In a statement, Communications, Cyber Safety and Arts Minister Paul Fletcher claimed fraudulent number porting affected thousands each year, with the average loss being $10,000.
Fletcher said he had asked the Australian Communications and Media Authority "to make new rules mandating stronger identity verification processes before mobile numbers can be transferred. The entire industry needs to put in place a solution otherwise those telcos without safeguards in place will be a magnet for fraudsters".
There was no indication given as to what other measures would be introduced. An ACMA statement also mentioned the use of 2FA but went no further.
Said Fletcher: “If criminals are using technology to scam Australians, we need to make sure we are using technology to fight back. The measure I am announcing today is the first outcome from the Scam Technology Project – but I expect there will be more in coming months.
“Criminals will continue to look for new ways to rip off Australians using the telephone system. That is why tackling telecommunications scams is a priority for the Morrison Government.”
The Australian Communications Consumer Action Network, a group that champions users' interests, welcomed Fletcher's announcement.
“Our mobile phones are essential to so much of our daily lives now. If your mobile phone number is fraudulently ported, you’re vulnerable to financial loss from scammers, negative credit ratings, and, of course, the emotional stress that accompanies these issues,” said ACCAN chief executive Teresa Corbin.
“This is an issue that we have been highlighting to the telco industry for quite some time now; it’s positive to see that action is finally being taken to safeguard consumers.”
Last year, following a breach of the social site Reddit, its engineering staff said that they suspected weaknesses inherent in SMS-based 2FA to be the root cause of the incident.
Two-factor authentication that uses standalone hardware token generators is generally considered much better when trying to mitigate the risk of such attacks.