Skip to content

2 Comments

Keep it disabled until a failsafe mechanism that prevents unauthorised SIM swaps is implemented.
I know that this may not make some people happy, but the expectation for ‘all’ the carriers and their staff to prevent SIM swaps happening is to just too big a wish. I’ve dealt with so many of these with various carriers, in many cases repeated incidents for the same customer, where the carrier just doesn’t seem to learn from the previous incident.
At least with 2FA/MFA/2Step, you have device registration, which moves the responsibility away from the SIM/carrier to you, the user/customer.
Plus, there’s also the impersonation of the CLI that we’ve discussed here before, which is another weakness.
SMS has never been considered to be reliable, let alone secure.

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?