C666:2021 Existing Customer Authentication
The Code together with the associated Existing Customer Authentication Industry Guideline (G668:2021) is designed to provide:
- a common set of principles for ensuring that CSP’s have strong protections in place to authenticate that a Requesting Person is the Customer and therefore able to undertake an activity associated with supply of a Listed Carriage Service with sufficient rigour to limit fraudulent activity that may affect the Customer;
- that a request to undertake an activity is being made by the Customer or their Authorised Representative and has adequate authentication that is consistent with the level of risk of harm that arises from the requested action;
- limits to the opportunity for fraudulent activity, in particular any action that could result in the Customer losing access to their Telecommunications Service (e.g. via SIM swap or service transfer).
NOTE: The Code has been submitted to the Australian Communications and Media Authority, but is yet to be considered for registration.