The four major U.S. mobile telephony carriers have come together to launch a unified sign-on authenticator service for smartphones, called ‘Project Verify’.
AT&T, T-Mobile, Verizon and Sprint, or ‘The Mobile Authentication Taskforce’ have come together to replace a password manager by creating a single sign-on service used to authenticate every app on a smartphone. Dubbed ‘Project Verify’, the four giants claim the service authenticates users through their phone number, phone account type, SIM card information, IP address and account tenure.
The Mobile Authentication Taskforce is a collaboration of the four major US wireless providers, who serve 98% of all Americans, to build a more secure, multi-factor, identity authentication platform for all.
When enabled, users will be able to log into apps that have it enabled as an option. The user interface (UI) will also feature the latest singing-ins each app, granting users the option to revoke access for apps that aren’t in use any longer.
Users will also have to manually grant permission to apps for using Verify. The service will also double up as a two-factor authentication (2FA) platform, as opposed to vulnerable codes via texts or emails that are susceptible to interception.
“The Project Verify solution will change identity management and security, replacing passwords with more secure, device-based, multi-factor authentication,” the companies claim.
Speaking to the Verge, a spokesperson claimed certain apps could require additional verification methods as an added layer of security – beyond the Verify app. It’s conceivable that critical apps from the banking industry could require biometric information or a PIN.
The downside of a single sign-on service, however, could mean that a rogue individual gaining access to an individual’s home screen could conceivably use Verify to access apps that do not require that additional layer of security.
Image credit: Project Verify.