Yes, there have been a number of improvements to secure mobile devices -- think fingerprint readers, iris scanning and other biometric markers either real or imagined -- to prove you are who you say you are.
But with security, mobile or otherwise, you can never push the envelope too far. Together telecom giants AT&T, Sprint, T-Mobile and Verizon appear to be thinking just that. The four carriers said they plan to take mobile security to the next level, using their collective heft and omnipresence to fuel a task force whose charter is to develop a better authentication mousetrap for customers and enterprises by sometime next year.
Their idea is to free users from passwords that hackers can pilfer by using their capabilities in network-based device authentication, geo-location and SIM card recognition to construct a solution that verifies you are who you claim to be. Data analytics will be the initiative's foundation -- the telecoms believe that analyzing data and activity patterns on a mobile network will enable them to predict, with a high degree of certainty, whether the user is who they say they are.
Seeking Third-party Guidance
To take the plan up a notch, each carrier has pledged to use whatever resources are at its disposal to come up with a stronger mobile authentication solution. That includes going about their work openly and huddling with the app developer community, industry organizations and third parties to bring their ideas to market.
The time is right, said Alex Sinclair, GSMA chief technology officer, for stronger mobile security and authentication services.
"Through strong collaboration, the task force announced today has the potential to create impactful benefits for U.S. customers by helping to decrease fraud and identity theft, and increase trust in online transactions,” Sinclair said. The task force will collaborate with operators to ensure the solution is aligned and interoperable, he said.
Is It A Good Idea?
In the short term, if the carriers can outdo device manufacturers to develop a pumped up mobile authentication solution...well, then they may be able to dodge the water balloons thrown by critics claiming (and maybe rightfully so) that they’re feathering their nests with more branded apps and services.
And let’s not forget that using geo-location for authentication and identification security might not convince people wary of prying eyes. Then there’s the lions and tigers thing. Can the telecoms work together to create a common platform that each can capitalize on (and assumably customize) to their own advantage but still benefit their customers? That one's not so easy to answer. It's not the idea that's unworkable, it's how the end result plays out afterward that will be an open question for a while.