Just a guess, but perhaps because of the standard requirement for a PIN when porting a number. (If there is no PIN, there has to be a substitute for the PIN..... which is just kind of confusing, and less secure for protecting your number from accidents....)
@KentE, your post intrigued me enough to check in with Tello Support. As soon as I requested a callback, I got an e-mail acknowledging my request, which read in part:
[i]"Here at Tello we take account security very seriously and so to help ensure that your information and account are fully secure, each account now (since March 28th, 2019) has a 4 digit Security PIN.
The 4 digit Security PIN provides an additional layer of protection for your Tello account and you will be asked to enter it in your online account when performing certain actions such as changing your device or updating your information.
You will also be asked for your Security PIN when calling to our Live Support team to request certain information or actions.
The Security PIN does not in any way affect the services or features you avail of now.
Also note that the Security PIN has nothing to do with a port out PIN or your account password. They are completely separate.
Your Security PIN will only ever be provided to you by email - to the email address you have registered in your online account.
Check your junk mail also to see if the email landed in there.
We recommend that once you receive the Security PIN email, that you then change the Security PIN to one that you prefer and can easily remember. You do this in your online account only."[/i]
So, if I am interpreting this correctly, the new PIN is not related to porting out. That means that anyone porting out still needs to use "0000" as the port-out PIN (I asked about this a few months ago just in case I ever needed the information).
On a related note, when I originally went to their "Contact Us" page and wanted to open a chat session with a Tello rep, that option was gone -- only e-mail and phone were available. I asked the phone rep about that, and he explained that they temporarily removed that option while the PIN information was generating way more Support inquiries than usual, but chat would be back soon. I was impressed that their Support team had the foresight to anticipate more volume, ahead of time, and take proactive measures to handle the additional workload. Yet another indication that Tello might have low rates, but they are truly a first-rate company!
Tello should just use this security PIN during port out to give extra layer of protection on our numbers. In the past, Tello doesn't require port out PIN, so 0000 is used since the port receiving side needs a PIN.
Thanks, Diedrich_Duo, for your direct Tello inquiry. I try to keep a file of all account information for my lines, and I was in the process of erroneously recording the new PIN as port-out information. (Related: unless recently changed, Tello account numbers needed for porting are not available online, but require a request from customer service.)
Zubrin has a good point-- replacing the "universal" port-out PIN with one specific to the line would seem to be a reasonable security improvement. It's possible that Tello deems the absence of easily available account number sufficient security for porting security protection.
@KentE, you are most welcome! Hope I saved you at least a couple of minutes' worth of wasted time (although it probably took at least that long to read my post). Yes, Tello only shares your account number when you contact their CS team -- I also got that info when I inquired about porting out "just in case".
My untested-and-unproven hypothesis is that it must be simpler for Tello to just use the default "0000" PIN for porting out, in order to minimize their record-keeping and streamline the porting process.
One more interesting tidbit -- when I logged onto their website this morning I noticed that my phone's ID (the ESN) is now only partially revealed (followed by *******), so from now on it is most likely only available by contacting their CS team.
Thanks @Diedrich_Duo and all. These changes make sense. If someone had just your Tello username/password prior to this change, they could change e-mail address, update name/address, swap device, change/port number, harvest ESN, close account, etc.
ETA: By protecting ESN in dashboard, if hacker is able to obtain username/password/PIN and wreak havoc, user can still contact Tello support and possibly provide ESN as "proof of ownership" even after all details in dashboard (including PIN) have been modified. Tello maintains records of swaps, so even if ESN not active on line should still be able to link to hijacked account.