Swisscom 2FA eSim Falle

    • So Swisscom 2FA can be a devastating trap if you use an eSim.

    I have been working abroad for a few years and have activated my Swisscom line with eSim.

    Recently I had to reset my cell phone and didn’t think much about it and did so with the hope that I would be able to rescan the QR code.
    I thought wrongly, even if the QR code for eSim is available on my account, I can no longer access my account to do this.
    The Swisscom Login would like to send an SMS to my cell phone number that is no longer available.
    I thought, well, you just call the lovely guys and girls and they’ll solve it without any problems. I thought, the good man actually wanted me to drive 800km to have this done at the nearest Swisscom shop.

    He couldn’t temporarily turn off 2FA authentication or send me my QR code to my verified email address.
    So somehow the 2FA is a bit weak and too short-thinking, right?

    This will cause this security step to be deactivated in the future.
    It can’t be that I’m suddenly left without a SIM card and can no longer access my account.
    To be fair, I have to admit that in this case it is my own fault, but it could also have been that my cell phone was lost/stolen, but it can’t be that I have to travel halfway around the world to get to my account.

    Can anyone help me or do you know a contact at Swisscom I could contact to get around this 2FA?

    Greetings R. Sivgin

    Show original language (German)

    • @EL_BA wrote:

      @[deleted] In your case, support only has to unlink the Natel login or delete it. You can then log in to My-Swisscom again with your username + password without an SMS code or mobile ID, as deleting your Natel login automatically deactivates 2FA.

      I assume that support can only block the account if the cell phone is reported lost.

      As it appears, in this case Riwiwupp65 must appear in person at a Swisscom shop.

      It appears that Swisscom does not currently have any other solution in mind.

      Glotzologist

    Dear hed, I would like to do that if I had access to my account.
    I can no longer access my account without a working cell phone because I can’t get the SMS to verify it.

    Do you understand my problem?

    Show original language (German)

    hed wrote:

    @Riwiwupp65

    You can switch off 2FA yourself in Kundencenter mySwisscom. Please see here:

    Solved: Turn off 2-factor authentication | Swisscom Community​

    As I understand it, @Riwiwupp65 doesn’t even come into the Kundencenter. There are 2 security levels:

    39C9A745-0A6A-4162-BCE2-3D0D612DE6A2.jpeg

    If you choose the upper one and no longer have access to SMS, you are probably locked out.

    I don’t know of a solution right now. Except maybe try again through customer service. But I’m afraid it will simply fail because of the customer’s identification.

    Show original language (German)

      @Riwiwupp65

      Sorry, I didn’t realize that you are currently in this situation, 800 km away from home. I assumed that it was a report from the past, especially since the report is written in the past tense.

      Unfortunately, I don’t know whether there really is no other way to cancel 2FA or whether you just got in touch with the wrong employee at support.

      Show original language (German)

      So at the support I definitely found a very friendly and helpful man,

      He also redirected me to someone with more “authorization”.
      After half an hour of research, he was able to call me back (on my foreign number) to say that he couldn’t switch off this 2FA and that I really had to go to a Swisscom shop.

      I think that this 2FA backup still lacks a “backup” or an alternative authentication method to access your own account.

      In my opinion, it is a bit too short-sighted and a weak solution in relation to eSim with this method.
      I mean, what do people do when they’re on vacation, for example? Lose your cell phone?
      This eSim has been in operation for a long time and will be used more and more.

      I thought maybe there must be something else that I’m overlooking or that you might have a way to guide me.

      Greetings R.Sivgin

      Show original language (German)

      @Riwiwupp65

      Basically, the problem not only exists with the eSIM, but also with a physical SIM.

      But yes, you are right, a back door in an emergency, for example with several security questions, is common in many places, even in banks. However, this always means a certain weakening of the system.

      Maximum security with maximum comfort at the same time is simply not possible.

      Show original language (German)

      @“x”#1181204In your case, support only has to unlink the Natel login or delete it. You can then log in to My-Swisscom again with your username + password without an SMS code or mobile ID, as deleting your Natel login automatically deactivates 2FA. However, if you no longer know the password for your Swisscom login, support will only be able to issue a temporary password via SMS (to another phone number) or by post.

      Show original language (German)

      @EL_BA wrote:

      @[deleted] In your case, support only has to unlink the Natel login or delete it. You can then log in to My-Swisscom again with your username + password without an SMS code or mobile ID, as deleting your Natel login automatically deactivates 2FA.

      I assume that support can only block the account if the cell phone is reported lost.

      As it appears, in this case Riwiwupp65 must appear in person at a Swisscom shop.

      It appears that Swisscom does not currently have any other solution in mind.

      Glotzologist

      Show original language (German)

      Thanks for this warning. I actually thought Swisscom was a professional company and would have a “backup” solution in such a case - like emergency codes or something.

      I once jokingly asked “What if I sink my mobile in Lake Maggiore?”

      Ok, in this case the Swisscom shop would be 500 meters away. But in theory I’m not allowed in there because I have to talk to the bot first.

      So I’ll leave it alone with 2FA until there is a clean backup solution.

      Show original language (German)

      @EL_BA wrote:

      @Riwiwupp65 In your case, support only has to unlink the Natel login or delete it. You can then log in to My-Swisscom again with your username + password without an SMS code or mobile ID, as deleting your Natel login automatically deactivates 2FA. However, if you no longer know the password for your Swisscom login, support will only be able to issue a temporary password via SMS (to another phone number) or by post.

      @Riwiwupp65

      Hopefully it won’t work this way, otherwise any fraudster could undermine the protection that 2FA promises.

      Show original language (German)