cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
darlicious
Mayor / Maire

Re: SIM Swap Fraud

@daki28 

PM needs to make the rules as very few other providers allow the kind of access we have in our accounts and i want it to remain that way. I dont mind any of the options I summarized in my post. Optional additional security measures but I want it easily accessible....and free!

daki28
Great Citizen / Super Citoyen

Re: SIM Swap Fraud

@darlicious  Yes, we agree on that. But also some other simple changes like when creating password. They suggest using combination of letters, numbers and symbols but then they just enforce "It must contain a minimum of 6 characters, including at least one digit". Well guess what, if you let users with 6 characters and one digit, they'll use it. Then PM says, create better password. It would take an hour for a developer to enforce it to be at least 12 characters and have a number, upper case, lower case and symbol. If I follow their 'enforcement', my password can be hacked in 1/2 seconds by using 'random' letters and one number. If you simple enforce what I mentioned (that is standard on many sites), it makes much stronger password that now it takes 400 years to crack (based on howsecuremypassword is site). Also, why limit me to 20 characters? Why not more and if I want to use super-strong password (that makes me more secure) ,why not? BTW, they don't tell you that limit is 20 characters and it took me few min to figure that out. Just some 'general' message that password is not in acceptable format, not why (that is over 20 characters)

So, help your customers with these small enforcements. Not everyone is tech wizard and uses PasswordManagers (as we all should), but don't leave it as suggestion, enforce it. 

will13am
Oracle

Re: SIM Swap Fraud


@darlicious wrote:

@daki28 

 My search the other night turned up pretty much nothing as far as other mobile providers help forums went.....maybe you can find something?

 

@Pawprints1986 

Ironically when I signed into my CRA account yesterday I had been randomly selected to add 2FA with no option to refuse its implementation. Choosing to recieve a phone call ensures it can be sent to just about any phone ( ie landline) but it means that you can at least ensure that you have your voicemail pin required to access your messages from any device .


See what I mean about forced 2FA?  Resistance is futile.  

gpixel4
Mayor / Maire

Re: SIM Swap Fraud

@daki28 the fact of the matter is, other providers also have the 'change sim' function.

and if you're on post paid you will need to have your correct information. prepaid you do not. so prepaid is still the safer choice

dabr
Mayor / Maire

Re: SIM Swap Fraud


@Lieux wrote:

@kb_mv @darlicious  The help page about transfer or change number have disappeared in the English forum...but you still can find it in the French forum 😉 

https://productioncommunity.publicmobile.ca/t5/Annonces/Transf%C3%A9rer-ou-changer-un-num%C3%A9ro-de...


Thanks @Lieux  I'd also been looking for that announcement link and had been wondering what happened to it.  I guess we just have to use Google translate instead now... 😊

daki28
Great Citizen / Super Citoyen

Re: SIM Swap Fraud


@gpixel4 wrote:

@daki28 the fact of the matter is, other providers also have the 'change sim' function.

and if you're on post paid you will need to have your correct information. prepaid you do not. so prepaid is still the safer choice


@gpixel4 

Probably, but correct or incorrect information means nothing for SiM change function. Once you/they are in, it doesn't matter. It might mean something to port your number, but I'm not sure that I want to put 'John Doe' name and then use that when porting. How do I prove I'm 'John Doe' if that's required.. That never made any sense to me. Also, even if it is ported/SiM Hijacked, it is easier to prove your identity with 'real info', rather than made up.

 

akanksha_1
Great Neighbour / Super Voisin

Re: SIM Swap Fraud

Hey there!

Thanks for the information.

RobertQc
Mayor / Maire

Re: SIM Swap Fraud

Send me a text message and e-mail if my sim card is trying to be changed.

 

"Hi Public mobile here, there is a request for a sim change, if this was not you please respond back to this message with "No" to cancel the sim change, otherwise the sim change will go through in X hours"

 

Then in each self serve account allow us to select how many hours (X) the sim change timer would take in hours and do not allow this to ever be lowered, only increased even with account information verification and moderator intervention. Default is 0. I would set mine to 48 hours.

 

 

daki28
Great Citizen / Super Citoyen

Re: SIM Swap Fraud

@RobertQc Yeah, that's one of the possible options but do anything to help this issue. Problem with SMS is that probably your SIM is not working and you cannot receive, but email would work. Or 'alternate phone number' that we can all list. Also, being able to set hours in Self Serve is a potential risk as those who got in, can change it to 0 hours and change SiM. No solution will be 'perfect' and we can find to each some 'unwanted scenarios' but anything is better than just simple change sim.. 

RobertQc
Mayor / Maire

Re: SIM Swap Fraud


@daki28 wrote:

@RobertQc  Problem with SMS is that probably your SIM is not working and you cannot receive, but email would work. Or 'alternate phone number' that we can all list.


@daki28  Yes but thats why if your phone is not working, no reply would allow the sim to go through like normal.The sim change will automatically go through unless you stop it. But yes, send it to as many e-mails / phone numbers you wish.

 


@RobertQc wrote:

"No" to cancel the sim change, otherwise the sim change will go through in X hours"


 

 


@daki28 wrote:

@RobertQc  Also, being able to set hours in Self Serve is a potential risk as those who got in, can change it to 0 hours and change SiM.


@daki28  No, like I said, this number can NEVER be lowered.

 


@RobertQc wrote:

and do not allow this to ever be lowered, only increased even with account information verification and moderator intervention.


 

This timer doesn't have to stop any other future advancements in sim swap prevention methods public mobile comes up with and it can be only used by people that want to use it. It is only able to assist against sim swap fraud by those that wish to utilize this feature if it was available.

Need Help? Let's chat.