Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsSpark New Zealand (including Skinny and BigPipe)Number port-our attack protection?
RickD

280 posts

Ultimate Geek
+1 received by user: 8


#251296 18-Jun-2019 07:18
Send private message

I read the story below this morning and was wondering what protection Spark has against numbers being ported-out by scammers?

https://www.zdnet.com/article/sim-swap-horror-story-ive-lost-decades-of-data-and-google-wont-lift-a-finger/

Create new topic
freitasm
BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2259900 18-Jun-2019 07:22
Send private message

You are usually required to be in-person at store with a photo ID and the original SIM card (if prepay).

 

Of course it is possible something like this could happen if you had a rogue sales person in store, doing a favour for a "friend".

 

SMS 2FA is not the best of second factors authentication type.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 



sudara
8 posts

Wannabe Geek
+1 received by user: 7


  #2260790 19-Jun-2019 11:10
Send private message

I recently ported my number from 2degress to Spark.

 

For them to port it, they needed my account number from 2dgrees (Pay-Monthly) or need the SIM number printed in your older SIM card (Pre-Paid).

 

So as long as that information is secure, I don't think anyone can port your number. 

RickD

280 posts

Ultimate Geek
+1 received by user: 8


  #2271728 8-Jul-2019 10:54
Send private message

freitasm:

 

You are usually required to be in-person at store with a photo ID and the original SIM card (if prepay).

 

Of course it is possible something like this could happen if you had a rogue sales person in store, doing a favour for a "friend".

 

SMS 2FA is not the best of second factors authentication type.

 

 

 

 

I have prepaid so good to know, thanks. I use Authy/Google Authenticator for 2FA, but have my 027 as the backup on my Google account and a couple services that only have SMS 2FA like Twitter.



freitasm
BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2271729 8-Jul-2019 11:00
Send private message

RickD:

 

I have prepaid so good to know, thanks. I use Authy/Google Authenticator for 2FA, but have my 027 as the backup on my Google account and a couple services that only have SMS 2FA like Twitter.

 

 

Twitter has lots of 2FA: authenticator, SMS and hardware keys. You can have all three active in any account and use the one easier at the moment of login. I personally use Authy and a Yubikey.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

RickD

280 posts

Ultimate Geek
+1 received by user: 8


  #2271786 8-Jul-2019 12:08
Send private message

freitasm:

 

Twitter has lots of 2FA: authenticator, SMS and hardware keys. 

 

 

I must be a few years behind... need to update that now.

hairy1
3352 posts

Uber Geek
+1 received by user: 644

ID Verified
Trusted
Lifetime subscriber

  #2271810 8-Jul-2019 12:38
Send private message

freitasm:

 

Twitter has lots of 2FA: authenticator, SMS and hardware keys. You can have all three active in any account and use the one easier at the moment of login. I personally use Authy and a Yubikey.

 

 

I also use Authy. Mauricio, how do you use the Yubikey alongside Authy? Is to open Authy or in place of Authy at times?

 

Cheers, Matt.




My views (except when I am looking out their windows) are not those of my employer.

 
 
 
 

Want to support Geekzone and browse the site without the ads? Subscribe to Geekzone now (monthly, annual and lifetime options).
dellor
16 posts

Geek
+1 received by user: 8
Inactive user


  #2271813 8-Jul-2019 12:45
Send private message

freitasm:

 

You are usually required to be in-person at store with a photo ID and the original SIM card (if prepay).

 

Of course it is possible something like this could happen if you had a rogue sales person in store, doing a favour for a "friend".

 

SMS 2FA is not the best of second factors authentication type.

 

 

 

 

What do you mean 'if prepay'' are you saying prepay connections are treated more as a security priority  and they don't worry so much about the security of on On Account connections? 

hio77
'That VDSL Cat'
13036 posts

Uber Geek
+1 received by user: 3896

ID Verified
Trusted
Lizard Networks
Subscriber

  #2271814 8-Jul-2019 12:49
Send private message

This is exactly why all the providers require physical ID etc now days..

 

 

 

It's quite sad that it had to come down to that level of security honestly, because simswaps are a total pain!




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have. 

richms
29098 posts

Uber Geek
+1 received by user: 10208

Trusted
Lifetime subscriber

  #2271818 8-Jul-2019 13:07
Send private message

Last I checked to port a postpay number just required information that is on the bill and a date of birth, both of which are hardly secret information.

 

When I asked vodafone about locking swaps and ports on my 2 factor phone the 3rd world call center didnt even understand.




Richard rich.ms

dellor
16 posts

Geek
+1 received by user: 8
Inactive user


  #2271819 8-Jul-2019 13:12
Send private message

Vodafone are suppose to ask for the customer's 4-digit pin.. 

freitasm
BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2271899 8-Jul-2019 15:28
Send private message

hairy1:

 

freitasm:

 

Twitter has lots of 2FA: authenticator, SMS and hardware keys. You can have all three active in any account and use the one easier at the moment of login. I personally use Authy and a Yubikey.

 

 

I also use Authy. Mauricio, how do you use the Yubikey alongside Authy? Is to open Authy or in place of Authy at times?

 

Cheers, Matt.

 

 

When you login on Twitter it asks if you want to enter the code or change the method...




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright