After our press release yesterday publicizing that Shush Sherlock now supports GSMA TS.43 standard, our CEO, Eddie DeCurtis, sat down with Rob Kurver from CPAAS Acceleration Alliance to talk about this monumental step for silent, simple, seamless authentication.
Eddie talks about what it is, why it matters, and how MNOs can begin monetizing authentication and increase relevance in the identity verification space.
Read the full interview here.
Setting a New Benchmark: Sherlock Unlocks Ubiquitous, Silent Authentication for the Mobile Ecosystem.
"Network Authentication via TS.43 Rel.11 Entitlement Server
has the potential to be a game-changer for the mobile industry,
offering unmatched security and flexibility.”
— Henry Calvert, GSMA Head of Network
DALLAS, TEXAS, APRIL 22, 2025 – Shush Inc. is thrilled to announce that its flagship platform, Sherlock, now supports Silent Authentication using EAP-AKA, adhering to the GSMA’s TS.43 Release 11 standard for Network Authentication. This breakthrough enables seamless and secure device authentication with ubiquitous performance across Wi-Fi, cellular networks, Apps, and browsers, setting a new benchmark for Mobile Network Operators (MNOs) and third-party applications.
The TS.43 Release 11 standard outlines the technical framework for Network Authentication, but MNOs have questioned how to monetize this capability. Shush provides a clear answer by enabling carriers to integrate to Sherlock’s Authentication Server, which supports EAP-AKA for third-party apps. This allows MNOs to offer secure, scalable, and ubiquitous authentication services for any mobile use case, creating new revenue streams while enhancing user trust and experience.
"Network Authentication via TS.43 Rel.11 Entitlement Server has the potential to be a game-changer for the mobile industry, offering unmatched security and flexibility,” said Henry Calvert, Head of Network at GSMA. “Shush’s Sherlock platform demonstrates how carriers can practically implement and monetize their authentication services using this standard, driving value for operators and confidence for customers.”
How Sherlock Works
Sherlock leverages the EAP-AKA protocol and the integrated Sherlock Authentication Server to authenticate devices silently, without user intervention. When a device connects via Wi-Fi or cellular, regardless of source - whether on App or through a browser - it communicates with the carrier’s TS.43-compliant Authentication Server through the SIM card on the user’s device. The server verifies the device’s identity using the SIM card’s cryptographic credentials, ensuring robust security. By eliminating the need for off-device authentication methods like SMS-OTP or the current best-in-class IP-based matching, this process delivers a frictionless experience across all environments.
“Sherlock redefines device authentication by making it simple, seamless, silent, and universally accessible,” said Eddie DeCurtis, CEO and Co-Founder of Shush. “Our platform empowers carriers to unlock the full potential of TS.43, turning authentication into a strategic, fully monetized asset.”
“Implementing EAP-AKA within Sherlock was a technical leap forward,” added Wesam Qaqish, CTO of Shush. “Our solution ensures carriers and third-party Apps can rely on a single, future-proof authentication standard that works everywhere.”
About Shush Inc.
Shush Inc. is a trailblazer in Network Authentication solutions, dedicated to transforming convenience and reliability in the industry. With a strong focus on innovation, Shush Inc. delivers seamlessly integrated, cutting-edge authentication solutions tailored for Mobile Network Operators to meet the dynamic needs of modern enterprises, ensuring security and efficiency in every connection.
Daryl Carlough
Shush Inc.
+1 6173204863
email us here
Visit us on social media:
X
LinkedIn
Tags: Press Release
Dear Colleagues in the Telecommunications Industry,
The telecommunications landscape continues evolving after the “launch” of RCS and the continued interest in Network APIs. We must recognize and capitalize on the rapidly expanding opportunities before us as industry leaders. According to recent research from S&P Global, the market for network authentication is currently valued at $12.6 billion in 2024. This presents a significant window for mobile network operators (MNOs) to enhance their revenue streams, particularly by leveraging Anti-Fraud APIs, which account for the lion's share of this opportunity—97% of revenue in the S&P Global Market Intelligence Report.
However, the current state of Network API readiness shows that we are not moving fast enough. Only 5% of MNOs worldwide have partially deployed network APIs. While the other 95% would like to deploy Network APIs to the market, MNOs are being led to believe they need to prioritize 5G network infrastructure investments, thus delaying ROI for years. Much of this delay can be attributed to pressure applied by the OEM to purchase additional network components that are unnecessary for deploying Anti-Fraud Network APIs.
The GSMA has been leading the standardization of APIs and bringing the MNOs and industry together, but these efforts are insufficient to address MNOs' hesitation. This lack of action, at no fault of the MNOs, is causing an imbalance of supply and demand as brands, financial institutions, and enterprise developers are clamoring for Network APIs to secure their mobile-first brand experiences.
At Shush, our concern is that without some dramatic change, Network APIs will follow the slow and lackluster growth of RCS over the last few years.
Those who do not learn from the past are doomed to repeat it. The industry can look back at the missteps in the much-delayed adoption of RCS. The delayed adoption of RCS offers a valuable lesson for the telecom industry. RCS was poised to revolutionize messaging but was held back by slow carrier rollouts, inconsistent global support, and a fragmented approach to implementation. These missteps allowed over-the-top (OTT) messaging platforms like WhatsApp and Facebook Messenger to dominate the market. MNO suffered from this by purchasing new equipment to support P2P/A2P RCS with no business case.
At Shush, we know that MNOs already have the infrastructure required to start monetizing Network APIs if the correct APIs are prioritized. Two types of Network APIs are available today - Anti-Fraud APIs (which we call Network Authentication APIs) and NaaS (Network-as-a-Service) APIs like MEC, Network Slicing, QoS, and QoD. The following three points need to be considered by all MNOs planning next steps with Network Authentication APIs.
Shush is bullish on Network APIs as we focus only on Anti-Fraud APIs for Mobile Network Operators, which are directly linked to revenue and require no additional network investment.
Furthermore, Shush brings the other three elements an MNO needs to be successful in the space: (1) a Monetization Platform, (2) Integration services from your network to the Monetization Platform, and (3) Business Operations that care for Privacy, limits liability, pricing guidance for the APIs, and contractual experience to connect to the Demand ecosystem. These three elements make up the core foundation of a Network Authentication business - not just another OEM box. At Shush, we are dedicated to building a successful Network Authentication business for each of our MNO clients.
The time to act is now. By embracing the next generation of network authentication solutions, we can lead the charge toward a more secure, efficient, and profitable future.
I welcome the opportunity to discuss this in greater detail and explore how Shush Inc. can partner with your organization to drive this innovation forward.
Sincerely,
Eddie DeCurtis
Co-Founder & CEO, Shush Inc.
Tags: Thought Leadership
Funding to Propel Innovation and Expand Global Footprint in Network Authentication
"The successful close of this seed round highlights our strong
business model, unique value, and investor confidence. Funding
enables rapid scaling, growth, and innovation in Network
Authentication.”
— Daryl Carlough, Co-Founder & CFO
DALLAS, TX, UNITED STATES, December 19, 2024 /EINPresswire.com/ -- Shush Inc., a leader in Network Authentication solutions, is proud to announce the completion of its $3 million oversubscribed seed round. Amid growing global demand for secure and scalable authentication, this funding marks a pivotal moment in the company’s journey toward transformative growth. The milestone underscores Shush’s dedication to innovation and the strong backing of a diverse group of investors aligned with its vision for the future of authentication.
Building on the momentum of its pre-seed funding success, Shush Inc. has shattered expectations by securing an impressive $3 million through a Simple Agreement for Future Equity (SAFE). The seed round was oversubscribed, indicating strong investor confidence in Shush Inc.'s vision and capabilities. Shush’s strong 2025 sales pipeline includes over 50 MNOs across five continents. This robust global interest underscores the growing demand for scalable Network Authentication solutions and positions Shush for significant market impact in the coming year. "This seed round marks a significant milestone for Shush Inc., especially in a climate where startups have faced unprecedented challenges in securing funding over the past few years," said Eddie DeCurtis, Co-Founder & CEO of Shush Inc. "Successfully closing this round is a testament to the strength of our vision, the dedication of our team, and the growing market demand for innovative solutions in the Network Authentication space. With this additional funding, we are well-positioned to accelerate our growth trajectory, expand our reach, and further solidify our position as leaders in this critical and rapidly evolving sector."
Daryl Carlough, Co-Founder & CFO of Shush Inc., emphasized the strategic significance of the seed round and its role in the company’s long-term vision. “The successful closure of this oversubscribed seed round is a testament to the strength of our business model, the unique value we bring to MNOs, and the confidence our investors have in our ability to execute,” said Carlough. “This funding positions us to scale rapidly, expand our global reach, and drive innovation in the Network Authentication space. With a strong sales pipeline and a clear path to delivering results, we’re ready to take Shush to the next level and redefine how network attributes unlock new revenue streams for MNOs.”
Shush Inc. continues to lead the adoption of the Network Authentication industry by offering Sherlock to global MNOs. Sherlock uniquely utilizes current network infrastructure to unlock the revenue of Network Authentication Attributes. “No other solution in the industry has been architected to leverage any cloud or core network infrastructure implemented by MNOs,” says Wesam Qaqish, Chief Technology Officer of Shush.
Shush Inc. is setting new standards in the Network Authentication industry with a focus on providing a holistic business approach for our Carrier Partners. “Shush comes to Carrier Partners with a ‘Business-in-a-Box’ that provides the right technical platform, the right integration capabilities, and the right business capabilities to enable them to quickly enter this burgeoning market. ,” said Jon Morrow, Chief Product Officer at Shush Inc.
With the completion of its seed round, Shush Inc. is well-positioned for rapid growth and continued industry leadership We invite MNOs and industry leaders to meet with us at Mobile World Congress 2025 to explore how Shush can transform network authentication and drive new revenue opportunities.
Shush Inc. invites organizations to collaborate and explore cutting-edge solutions that redefine network authentication and security.
About Shush Inc.:
Shush Inc. is a leading provider of Network Authentication solutions, committed to redefining convenience and reliability in the industry. With a focus on Mobile Identity and a dedication to innovation, Shush Inc. offers seamlessly integrated solutions designed to meet the evolving needs of modern enterprises.
Daryl Carlough
Shush Inc.
+1 6173204863
email us here
Visit us on social media:
X
LinkedIn
Tags: Press Release
FOR IMMEDIATE RELEASE
Shush Inc. Attains Six GSMA CAMARA Fraud Prevention Certifications
Setting a New Standard in Mobile Security with Industry-Leading Fraud Prevention Solutions
BARCELONA SPAIN MARCH 3rd 2025 – Shush Inc., a leader in Network Authentication solutions, proudly announces that it has achieved six GSMA CAMARA API certifications for fraud prevention. Setting a new industry benchmark in mobile authentication and security, the company has been certified for the following APIs:
GSMA Open Gateway and CAMARA, global initiatives focused on API standardization and interoperability for mobile network services, are key enablers for enterprises seeking secure and seamless authentication solutions. Shush Inc.’s achievement underscores its commitment to innovation, security, and reliability in the rapidly evolving digital landscape.
Beyond GSMA Open Gateway CAMARA certifications, Shush Inc. further distinguishes itself by offering an additional 37 API signals, expanding authentication capabilities, and reinforcing its position as a trailblazer in network security and fraud prevention. These advanced API signals enhance verification processes and provide enterprises unparalleled authentication reliability, ensuring optimal security in mobile interactions. Shush Inc. can onboard a mobile network operator within 90 days of signing, leveraging GSMA Open Gateway CAMARA certifications to streamline integration.
“This achievement solidifies Shush Inc.’s role as a pioneer and leader in network authentication,” said Eddie DeCurtis, Co-Founder & CEO at Shush Inc. “By obtaining six GSMA Open Gateway CAMARA certifications for fraud prevention APIs and offering an extensive suite of API signals, we are empowering Mobile Network Operators and enterprises with the most advanced and secure authentication solutions available today.”
“We congratulate Shush Inc. on achieving six GSMA CAMARA API certifications to improve fraud prevention,” said Henry Calvert, Head of Network at GSMA. “This milestone demonstrates their commitment to advancing authentication and security standards in the mobile ecosystem. By leveraging the GSMA Open Gateway initiative and CAMARA APIs, Shush Inc. is helping drive interoperability and trust for Mobile Network Operators, enterprises and consumers worldwide.”
Shush Inc. is a trailblazer in Network Authentication solutions, dedicated to transforming convenience and reliability in the industry. With a strong focus on innovation, Shush Inc. delivers seamlessly integrated, cutting-edge authentication solutions tailored for Mobile Network Operators to meet the dynamic needs of modern enterprises, ensuring security and efficiency in every connection.
For media inquiries, please contact:
Daryl Carlough
Shush Inc.
+1 617-320-4863
info@shush.pw
https://shush.pw/
Tags: Press Release
DALLAS, TX, UNITED STATES, January 20, 2025 /EINPresswire.com/ -- Shush Inc., a leading innovator in secure communications technology, proudly announces the successful completion of its first System and Organization Controls (SOC) 2 examination. Conducted by AssuranceLab CPAs LLC, the report confirms that Shush Inc. has implemented effective controls to meet the security, availability, processing integrity, confidentiality, and privacy criteria established by the American Institute of CPAs (AICPA).
“We are thrilled to announce that Shush Inc. has achieved SOC 2 compliance,” said Eddie DeCurtis, CEO of Shush Inc. “This milestone is a testament to our unwavering commitment to providing our clients with a platform that ensures the highest levels of security and trust. As the demand for secure communication grows, this certification reinforces our dedication to safeguarding sensitive information.”
The SOC 2 examination assures current and prospective clients that Shush Inc.'s internal controls over its secure communications platform are effective. Achieving this compliance demonstrates the company’s ability to mitigate risks and adhere to best practices in handling data securely and responsibly.
“Achieving SOC 2 compliance is a significant step for Shush Inc.,” added Daryl Carlough, CFO of Shush Inc. “It underscores our commitment to operational excellence and positions us as a trusted partner for businesses seeking secure communication solutions. This achievement reflects the robust systems we’ve built and highlights our dedication to maintaining the highest standards in protecting our clients' data.”
“As the technological backbone of Shush Inc., we’ve invested heavily in creating a secure and scalable platform to meet our clients' needs,” said Wesam Qaqish, CTO of Shush Inc. “SOC 2 compliance validates our efforts and highlights our commitment to delivering innovative solutions that prioritize security and reliability at every level.”
Shush Inc. achieved compliance with the following trust services criteria:
● Security: Protection against unauthorized access, ensuring systems are secure from potential threats.
● Availability: Assurance that the system is operational and accessible as agreed.
● Processing Integrity: Validation that system processes are accurate, complete, and authorized.
● Confidentiality: Commitment to safeguarding information designated as confidential.
● Privacy: Adherence to principles governing the use and protection of personal information.
A SOC 2 report provides valuable information for clients to assess and address the risks associated with partnering with a service organization. For current and prospective clients interested in obtaining a copy of Shush Inc.’s SOC 2 report, please email us.
About Shush Inc.
Shush Inc. is a trailblazer in Network Authentication solutions and is dedicated to transforming convenience and reliability in the industry. With a strong focus on innovation, Shush Inc. delivers seamlessly integrated, cutting-edge authentication solutions tailored for the Mobile Network Operators to meet the dynamic needs of modern enterprises, ensuring security and efficiency in every connection.
Daryl Carlough
Shush Inc.
+1 6173204863
Tags: Press Release
Washington, DC, - ClearSky Technologies, a leading provider of mobile data services and solutions, and Competitive Carriers Association (CCA), representing nearly 60 regional and rural communications providers, are pleased to announce the launch of Silent Network Authentication Platform (SNAP). This innovative solution is set to enhance the security and efficiency of authentication for CCA members, enabling a more seamless and reliable network experience for millions of wireless users across the United States.
In cooperation with its technology partner, Shush Inc, ClearSky has successfully deployed its Network Authentication solution in a US data center, offering a robust, scalable solution for carriers looking to improve the wireless user authentication process in mobile applications. SNAP operates as a cloud service for the exclusive use of CPaaS providers and enterprise customers, such as banks and insurance companies, who are committed to decreasing mobile fraud.
“We’re glad to partner with ClearSky, a long-time CCA member, on this service which can help carriers meet the increasing demand for secure network solutions,” said Tim Donovan, President and CEO of CCA. “CCA is committed to staying at the forefront of mobile security for the benefit of our members and the customers they serve.”
“ClearSky's SNAP technology is designed to provide a superior authentication solution that is easy to implement and highly secure,” said Ron Willett, Vice President and General Manager at ClearSky Technologies. “We are thrilled to partner with CCA to offer this platform to CCA members. In so doing, CCA members will deliver this best-in-class security solution to their subscribers on par with Tier1 Mobile Network Operators (MNOs) in the US.”
ClearSky, in partnership with Shush Inc, continues to add value to the CCA community in multiple ways. “The Shush/ClearSky platform is fully operational thus ensuring fast and efficient carrier implementations. “said Eddie DeCurtis, CEO of Shush Inc. “This approach ensures that carriers can deploy network authentication APIs within 90 days of contract using existing infrastructure. This go-to-market partnership accelerates revenue to participating carriers due to the high demand of network attributes.”
Henry Calvert, Head of Networks from GSMA, said: “We congratulate the CCA, ClearSky and Shush for their successful launch of Network API Authentication Hub and SNAP. This achievement will further accelerate the industry adoption of CAMARA APIs and the best practices set forth by the GSMA Open Gateway framework. This provides the Mobile Network Operator community with a simplified approach to launching fully compliant CAMARA network APIs, exposing network capabilities and context in a simple and flexible way for enterprise developers to increase reliability and security of their products.”
###
About Competitive Carriers Association (CCA)
Competitive Carriers Association (CCA) is the leading association for competitive communications service providers and stakeholders across the United States. Members range from small, rural carriers serving fewer than 5,000 customers to regional and nationwide providers serving millions, as well as vendors and suppliers delivering products and services throughout the communications ecosystem.
About ClearSky Technologies
ClearSky Technologies has been providing cutting-edge wireless technology solutions to mobile network operators for more than two decades. Their specialized portfolio includes Silent Network Authentication Platform (SNAP) which provides seamless, secure authentication for mobile users, Total Traffic Manager (TTM™) solution for data traffic and policy management, and iCODE®, their leading A2P messaging service. All of ClearSky’s solutions are offered “as a service” and require little or no capital investment. Headquartered in Orlando, Florida, ClearSky serves over 100 mobile network operators globally, along with many other channel partners, network operators, and wireless providers. ClearSky addresses complex telecommunications issues with comprehensive, cost-effective solutions, combining cloud-based components with local infrastructure to ensure efficiency and reliability. Their commitment to innovation and ethical business practices has made them a trusted and integral partner in the industry. For media inquiries, please contact: info@csky.com
About Shush Inc.:
Shush Inc. is a leading provider of Network Authentication solutions, dedicated to redefining convenience and reliability in the industry. With a focus on innovative authentication processes, Shush Inc. empowers Mobile Network Operators with robust Network Authentication solutions tailored to meet their unique needs. For media inquiries, please contact: media@shush.pw
Find the original post on Medium by Jason Malki
I had the pleasure of interviewing Eddie, a seasoned executive with over 30 years of experience driving growth and innovation in the technology and telecommunications industries. He is currently the Co-Founder and CEO of Shush, which is revolutionizing network authentication. Shush partners with mobile network operators (MNOs) around the world to reduce mobile fraud. Sherlock is Shush’s cloud-based solution, which unlocks additional revenue for MNOs by facilitating network authentication transactions.
Prior to Shush, Eddie served as Regional CEO — Americas for Sekura.id, where he led the company’s expansion in the Americas and Asia regions. Eddie has a proven track record of success in sales, business development, and strategic planning. He has held senior leadership positions at Mavenir, LivePerson, and Tyntec, where he consistently delivered results and exceeded expectations. Throughout his career, Eddie has demonstrated a deep understanding of the market, a passion for technology, and a commitment to building strong relationships with customers and partners.
What motivated you to launch your startup?
When I was the Regional CEO at Sekura, I was responsible for the Americas and Asia, and I was speaking to mobile network operators all over the world. They were all saying the same thing: “We want to do network authentication. We have no idea how to do network authentication. We have no money to buy a platform to do network authentication, and we don’t know where to start….” So, I took this feedback to my Group CEO and was told that we, Sekura, only buy network data from mobile network operators after they launch the service. To which I said, “What are you buying if they have nothing to sell?”
At that point, I realized there was a problem in an industry that, according to McKinsey, has a $300B TAM. Also, A2P SMS OTP is currently a $19B business, and network authentication is projected to be 10 times that. After speaking to some mentors and realizing that network authentication services don’t have a demand problem (banks, fintechs), but rather a supply problem, I understood the opportunity. There are currently 1,000+ mobile network operators globally, and fewer than 100 have launched the service. In reality, that number is closer to 27.
At this point, I called my co-founder, and we launched the company.
What excites you about what you’re building?
Great question. I guess what really excites me about what we are building at Shush is that it’s a solution that is wanted, needed, and no one else saw this huge missing piece in the network authentication ecosystem.
What has been your biggest challenge in growing your startup?
Besides raising capital? Finding the right team members to take my vision from a thought to reality. You can always find smart people, but they need to fit the culture and drive, etc.
What are your future plans for your startup?
Build the leading mobile network authentication solution for mobile network operators. If we do that, then we have succeeded.
If you had to share “words of wisdom” with a founder who’s about to start their own startup, what would they be?
Talk to everyone, run your idea by them, and don’t worry about them “stealing your idea.” Get as much feedback as you can, and if your idea passes the smell test, then do it with as much passion as you can muster.
How can our readers follow you on social media?
Sure, on linked in www.linkedin.com/edecurtis on twitter/x @edecurtis and you can follow Shush on both LinkedIn / Shush-inc and on Twitter/X @ShushSherlock
Tags: Shush news
Pioneering Network Security with GSMA Open Gateway for API Innovation
DALLAS, TX, August 27, 2024 – Shush Inc., a leading provider of innovative Network Authentication solutions, is proud to announce its membership with the GSMA, a global organization dedicated to unifying the mobile ecosystem and driving innovation for positive business environments and societal change. Shush has solidified its work with the GSMA by signing an MOU to become a GSMA Open Gateway channel partnership. This agreement positions Shush as an industry leading solution to all Mobile Network Operators consulting with the GSMA for strategic direction.
The GSMA represents mobile operators and organizations across the mobile ecosystem and adjacent industries. Its vision is to unlock the full power of connectivity for the benefit of people, industry, and society. Through its Connectivity for Good, Industry Services and Solutions, and Outreach initiatives, the GSMA advances policy, addresses societal challenges, and promotes technology interoperability to ensure the mobile ecosystem thrives.
As a member of GSMA, Shush Inc. will contribute to advancing innovation and shaping the future of Network Authentication. By collaborating with industry leaders and participating in GSMA's initiatives and events, Shush Inc. aims to leverage its expertise in Network Authentication to drive positive impact and foster growth in the mobile ecosystem. Shush's Sherlock offering is both CAMARA and shortly anticipate being Open Gateway compliant, aligning with industry standards to ensure seamless integration and interoperability.
"We are beyond thrilled to join the GSMA and actively contribute to its mission of unlocking the full potential of Network Authentication," said Eddie DeCurtis, Co-Founder & CEO of Shush Inc. "Our membership in the GSMA provides us with a unique opportunity to collaborate with industry leaders at the cutting edge of mobile technology. We are eager to harness our advanced Network Authentication solutions to drive groundbreaking innovation, bolster security, and foster a more connected, secure, and thriving mobile ecosystem. This partnership underscores our unwavering commitment to shaping the future of Network Authentication and making a profound, lasting impact on the industry."
"We are excited to welcome Shush Inc. as a new member of the GSMA," said Henry Calvert, Head of Networks at GSMA. "Their expertise in Network Authentication will be a valuable addition to our community as we work together to drive innovation to accelerate programmable networks for enterprise developers, through the GSMA Open Gateway initiative."
"Joining the GSMA marks a significant milestone for Shush Inc.," said Daryl Carlough, Co-Founder & CFO of Shush Inc. "We look forward to contributing our knowledge and experience to the GSMA community, fostering innovation, and helping to create a more secure and interconnected mobile environment."
"At Shush Inc., we are committed to accelerating Network Authentication time to market," said David Galante, Vice President of Customer Experience & Marketing of Shush Inc. "Our collaboration with the GSMA will enable us to stay at the forefront of industry developments and ensure that our offerings meet the evolving needs of mobile operators and their customers."
About Shush Inc.:
Shush Inc. is a leading provider of Network Authentication solutions dedicated to redefining convenience and reliability in the industry. With a focus on innovative authentication processes, Shush Inc. empowers Mobile Network Operators with robust Network Authentication solutions tailored to meet their unique needs. For media inquiries, please contact: media@shush.pw
About GSMA:
The GSMA is a global organization unifying the mobile ecosystem to discover, develop, and deliver innovation foundational to positive business environments and societal change. Our vision is to unlock the full power of connectivity so that people, industry, and society thrive. Representing mobile operators and organizations across the mobile ecosystem and adjacent industries, the GSMA delivers for its members across three broad pillars: Connectivity for Good, Industry Services and Solutions, and Outreach. This activity includes advancing policy, tackling today's biggest societal challenges, underpinning the technology and interoperability that make mobile work, and providing the world's largest platform to convene the mobile ecosystem at the MWC and M360 series of events.
We invite you to find out more at www.gsma.com.
Tags: Press Release
If you’re a professional, expert, or product leader at a mobile network operator (MNO), you’ve probably been losing sleep over network security lately. With the rise of sophisticated cyber-attacks, keeping your network safe has become a top priority. The rise of SIM swap attacks should be particularly concerning to Infosec leaders at MNOs. But it’s not just about security anymore—it’s also about customer trust, experience, and staying ahead in a competitive market.
This article will walk you through the best practices for network authentication, offering practical, actionable insights that you can start applying today. Plus, we'll explore how integrating a solution can streamline your efforts, making your job easier and your network more secure.
Network authentication has never been more critical. As mobile devices become the primary method for users to access banking, ride-sharing, crypto trading, social media, and enterprise apps, the need for robust authentication mechanisms has skyrocketed. Add to that the fact that cyber threats are evolving at a breakneck pace, and you’ve got a recipe for sleepless nights.
One of the most significant challenges MNOs face today is the threat of SIM swap attacks. These attacks, where fraudsters hijack a user's mobile number by tricking the carrier to transfer the number to a new SIM card, have become increasingly common.
Just recently, several high-profile cases hit the news where consumers lost thousands of dollars because of SIM swap fraud. One recent high-profile SIM swap fraud attack occurred in Toronto, where ten individuals were arrested on August 1, 2024. This case involved over 1,500 compromised cellular accounts, leading to more than $1 million in losses.
The investigation, dubbed “Project Disrupt,” began in June 2023 and uncovered widespread fraud that affected telecom companies, financial institutions, and individual consumers.
It’s clear that the stakes are high, and the need for secure, reliable network authentication is more urgent than ever. Recently in the United States, the Federal Communications Commission (FCC) has taken steps to thwart future SIM swap attacks with a federal mandate. At the November 15, 2023, Open Meeting, the FCC adopted a Report and Order implementing new rules to protect cell phone consumers from SIM swap and port-out fraud, two practices that bad actors use to take control of consumers’ cell phones. This new order requires all MNOs in the US to disclose their secure authentication methods to the committee by July 8, 2024.
On the bright side, emerging technologies and standards are offering new ways to enhance network security. Silent Authentication, which uses network attributes that only the MNOs possess, offers a new way of confirming the mobile device requesting access to a third-party service is under the control of the rightful owner, not a fraudster.
Network authentication is the first line of defense in keeping unauthorized users out of your network. It’s how you ensure that the person or device trying to access your network is who they say they are. But as important as it is, authentication is also one of the most challenging aspects of network security to get right.
Let’s talk about some of the most common threats:
These threats are constantly evolving, which means your authentication methods need to be adaptable and resilient.
To effectively implement network authentication, it’s crucial to develop a strategy that’s both comprehensive and flexible. Here are some best practices to keep in mind:
By following these best practices, MNOs can significantly reduce the risk of unauthorized access and enhance overall network security.
When it comes to integrating network authentication into your services, there are several key considerations to keep in mind:
At this point, you might be wondering, "How can we implement all this without turning the business upside down?" That’s where Shush comes in.
Shush offers a comprehensive network authentication solution that’s not only secure but also incredibly user-friendly. Here’s what sets Shush apart:
Mitigating risks is all about being proactive rather than reactive. Here are some tips:
Finally, let’s talk about how to position network authentication as a value-added service.
Network authentication is a critical component of any MNO’s security strategy. With the increasing number of threats out there, it’s essential to have a solution that’s both effective and user-friendly.
Shush offers a proven, scalable, and compliant network authentication solution that takes the hassle out of securing your network. Instead of reinventing the wheel, why not trust Shush to help you protect your network and your users?
Remember, in today’s fast-paced world, staying ahead of the curve is crucial. By implementing the strategies and best practices discussed in this article, and by leveraging a trusted partner like Shush, you can ensure your network remains secure and your users stay happy.
