Largest US Carriers Form A Mobile Authentication Task Force

September 11, 2017 - Written By Daniel Golightly

The four biggest mobile service providers in the US have now announced a joint effort to make users safer in the connected world. That’s according to a newsroom release from AT&T, which announces that it has partnered with Sprint, T-Mobile, and Verizon to create a “Mobile Authentication Taskforce” with the goal of developing a new “mobile authentication solution” for both business and everyday consumers. More specifically, the task force intends to address the problems of today’s security measures which require mobile users to maintain multiple passwords across various applications and which often aren’t enough to stop malicious entities and individuals from gaining access to accounts in either the consumer or enterprise space.

To approach a new solution, AT&T says that “each company will contribute resources” toward developing a new service with the ultimate goal of reducing “mobile identity risks.” In effect, the consortium wants to provide a solution that can bolster authentication methods through the analysis of data and “activity patterns” in order to offer predictive measures about whether or not a user is actually who they say they are. By using the network data itself, and by working with the “app developer community, industry organizations and third parties,” the companies believe they can find a solution that makes authentication effortless and safe, while still protecting the private data of consumers.

Although details about the new efforts are still relatively slim, the overall goal of the four companies involved is to have a practical authentication solution in place by next year and it is apparent that the new authentication method, whatever it is, is intended to be used in addition to the current security mechanism. With that said, the companies’ statement about passwords also seems to hint that users will not need to be quite so reliant on their passwords anymore with any resulting solution in place and that security will be more reliant on data that can be drawn from the mobile networks themselves. That may indicate the inclusion and analysis of location data, mobile device details, and patterns of use already collected by mobile providers. Mobile service providers also don’t generally team up for efforts outside of the implementation of new mobile network standards themselves, as has been seen with 5G efforts, so the announcement of this project seems a bit unconventional but could ultimately result in some very real, impactful changes to the way security works with mobile devices and their associated applications.