Page 1 of 2 1 2 LastLast
Results 1 to 15 of 30

Thread: My wish for security on my T-Mo account

  1. #1
    Join Date
    Jun 2004
    Posts
    2,059
    Feedback Score
    0

    My wish for security on my T-Mo account

    I'm reading this about the five largest US carriers not following through on their security protocols to protect from SIM jacking:

    https://www.dailymail.co.uk/sciencet...p-attacks.html

    I would be happy to have it locked and loaded in my account that if I want to swap SIM cards, I must do it in person. I must present myself in person to a store, with government ID and perhaps a page from a recent itemized bill, in order to do this.

    I can think of only one instance when I do need to change out cards: if I'm having technical problems and the support center wants to make sure a modern SIM is in the phone before going any further. Other than that, there's ZERO reason to swap out SIM cards. (I do realize that when I buy a phone from Costco, they give me a new SIM card; that's their choice.)

    Given that that's my attitude, I don't think it's unreasonable for my carrier to accommodate such a simple and effective user request.

  2. #2
    Join Date
    Jul 2011
    Posts
    627
    Feedback Score
    0
    Quote Originally Posted by adam1991 View Post
    I'm reading this about the five largest US carriers not following through on their security protocols to protect from SIM jacking:

    https://www.dailymail.co.uk/sciencet...p-attacks.html

    I would be happy to have it locked and loaded in my account that if I want to swap SIM cards, I must do it in person. I must present myself in person to a store, with government ID and perhaps a page from a recent itemized bill, in order to do this.

    I can think of only one instance when I do need to change out cards: if I'm having technical problems and the support center wants to make sure a modern SIM is in the phone before going any further. Other than that, there's ZERO reason to swap out SIM cards. (I do realize that when I buy a phone from Costco, they give me a new SIM card; that's their choice.)

    Given that that's my attitude, I don't think it's unreasonable for my carrier to accommodate such a simple and effective user request.
    They already made hard to change SIM card. Most time you have to go to store to activate/swap SIM

    Sent from my LG-LS997 using Tapatalk

  3. #3
    Join Date
    Jul 2005
    Location
    United States
    Posts
    18,897
    Device(s)
    Samsung Galaxy S9+
    Carrier(s)
    Sprint
    Feedback Score
    0
    It is true that some reps can get careless and forgot to go through verification of the customer despite security protocols. The best precaution IMHO is to request a note to be added to the account clarifying his wishes about changing the SIM. That said, anytime someone requests such a change, they will be referred directly to a retail store where the identity should be confirmed via photo ID every time.
    Don't make me turn this car around.....

  4. #4
    Join Date
    Jul 2002
    Location
    Gulf Coast
    Posts
    15,922
    Device(s)
    Moto G7 Power, Nexus 5X
    Carrier(s)
    T-Mobile, PagePlus
    Feedback Score
    0
    I carry a spare SIM when traveling abroad in case my phone gets lost or stolen. I like knowing that I can change SIMs online.

  5. #5
    Join Date
    Dec 2003
    Location
    Denver
    Posts
    1,700
    Device(s)
    Any Windows Phones!
    Carrier(s)
    T-Mobile
    Feedback Score
    0
    Quote Originally Posted by DRNewcomb View Post
    I carry a spare SIM when traveling abroad in case my phone gets lost or stolen. I like knowing that I can change SIMs online.
    I was about to chime in with the same thing. I lost a phone when I was in Mexico about 15 years ago. Getting a compatible replacement phone was easy if I needed one, but since I didn't have a spare T-Mo SIM with me I couldn't get my service transferred, so I just waited until I was home to deal with it.

    Since then I've always traveled with a spare SIM (and a spare phone!), but admittedly, with the advent of "T-Mo Digits" it's no longer that big a deal- I can access my T-Mo account/number on virtually any device on any carrier until I get home to sort things out.

    Looking at the article, T-Mo faired pretty good overall with the SIM switch test. It looks like they may have "helped" a little with some security questions from the chart, but for the most part they required you to have access to the device (text OTP, email OTP, last phone calls, etc.) to complete the swap.

    If a potential bad actor has access to my device, he really doesn't need to do a SIM swap, does he? I'm cool with a text or email OTP (to a previously set email!) being my security method.



    Sent from my moto x4 using Tapatalk
    --
    Todd Allcock, Microsoft MVP: Mobile Devices 2007-2011

  6. #6
    Join Date
    Jul 2011
    Posts
    627
    Feedback Score
    0
    Quote Originally Posted by DRNewcomb View Post
    I carry a spare SIM when traveling abroad in case my phone gets lost or stolen. I like knowing that I can change SIMs online.
    The security measures are intended to block online or phone to change SIM. The only option soon will be in TMobile store or receive the new SIM your billing address

    Sent from my LG-LS997 using Tapatalk

  7. #7
    Join Date
    Feb 2014
    Posts
    595
    Feedback Score
    0
    What are they referring about in respect of sim swapping? Surely we're not talking about taking your sim out the wife's phone and putting into yours?

    Sent from my EVR-L29 using Tapatalk

  8. #8
    Join Date
    Jun 2004
    Posts
    2,059
    Feedback Score
    0
    Quote Originally Posted by Limeybastard View Post
    What are they referring about in respect of sim swapping? Surely we're not talking about taking your sim out the wife's phone and putting into yours?
    I'm reading this about the five largest US carriers not following through on their security protocols to protect from SIM jacking:

    https://www.dailymail.co.uk/sciencet...p-attacks.html

  9. #9
    Join Date
    Feb 2014
    Posts
    595
    Feedback Score
    0
    Quote Originally Posted by adam1991 View Post
    I'm reading this about the five largest US carriers not following through on their security protocols to protect from SIM jacking:

    https://www.dailymail.co.uk/sciencet...p-attacks.html
    I read that article. I wanted clarification about what their definition of a sim swap was in relation to security. A sim swap for me is putting my already active sim in another phone. I guess they're referring to sim activations.

    Sent from my EVR-L29 using Tapatalk

  10. #10
    Join Date
    Jan 2017
    Posts
    807
    Device(s)
    iPhone 11
    Carrier(s)
    310-150
    Feedback Score
    0
    Quote Originally Posted by Limeybastard View Post
    I read that article. I wanted clarification about what their definition of a sim swap was in relation to security. A sim swap for me is putting my already active sim in another phone. I guess they're referring to sim activations.
    That's the general idea—someone else accesses your account and moves your service to a completely new SIM, and/or eventually ports out your number to another carrier. Even though carriers have account PINs, many have been sloppy with enforcing them across the board, and there's also some employees that have been involved.

  11. #11
    Join Date
    Aug 2008
    Posts
    14,871
    Feedback Score
    0
    Quote Originally Posted by Limeybastard View Post
    I read that article. I wanted clarification about what their definition of a sim swap was in relation to security. A sim swap for me is putting my already active sim in another phone. I guess they're referring to sim activations.
    Here's an simple article that describes more info about what the danger is to a customer.

    https://www.techlicious.com/blog/pho...-bank-account/

    Here's the T-mobile web page that deals with strengthening the security on your account with an additional password/passcode:

    https://www.t-mobile.com/customers/secure

    In a nutshell, with so many banks tying account security to sending a verification code to your cell phone, temporarily stealing a person's phone service can allow them to access one's money.

  12. #12
    Join Date
    Jan 2017
    Posts
    807
    Device(s)
    iPhone 11
    Carrier(s)
    310-150
    Feedback Score
    0
    Quote Originally Posted by jet1000 View Post
    In a nutshell, with so many banks tying account security to sending a verification code to your cell phone, temporarily stealing a person's phone service can allow them to access one's money.
    It's especially annoying that so many also think offering up every phone number on the account as a verification/recovery point is a good idea and no way to opt out or use other 2FA means.

    I see a lot of replies when this comes up that say "use Google Authenticator or a key instead," but so many institutions don't offer that.

    By the way, if T-Mobile has strengthened their security/processes, is that across the board (postpaid & prepaid) or is prepaid still kind of left to fend for itself like it had in the past?

  13. #13
    Join Date
    Feb 2014
    Posts
    595
    Feedback Score
    0
    Quote Originally Posted by jet1000 View Post
    Here's an simple article that describes more info about what the danger is to a customer.

    https://www.techlicious.com/blog/pho...-bank-account/

    Here's the T-mobile web page that deals with strengthening the security on your account with an additional password/passcode:

    https://www.t-mobile.com/customers/secure

    In a nutshell, with so many banks tying account security to sending a verification code to your cell phone, temporarily stealing a person's phone service can allow them to access one's money.
    Okay so that article is about the port out scam that was big news here a couple of years ago. I was well aware of that. Thanks for the clarification.

    Sent from my EVR-L29 using Tapatalk

  14. #14
    Join Date
    Jul 2005
    Location
    United States
    Posts
    18,897
    Device(s)
    Samsung Galaxy S9+
    Carrier(s)
    Sprint
    Feedback Score
    0
    Quote Originally Posted by ecs0013 View Post

    By the way, if T-Mobile has strengthened their security/processes, is that across the board (postpaid & prepaid) or is prepaid still kind of left to fend for itself like it had in the past?
    I would hope that both prepaid and postpaid are covered, but I can't say with any certainty.

  15. #15
    Join Date
    Jul 2011
    Posts
    627
    Feedback Score
    0
    Quote Originally Posted by ecs0013 View Post
    It's especially annoying that so many also think offering up every phone number on the account as a verification/recovery point is a good idea and no way to opt out or use other 2FA means.

    I see a lot of replies when this comes up that say "use Google Authenticator or a key instead," but so many institutions don't offer that.

    By the way, if T-Mobile has strengthened their security/processes, is that across the board (postpaid & prepaid) or is prepaid still kind of left to fend for itself like it had in the past?
    Password security strengthen is useless.
    Most hackings were through other none password channels, such as TLS/SSL HeartBleed etc.
    2FA is a joke, only make more hassle for the users.

    Sent from my LG-LS997 using Tapatalk

Page 1 of 2 1 2 LastLast

Similar Threads

  1. What will you do for me on my birthday?
    By mrthaiguy in forum The Lounge
    Replies: 9
    Last Post: 07-23-2002, 01:42 AM
  2. Replies: 25
    Last Post: 03-02-2002, 04:54 AM
  3. Can't register for istream on my new P280
    By Peyomp in forum T-Mobile
    Replies: 3
    Last Post: 01-04-2002, 02:28 AM
  4. My turn for questions on T39m!!
    By Kato Anavel in forum SonyEricsson
    Replies: 9
    Last Post: 12-13-2001, 08:04 PM
  5. My stuff for sale on eBay.....
    By Espo in forum GSM phone Buy/Sell/Trade Archive
    Replies: 3
    Last Post: 11-27-2001, 11:52 PM

Tags for this Thread

Bookmarks