AT&T is finally adding a security feature to cut down on port-out scams
It looks like AT&T already has a response to the FCC’s new proposals announced today, because they are adding a one-time passcode security feature to cut down on port-out scams.
A new AT&T support article we spotted today states that the carrier will soon require customers who want to port out their number to generate a one-time passcode before switching carriers. The feature is called a “Number Transfer PIN”, and Verizon has been using it since March of last year. It’s a secure one-time-use code that can only be generated by the customer.
Customers that want to port out must first either dial *PORT from their current line or generate a code with the myAT&T app/their online account. The code is then provided to the carrier they are porting to, along with other general account information. Importantly, AT&T employees cannot generate this code on a customer’s behalf. This eliminates an “inside job” type of situation, at least for port-out scams.
Number Transfer PINs replace the existing pre-configured PIN setup that AT&T (and T-Mobile) currently uses. The pre-configured PIN is established when the account is opened, and is used for both account access and to port out. The new PINs are randomized and only generated when needed, making them much more secure.
The change is currently set to take place on October 18th, according to the support article. T-Mobile will then be the only major carrier not using the Number Transfer PIN method.