Announcement date
1 April 2022
Link to announcement
Telecommunications Service Provider (Customer Identity Authentication) Determination 2022
Problem being addressed
Mobile devices often contain large amounts of personal information and are regularly used for user-authentication for a range of accounts including with telecommunications providers, financial and banking institutions, social media, retail websites and government services (such as the myGov online portal). However, bad actors (scammers) are increasingly finding new ways to target business processes and technologies to perpetrate scams on and through telecommunications services. If a scammer can receive text messages after gaining unauthorised control of a number or service, they can steal identities, obtain financial benefit, and/or fraudulently take control of Australians’ digital lives.
Proposal
The Australian Government is seeking to prevent unauthorised high-risk customer transactions in the telecommunications sector and mitigate fraud and associated harms to Australians.
Assessed RIS outcome
Good practice
Assessment comments
The analysis in the RIS is good quality overall. The RIS addresses the seven RIS questions and follows an appropriate policy development process commensurate with the significance of the problem and magnitude of the proposed intervention. In particular, we recognise that the problem section was redrafted following stakeholder consultation and this is representative of best practice.