|
|
|
|
|
|
by lxgr
876 days ago
|
|
|
The problem really isn’t SIM swapping, it’s that we’ve become used to treating phone numbers as reliable personal identifiers, and SMS OTP as proof of identity (for authentication) and/or humanity (for spam/sockpuppet account protection). Mandating 2FA methods other than SMS OTP would be amazing, but I don’t see that happening at the federal level, largely due to the complete lack of other digital authentication methods. What else should companies use? |
|
|
if we want proof that each account correlates to exactly one person, well i think that should 100% not be a phone number and is an entierly bigger+different problem