It's insane how much easier it is to transfer a phone number than a domain name.
I also find it odd Facebook, and other sites will let you signup solely with a phone number. There's prepaid cell phone providers that recycle phone numbers, etc. Just seems so stupid to rely on a phone number for authentication alone, but two factor I'm okay with since you still need to know the password. Twitter has a developer product where you can be texted a code to login using only a phone number, which to me just seems wrong to do.
It'd be nice if trying to port a number, change important info, etc if they had to actually call you or text you first to confirm. But one of the problems is people will lose their phones, and need a new sim or phone... That I think I'd have a requirement to actually visit the store - but that doesn't work to well with prepaid phone providers without physical stores selling via other stores like Walmart, Target, etc. Maybe in that case without nearby stores, partner with your retailers to verify ID or fax a ID in.
"There's prepaid cell phone providers that recycle phone numbers, etc. "
This isn't limited to prepaid phone companies or even cell phones. This practice has gone on for years. (I worked at GTE/Verizon around the time of the merger). My understanding is that the bigger issue is that it is fairly easy to run out of phone numbers if we never repeat. If I remember correctly, most hold the number unused for 3-6 month and fewer folks change now since they can port numbers to a new company at times, if the company that owns the number allows for it. (Yes, the phone company at least used to own the number).
I can't speak for whether or not Facebook is doing it, but the carrier of the number is usually a determining factor on whether or not an arbitrary line is allowed for registration.
I also find it odd Facebook, and other sites will let you signup solely with a phone number. There's prepaid cell phone providers that recycle phone numbers, etc. Just seems so stupid to rely on a phone number for authentication alone, but two factor I'm okay with since you still need to know the password. Twitter has a developer product where you can be texted a code to login using only a phone number, which to me just seems wrong to do.
It'd be nice if trying to port a number, change important info, etc if they had to actually call you or text you first to confirm. But one of the problems is people will lose their phones, and need a new sim or phone... That I think I'd have a requirement to actually visit the store - but that doesn't work to well with prepaid phone providers without physical stores selling via other stores like Walmart, Target, etc. Maybe in that case without nearby stores, partner with your retailers to verify ID or fax a ID in.