I forget the details, but mostly all I remember was that it was a huge PITA to work with HTTPS connections (all the more reason to try to use it more often, given the lack of other alternatives).
A few of possible methods of inserting a mobile number into a HTTPS connection:
1) Instead of negotiating a TLS end-to-end tunnel with the banking site, have the device negotiate the tunnel with the proxy, and then the proxy initiates a second tunnel with the banking site. This require[d|s] a lot of finangling with the trusted certs on the device (usually burned in via firmware for older phones). I don't know anybody that does this today; I only list it here as a possibility.
2) Believe it or not, some older devices actually sent the mobile number as part of the HTTP headers originating from the device browser user-agent. For these devices, content sites using HTTPS connections were almost always guaranteed to receive the mobile number (the irony is rich). In these scenarios, carrier proxies would actually strip the mobile number or other identifying characteristics from the outbound HTTP requests.
3) More straight-forward, a bank installs a native user-agent on the device (e.g. banking app) that injects the mobile number after negotiating an e2e TLS tunnel.
#2 didn't admittedly answer your question, but I threw it in there for the sake of completeness.
A few of possible methods of inserting a mobile number into a HTTPS connection:
1) Instead of negotiating a TLS end-to-end tunnel with the banking site, have the device negotiate the tunnel with the proxy, and then the proxy initiates a second tunnel with the banking site. This require[d|s] a lot of finangling with the trusted certs on the device (usually burned in via firmware for older phones). I don't know anybody that does this today; I only list it here as a possibility.
2) Believe it or not, some older devices actually sent the mobile number as part of the HTTP headers originating from the device browser user-agent. For these devices, content sites using HTTPS connections were almost always guaranteed to receive the mobile number (the irony is rich). In these scenarios, carrier proxies would actually strip the mobile number or other identifying characteristics from the outbound HTTP requests.
3) More straight-forward, a bank installs a native user-agent on the device (e.g. banking app) that injects the mobile number after negotiating an e2e TLS tunnel.
#2 didn't admittedly answer your question, but I threw it in there for the sake of completeness.