers will attempt to brute force the authentication process. SecureAuth lets admins regulate the number of OTPs that can be sent to users, preventing them from being spammed and further mitigating any brute force attempts.

Phone fraud prevention is just one of the layers in SecureAuth’s adaptive access control platform, designed to detect when risk is present then step up with multi-factor authentication or deny the request altogether. Learn more about adaptive authentication and request a demo to see it action. 

Never Miss a Beat
Subscribe to Our Blog

SecureAuth Identity Platform Adaptative Authentication

Identity and Access Management

Empower your digital initiatives with secure access for everyone and everything connecting to your business

Product Features

Adaptive Authentication

Extend verification of a user identity with contextual risk checks

Multi-Factor Authentication

Leverage a broad portfolio of authentication factors for desktop and mobile

Intelligent Risk Engine

Protect your identities with advanced risk profiling analytics

Single Sign-On

Provide app discovery and one-click login through portal or desktop SSO

User Lifecycle Management

Enable admins with strong CRUD capabilities and users with self-service tools

Secure All Identities

CIAM

Customer Identities

Deliver a frictionless customer experience safeguarding user data and privacy

B2E

Workforce Identities

Govern and control access rights for employees, partners, and contractors

Moving Beyond Passwords

Learn how passwords alone no longer provide the appropriate level of protection, nor confidence, required to secure valuable resources

Initiatives

Passwordless Authentication

Reduce the risk of breaches by eliminating passwords

2FA is Not Enough

Block popular phishing and brute force attacks used by bad actors

Protecting Office 365

Extend adaptive authentication and flexible MFA to all apps including Office 365

Securing Portals and Web Apps

Balance strong security and an exceptional user experience

RSA Migration

Transition to a modern identity and access management solution

Industries

Healthcare

Financial Services

Retail

Energy and Utilities

Public Sector

Resources

White Papers

eBooks

Recorded Webinars

Analyst Reports

Innovation Labs

Documentation

Support Portal

Events & Webinars

Events

Webinars

Calculate Your Savings

Lower support costs by enabling your users the control to reset passwords, account unlocks, device enrollment and update profiles

Meet SecureAuth

About SecureAuth

Leadership

Newsroom

Careers

Contact