Security News > 2021 > December > Passwordless verification API transforms every mobile phone into a security token for zero trust access
You don't have to log into the network to use the phone - it happens in the background via the SIM. Moreover, the mobile subscriber identity is one of the most widely used forms of digital identity.
Firstly, it merely proves the user has access to a phone number, potentially through social engineering, not possession of a physical security token / device.
In contrast, SIM-based authentication turns every existing mobile phone into a hardware security token - one that users already have on them - with a seamless experience that delights.
ID passwordless verification, businesses can transform every mobile phone into a hardware security token for IAM, saving costs on extra hardware, and finally bringing trust to Bring-Your-Own-Device environments.
ID API via a backend to create a Check URL for that user's registered phone number.
If the phone number verification was successful, the user is logged in.
News URL
https://www.helpnetsecurity.com/2021/12/15/sim-based-authentication/
Related news
- T-Mobile US fined $31.5M for network security breaches between 2021 and 2023 (source)
- The dark side of API security (source)
- Product showcase: Shift API security left with StackHawk (source)
- Leveraging Wazuh for Zero Trust security (source)
- New iOS Security Feature Makes It Harder for Police to Unlock Seized Phones (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)