Telstra is going to make it harder for anyone — including you — to access all the sensitive, private information associated with your online account. And that's a good thing.
According to the Sydney Morning Herald, Telstra's 24x7 app is being updated with additional security features to safeguard customers' private details and data. Not coincidentally, that update comes not too long after SMH reporter Ben Grubb demonstrated a social engineering flaw in the Telstra account system that could allow anyone with basic information on a person to create an online account and monitor their mobile phone call logs and other data.
Telstra is trialing the rollout of a new ID+ service for its existing 24x7 app users, currently on Android only, which would send 2-factor security confirmations via SMS to customers' mobile phones whenever an attempt is made to log into an online account or otherwise access call logs or other private data.
Once completed, Telstra ID+ will be a suite of identification and verification options to provide you with greater security when interacting with Telstra. As part of the initial roll out of Telstra ID+, this will be introduced into a new version of the Telstra 24x7® app for Android app which will be supported on devices running version 4.0 of Android and above. This version will initially be made available to a selected group of users only. Over time, we intend to progressively roll out this functionality more widely, and to introduce additional verification to interactions in digital, telephone and retail interactions.
2-factor security via SMS is "one of the enhancements" that Telstra ID+ will include, suggesting that there may be more security measures built in to either the Android app or Telstra's account system more generally in the future. [Telstra CrowdSupport]