It’s time to worry about your phone number reputation and mobile identity. The company that provides two-factor authentication for the users of sites such as Google and Facebook has been quietly amassing the phone numbers of those users, and is now assigning a phone number reputation, which it calls a PhoneID Score – or your Mobile Identity – to all of those phone numbers being used for two-factor authentication and, it seems, any other phone numbers the data for which they have access.
Says Telesign of their new PhoneID Score system, “PhoneID Score combines proven predictive data from multiple sources, including telecom data, traffic patterns, and reported fraud to assess the risk level of a phone number. The product provides a reputation score, ranging from 0 to 1000, a risk level, and a recommendation based on a user’s phone number.
“The tide turned when Google started offering two-factor in 2010. When free email providers started doing two-factor, a lot of people asked why their financial services weren’t doing the same thing,” says Steve Jillings, CEO of Telesign.
As Telesign explains on their site, “Every user’s phone number serves as a unique online identity – their Mobile Identity. We use a phone number to assess the risk of a mobile identity provided at account registration or during a transaction. From the phone type to subscriber status and activity, the combined data gives us the ability to accurately predict fraud based on just a phone number.”
|Pssst! Get notified of new TIP articles here:|
So how does it work? According to a statement released by Telesign, “Companies simply send a user’s phone number to TeleSign via its REST API to receive a real-time score, risk level and a recommendation.”
“We each have a unique mobile identity tied to our phone number that is linked to a wealth of information, from where we live to our online activities,” they go on to say.
The PhoneID scoring is such that the lower the number the better. With ranges of 0 to 1000, a 1000 would correlate to a throw-away phone used only for nefarious activities. The company says that any score below a 200 would suggest that the inquiring company should “roll out the red carpet for you.”
Concludes Jillings, “The current user name/password system is broken. Eventually the mobile phone as authenticator of identity will be everywhere, because it’s immediately verifiable. You’ll have to provide your phone number for every site.”
(Hey! Please let us know if you liked this article by leaving us a comment!)
You might also like some of our other articles: