Port Validation Security Measures

Need Help?

That's what we're here for! The goal of the Rogers Community is to help you find answers on everything Rogers. Can't find what you're looking for? Just ask!
cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
I'm a Senior Contributor
Posts: 209

Re: Port Validation Security Measures

@DavidEllis 

 

Another good caution. But what recovery number do you give if that's all you have?

I've Been Here Awhile
Posts: 3

Re: Port Validation Security Measures

My number was fraudulently ported last night. Received a text message that it was being ported to another service provider and thought the message was spam. After I looked at the number in the text online and starting searching on it started to see posts to this effect. Called them at 611 from my cell and while online my service was cut. I was online right away to find out what was going on and told someone had ported my number but they didn't know to where. How can this happen when we need to provide security questions and information when we sign up for the service yet within a half hour someone can compromise my account and leave with no service? I will be doing a police report and going to the store this morning since I was provided a temporary number that is useless without a new SIM. Horrible experience that leaves us completely vulnerable to fraudsters. I feel so helpless after this happened. Not sure what more to expect from Rogers and will definitely post this wide to advise people of this happening on a regular basis it seems. I will be writing to their Office of the President as well as the Office of the Privacy Commissioner and getting in touch with CBC MarketPlace.

I Plan to Stick Around
Posts: 8

Re: Port Validation Security Measures

Ok - I can provide the high level of whats going on.

 

The CRTC passed a mandate that telephone numbers belong to the consumer - not the carrier that issued them. Thus they gave the consumer the right to port the number to the carrier of their choice.

 

When you port the number - you provide the number, an address, and an account number. Unfortunately Rogers like most carriers does not validate the account number - most of these scammers simply list the phone number as the account number. They also don't validate the address before they port. This makes it possible for a scammer with an email and a phone number to port the number to another carrier.

 

Alot of this could be resolved by verifying all information provided on port requests. It would also help to publicize the port block feature Rogers has made available to those impacted by this.

Moderator
Moderator
Posts: 379

Re: Port Validation Security Measures

Hello @koalat,

 

Thanks for reaching out to the Rogers Community and allowing us a chance to engage with you.

 

A situation such as this can certainly feel jarring, to say the least. You did the right thing by contacting us right away and we are glad that a temporary number was provided. I would also strongly recommend that you reach out to all of your financial institutions to inform them of what's happening so they can protect your accounts.

 

You may also reach out to us by private message @CommunityHelps if further review of your account is needed. The safety and security of your account is super important to us. We can look at ways to further secure your account going forward. For more information on how our Private Messaging system works, please CLICK HERE.

 

Thank you,

RogersLaura

I'm a Senior Contributor
Posts: 209

Re: Port Validation Security Measures


@DavidEllis wrote:

Ok - I can provide the high level of whats going on.

 

The CRTC passed a mandate that telephone numbers belong to the consumer - not the carrier that issued them. Thus they gave the consumer the right to port the number to the carrier of their choice.

 

When you port the number - you provide the number, an address, and an account number. Unfortunately Rogers like most carriers does not validate the account number - most of these scammers simply list the phone number as the account number. They also don't validate the address before they port. This makes it possible for a scammer with an email and a phone number to port the number to another carrier.

 

Alot of this could be resolved by verifying all information provided on port requests. It would also help to publicize the port block feature Rogers has made available to those impacted by this.


This accords with my conversation with a Rogers agent last night (see my message last night).

 

There are many ironies here.

 

First and foremost, we really have to get after the CRTC. I appreciate their stance that the consumer owns the number and we have the right to port to another carrier. However, we also have the right to SECURITY around that number. And clearly current provisions have prioritized convenience over security and that is simply wrong. 

 

The biggest irony is the info I had to provide my Rogers agent last night to get the Port PROTECTION put on my account. He sent me a special form over the online chat where I had to give my first and last name, my postal code, my date of birth, and my email address. And all of this was to validate the Account Number which he had online from me signing in with my account password. All of that to ADD protection.

 

If only they took that kind of precaution and validation when giving my number and account away???? 

I've Been Here Awhile
Posts: 3

Re: Port Validation Security Measures

I had to do the same thing once I connected with the person from Rogers. Completed the form that should have been done by the fraudster that stole my number. Scary thing is hearing how common this is and how frequent it's happening to people. Thought this was much less rampant than it is so very frightening to say the least. Since I had to provide ID when I went into the store just this morning the person who tried to port my number should have provided ID and other information to confirm which wasn't the case.

I'm a Senior Contributor
Posts: 209

Re: Port Validation Security Measures


@RogersLaura wrote:

Hello @koalat,

 

Thanks for reaching out to the Rogers Community and allowing us a chance to engage with you.

 

A situation such as this can certainly feel jarring, to say the least. You did the right thing by contacting us right away and we are glad that a temporary number was provided. I would also strongly recommend that you reach out to all of your financial institutions to inform them of what's happening so they can protect your accounts.

 

This reply was not addressed to me so I may be out of line but, with all due respect, these empty platitudes do not go very far in my opinion. If I had my service cut off *WHILE* I was online with Rogers trying to save myself from a scam artist stealing the very number I was calling about, I would be livid, and your "there-there" corporate reply would do zilch to assuage me.

 

At the very least, perhaps Rogers could put some sort of a minimum wait period on the port request, say a day, or at least 8 hours or something that would allow the rightful and legal owner of the number to connect with Rogers and remedy the situation and expose that scam before it became irremediable? 

 

This is not the first account I have heard of, in the news or here on the Forums, where the rightful number owner/client *WAS* trying his/her most diligent best to contact Rogers urgently to say "NO I did NOT request this", only to have the service cut in the middle of the vain attempt. This means that your porting service is happening VERY quickly. Why give the scammer/thief the benefit of more urgency than you give the client/owner?

 

Alas, if Rogers was only that quick in all of their service actions. It figures that the one circumstance where you act immediately is the one time you ought to be slowing down the darn process to ensure the protection of their client.

 

I mean, come on. It takes *72 hours* for Fraud Protection to *ADD* port protection to my duly verified account, but about 20-30 minutes to cut my service off and give my account and number to someone who has not even been properly validated??????  This is where we need some of Rogers' more typical *inefficiency*   😞

Highlighted
I Plan to Stick Around
Posts: 8

Re: Port Validation Security Measures

Even worse - there is very little validation/common sense being applied to the actual port request.

 

My account number is NOT my cell phone number - and not publicly available - why not insist it be correct on the port Request?

 

If I've been a Rogers Customer in a specific region for 30+ years, does it make sense that I would port my number to some smaller carrier in a different city? Perhaps you might want to call and confirm it?

 

My cell phone is not associated with an address in a directory - perhaps you could check that the address is correct on the port request?

I Plan to Stick Around
Posts: 8

Re: Port Validation Security Measures

I used a landline (yes I still have one) - the alternative would be a friends phone number.

 

I'm a Senior Contributor
Posts: 209

Re: Port Validation Security Measures

I thought about doing just that - using my landline - but many of the "recovery options" I have run across seem to want to send an SMS. But I guess I could use my wife's cell number and vice versa. At least not a direct connection to my own cell phone that way.