Why Phone-Based Authentication Can Be Insecure
Cyber criminal’s delight?
by Sascha Brodsky
Published November 17, 2020
*** begin quote ***
Hackers can steal phone-based multi-factor authentication (MFA) codes, experts say.
Phone companies have been tricked into transferring phone numbers to allow criminals to get the codes.
A simple, low-cost way to increase security is to use the authenticator app on your phone.
*** end quote ***
I don’t understand why corporate CSOs don’t insist on authenticator apps versus some lame alternative.
And, if you don’t want to “mandate” it to Customers, then their services should support it.