Interesting.

Well, according to t- mobile, they do not provide any sort of ID verification service to any 3rd party. Which makes sense from a privacy perspective.

All they do is process short codes for 2FA. Customers can ask to block 2FA messages from specific entities. My account has no such blocks.

So I assume it's CapitalOne's bug and I will not waste more time trying to track down the root cause.

The "Digital Department" at Cap1 did offer to transfer the miles for me so I'll just do that.