Link to an amendment published at 88 FR 85814, Dec. 8, 2023.
- (a) Applicability. This section applies to all providers of commercial mobile radio service (CMRS), as defined in 47 CFR 20.3, including resellers of wireless service.
- (b) Authentication of port-out requests. A CMRS provider shall use secure methods to authenticate a customer that are reasonably designed to confirm the customer's identity before effectuating a port-out request, except to the extent otherwise required by 47 U.S.C. 345 (Safe Connections Act of 2022) or Part 64 Subpart II of this chapter. A CMRS provider shall regularly, but not less than annually, review and, as necessary, update its customer authentication methods to ensure that its authentication methods continue to be secure.
- (c) -(e) [Reserved]
- (f) Employee Training. A CMRS provider shall develop and implement training for employees to specifically address fraudulent port-out attempts, complaints, and remediation. Training shall include, at a minimum, how to identify fraudulent requests, how to recognize when a customer may be the victim of fraud, and how to direct potential victims and individuals making potentially fraudulent requests to employees specifically trained to handle such incidents.
- (g) [Reserved]
- (h) This section contains information-collection and/or recordkeeping requirements. Compliance with this section will not be required until this paragraph is removed or contains a compliance date.
[88 FR 85813, Dec. 8, 2023]