Fraud & Identity Fraud & Identity


Fraud & Identity Featured Article

July 03, 2017

Payfone Combating SMS Fraud

Payfone was the keynote speaker of the second day of the Mobile World Congress in Shangai. The main issue at the center of its presentation was the problem of fraud stemming from SMS messaging, specifically SMS Hijack and forwarding attacks.


Attacks of this nature were born out of the rise of one time code authorization. Many consumers experience this when logging into an app or paying on a new website from their mobile phone for the first time. It is meant as an added level of security. Users provide their log-on information and then are sent a onetime code to the registered mobile number they have provided. Entering this code serves as confirmation that the user is who they say they are.

However, this process does leave users vulnerable to SMS hijack and forwarding attacks, as hackers are able to take advantage of access gained by the sending of one time codes. Payfone has been working to develop a method that ensures the same security assurances as one time codes but also mitigates all of these potential risks.

"SMS hijack attacks are a blaring wake-up call about the dangers of sending one-time SMS passcodes," said Rodger Desai, Chief Executive Officer, Payfone. "Our Instant Authentication for Mobile solution prevents these types of hacks and moves towards the National Institute of Standards and Technology (NIST)'s recommendation to deprecate SMS one-time passcodes as a second factor of authentication."

Instead of forcing users to wait to receive a text message and then manually input a code when looking to authenticate their identity, the solution from Payfone allows users to automatically confirm who they are through the carrier settings and information. This has the advantage of being more secure (as no new lines of communication need to be opened) as well as easier and quicker for customers. It is not often that a security measure is both more secure and more convenient than its previous iteration, but that is what Payfone has been able to accomplish. This is just one more example of a way that businesses are working to protect the identities of their customers.



Article comments powered by Disqus






Industry Insights

(MobileID) Proactive Fraud Prevention

Interconnect-related fraud such as International Revenue Share Fraud (IRSF) and PBX hacking fraud continue to be a billion dollar problem to the telecom industry.

(Defender Shield) Defense solutions for the modern SMS ecosystem

SMS is a ubiquitous communication method for person-to-person (P2P) text messaging, which has been in use globally for nearly 20 years.

(Defender Shield) Preventing Grey Routes and the Multi-billion dollar Threat

The convenience of mobile messaging has brought communication efficiency to billions of consumers worldwide. As is often the case with widely accepted technologies; however, convenience can provide a vulnerable gateway to fraudulent activity.

Product Documents

Asset Protect

While unlimited or high-volume voice and SMS plans offer great value to subscribers, sometimes fraudsters exploit these plans to avoid paying termination and interconnect fees.

Defender Shield

In a world with ever-increasing Application-to-Person (A2P) messaging needs and competition, improving customer satisfaction and eliminating revenue leakage is key for protecting SMS profits.

MobileID

Accurate and cost-efficient routing of voice calls and SMS is critical. Unfortunately, gathering reliable routing data on ported numbers and keeping up with constant changes in number plans is expensive and time-consuming.

Fraud Solutions

Communications fraud is a $20B annual global problem and growing. Companies are looking for peace of mind so that their business and their customers are protected from the onslaught of technology crime that is damaging their reputations and their balance sheets.