"SIM swap" attacks have been in the news for years. They’ve enabled serious financial crimes and even a hack of the Twitter CEO's account. We spent 6 months researching how vulnerable wireless accounts are to these attacks. Our draft study is out today.
Great paper by Arvind Narayanan & team looking at how US carriers authenticate end users for SIM replacements. Spoiler alert: they are all insecure, except maybe .