In reply to a post by XGS_Is_On:

In reply to a post by j0hn83:

I think there's worse that can be done with the serial number.
As I understand it, the serial number is enough info for me to cut my neighbours fibre, clone their ONT and authenticate as them.
Unless there's some way Openreach can tell which CBT port each fibre is on.
If someone knows otherwise I'd love to hear the way it's done.

I might ask 1 of my neighbours on the same PON to borrow their ONT to test. Most are on Talktalk or BT who have generic login details.

You'd connect just fine as long as you're on the same OLT port. No practical way for OR to know: passive network innit.

Exactly what I thought. Not the best idea to put the entire Openreach ONT serial number database public facing then.
It's good for confirming you have the correct ONT, but a partial serial number being shown would be enough, or a challenge asking you to enter part of the serial 1st.

I was hoping it was yourself answering that. Cheers Mr T 👍🏻

In reply to a post by jamestbb:

Thanks, A&A show both services:

https://i.imgur.com/kRN9QbR.png

Cost prohibitive I'm afraid, though.

I'd suggest Aquiss. They have competent staff, and they do check the ONT serial number before migration. Cost is comparable to other services, and benefits from initial 6 month half-price discount, 12 month contract, no price rises, static IPv4 and IPv6.

In reply to a post by j0hn83:

You don't even need to know the serial number to migrate a line. Nobody ever asks for it.

If only that was true. We have asked for the ONT details and validated them accordingly for the best part of 3 years. For us this is an important step that all providers should be performing as standard.

How does this apply in real world practice. 6% of orders coming in to us have invalid/wrong details, that we get updated (this especially applies with early FTTP build areas). We also seeing circa 10 attempts each month from other providers who attempt to slam our FTTP circuits, where they simply have not checked and presumed they have matches.

For us, we have been saying that an auth transfer code needs reintroducing to the industry. The MAC approach worked well, so does a PAC with mobiles and EPP codes with domains. It shows a valid handshake. For us checking the ONT matches with a address gives us this valid handshake, but more importantly shows that we are applying a duty of care to our customers from the outset.

What actually happens when Openreach come to perform an FTTP service migration? Does any engineer even perform this, or is it purely a system automation?

How will the system decide, which of the two active FTTP services I have at my address, to migrate the service against, if no line ID is specified?

Thanks

In reply to a post by jamestbb:

What actually happens when Openreach come to perform an FTTP service migration? Does any engineer even perform this, or is it purely a system automation?

System automation. No visit required. The path carrying traffic from your ONT is redirected to your new ISP, at the head-end exchange.

In reply to a post by jamestbb:

How will the system decide, which of the two active FTTP services I have at my address, to migrate the service against, if no line ID is specified?

One of them will be selected early in the process. At worst, they'll pick one at random. That's why you want to choose an ISP who checks the ONT ID (as Aquiss explained above).

The "losing" ISP on the selected line will get notification from Openreach that the service will be disconnected on a given date. They may notify you when this happens (maybe with a "please don't leave us!" type of letter), but often this doesn't happen.

In reply to a post by candlerb:

[...]
The "losing" ISP on the selected line will get notification from Openreach that the service will be disconnected on a given date. They may notify you when this happens (maybe with a "please don't leave us!" type of letter), but often this doesn't happen.

Given this contact from a 'losing' provider is a crucial check against being slammed, they really should be doing this - do some really fail on this front?

In reply to a post by binary:

Given this contact from a 'losing' provider is a crucial check against being slammed, they really should be doing this - do some really fail on this front?

Yes, personal experience from 2019: I was on Plusnet FTTC, and got slammed by Talktalk.

I received a letter and a package a few days before, but these were both addressed to someone else so I just returned them unopened. It turns out that the package was likely the router from Talktalk.

Plusnet neither wrote to me, nor E-mailed me, about the impending disconnection.

It took about 3 weeks to resolve. I lost all my Plusnet referrals, I lost my account name (I had to pick a new one), and I lost my old static IP address (they assigned me a new one). I also lost my phone number, but fortunately Plusnet were able to retrieve it.

I agree with Aquiss: the MAC code system should be re-introduced. I guess the reason it was removed was because it was causing friction in migrations, e.g. if your existing ISP had a terrible call centre you could spend hours on the phone trying to get a MAC.

In reply to a post by candlerb:

I agree with Aquiss: the MAC code system should be re-introduced. I guess the reason it was removed was because it was causing friction in migrations, e.g. if your existing ISP had a terrible call centre you could spend hours on the phone trying to get a MAC.

How different is the internet world that a similar automated system to the mobile phone PAC process can't be introduced?

Make it a condition of offering a consumer communication service that the online portal has a big "Cancel my services" button, if Ofcom fancied doing their job this is a solvable problem.

In reply to a post by GonePostal:

How different is the internet world that a similar automated system to the mobile phone PAC process can't be introduced?

In principle it's doable, but it means every ISP would have to build one of these systems.

The only secure way would be to login to your ISP's account management portal to request a MAC code (and people do tend to forget their credentials for those).

With PAC codes, the network has reasonable confidence that the phone number the SMS came from is likely to be valid, as long as the message originated from within the operator's network. For an ISP the nearest equivalent would be the IP address, and the user on that address may change over time, or even be non-unique in the case of ISPs that use CGNAT.