07-25-2017 02:39 PM - edited 01-05-2022 02:30 AM
I'm wondering if there is a way to mark your number as "do not port" with Public Mobile? There are several security concerns around porting your number to another carrier – it's not very hard for an attacker to impersonate you sufficiently enough to have another carrier request a port of your number to someone who isn't you. If someone can get ahold of your phone number they can then use that as a vector for other attacks (sms authentication mechanisms, call to confirm something, etc).
Does this option exist? Or at least the option to have extra confirmation steps taken when porting is requested?
07-25-2017 07:59 PM
@mimmo Public's webform asks for name
In reality you do not need this (but it is impossible to initiate port on Public without it, which is where confusion is coming from I think)
Either way unless you are porting a landline to Public (or from Public to landline) the name rule is not very strict at all
07-25-2017 06:20 PM
07-25-2017 06:05 PM
@steve_l wrote:Where did you see the requirements for porting? Have a link?
https://www.cwta.ca/for-consumers/wireless-number-portability/#4
Only one piece of account information is needed along with the phone number.
07-25-2017 04:51 PM
@steve_l the rules for WNP are set far above Public
Even if Public wanted to make up their own rules doing so would fall afoul of legislation
Either way slamming (unauthorized transfer) is against rules and is easy to reverse if someone (eg your ex) decides to try and get your number
07-25-2017 04:18 PM
So assuming someone is able to get ahold of my account number, name and phone number they can port it. This doesn't strike me as a super high bar in terms of security and is something that is normally printed directly on a statement (given, Public Mobile's statements are digital, so unless I'm tricked into giving someone my account number I guess I'm "safe").
The question still remains: can I put a note on my account to indicate "do not port" or "call this number if porting is requested"?
07-25-2017 04:04 PM
07-25-2017 04:01 PM
07-25-2017 03:57 PM
@Samianauman Where did you see the requirements for porting? Have a link?
These kinds of attacks are becoming more and more common, it would be nice to be able to lock things down.
Reports online are mostly from the US, but the lesson remains:
07-25-2017 03:41 PM
07-25-2017 03:13 PM
@mimmo you can port without name
Only one of the three (account number, PIN, or IMEI is required)
And even then you actually can bypass that as well
07-25-2017 03:11 PM
07-25-2017 02:54 PM
@steve_l there are protections against unauthorized transfer of your number
Normally slamming is reported to CCTS but you can even escalate to CRTC if you wish
07-25-2017 02:45 PM