Since the hack in 2022, Optus has upped its game with its security. Their latest innovation, a team effort with MasterCard, might be the next stage of cyber security for all industries.
Why is Optus so keen to increase security?
In case you hadn’t noticed, Optus is currently trying to convince its customers that its data is safe and they needn’t worry or move to another Telco.
Back in the Summer of 2022, Optus’ database got hacked. There are several reasons for this. Firstly, they had an open-ended interface, meaning anyone could get into it. Secondly, the customer numbers increased one at a time, making hacking easier.
The hacker posted the information he (or she) got hold of onto 4Chan and threatened to release more data unless Optus gave them money. However, this hacker quickly deleted the comments. Personally, I don’t think he’s a bad guy; I think he got so carried away that by the time he realised what he’d done, it was already too late.
But what is Optus doing about it? As mentioned, working with MasterCard to create an “ID” is one way.
What is “ID”?
“ID” is a new partnership between Tier-1 Telco “Optus” and Credit Card Company “MasterCard”. As you might imagine, as a credit card company, Privacy and security needs to be at the forefront of MasterCard’s business.
The two companies have developed a system that allows Optus customers to prove their identity via the MyOptus App. It’s a reusable digital identity that people can use in Optus Stores and over the phone to verify that they are making the purchase.
How does ID work?
The first step is to verify your identity via the MyOptus App. Just take a photograph of the ID. Your ID can be your driving licence, passport, or any other government document that clarifies your identity. So long as the information on the document matches the information you submitted to Optus, you’re good to go on to the next step.
It will then scan your face to clarify that you are the person you claim to be. Next time you wish to purchase with your Optus account, the app will scan your face to ensure everything is in order.
How does the security side of ID work?
The app will look at the scan of your face and compare it to the scan on your ID. If the two match, all is well, and you can complete your purchase.
But what if you grow a beard? Or get a cool face tattoo? Or you’ve lost/put on weight?
Thankfully, the system uses biometrics. This means it doesn’t look for an exact match but looks at the structure of your face, which is very difficult to change. For example, it might notice that your eyes are 20% further apart than your eyes are from your mouth.
Growing a beard or getting a tattoo will unlikely stop the system from working. The only thing that might be plastic surgery.
Where might this technology lead in the future?
Today, cyber security is a massive concern for people worldwide. It seems there is a constant cat-and-mouse game between security experts and hackers. Optus is incredibly wise here by upping their security with “ID” at this stage.
And we highly doubt they will be the last company to implement such a system.
Conclusion
This is one of the smartest things I’ve ever seen Optus do. I worked there for years, and the conservative nature of their management team (at the time) crippled innovation in its hyperfocus on removing risk from the projects they oversaw. The result was useless ‘me too’ products (copies made by Optus of better alternatives) that cost millions of dollars and then failed terribly. One awful example was Optus’ version of Dropbox. Gah.
Since then, smarter heads have prevailed. This product from Mastercard and Optus services a clear need – witness the 600k customers they’ve already signed up for. It also addresses one of Optus’ lasting headaches from last year – the negative brand association between Optus and data security.
Well done, Optus and keep it up.