Cyber thieves and hackers are making massive amounts of money by buying, selling and using stolen usernames and passwords.
But how can we get to a place where a company or website knows you are actually you upon login, instead of someone who seems like you because they know your username and password?
Mobile carriers and their Mobile Authentication Task Force say they have the solution.
They announced something called Project Verify and this video explains the concept:
Brian Krebs also did a write up on the initiative and he sums it up like this.
"The mobile companies say Project Verify can improve online authentication because they alone have access to several unique signals and capabilities that can be used to validate each customer and their mobile device(s). This includes knowing the approximate real-time location of the customer; how long they have been a customer and used the device in question; and information about components inside the customer’s phone that are only accessible to the carriers themselves, such as cryptographic signatures tied to the device’s SIM card."
The Mobile Authentication Task Force formed last year to develop a mobile authentication solution to help protect enterprises and consumers from identity theft, bank fraud, fraudulent purchases and data theft.
Here is where you can read more about Project Verify and its push by AT&T, Sprint, T-Mobile and Verizon.
