FB pixel

SIM card fraud: why mobile operators are turning attention to KYC

SIM card fraud: why mobile operators are turning attention to KYC
 

This is a guest post by Dmitri Laush, CEO of GetID, an omnichannel KYC solution.

The number of mobile gadget-users is forecast to grow to 7 billion people. Nowadays mobile operators worldwide have started to offer prepaid SIM-cards, which can be purchased online. It is a fast and convenient decision for users, however online onboarding gives a lot of opportunities to fraudsters, who can use fake identity documents, might be persons of interest or be related to terrorist activities. That’s why telecom companies in many countries across the globe are obliged to verify their customers’ identities during the onboarding process.

Let’s take a look at different types of fraud in the industry and how to prevent it.

Types of fraud in the industry

SIM swap and how it occurs

Bank customers all over the world lost more than £9.1 million (US$11.9 million) over the last five years because of SIM swap. How does it happen? SIM swapping (also known as SIM Jacking) takes place when a person’s contacts are transferred to the SIM of a malicious online user through some hacking techniques.

SIM jacking can happen when the person is not enabling 2FA authentication for some essential services like personal email, for example. So the fraudster can apply to the mobile operator claiming that SIM-card is lost and receive a new one under the victim’s name. Once the fraudster gets the SIM-card he can have access to a bank account and other sensitive information, and he can change the passwords, leaving you locked out from everywhere.

What identifies this type of fraud?

There are a few signs like:

– Weird activities in your social media. You see people replying to the messages or comments you have never sent

– Your text messages or calls do not reach the recipients

– Messages or calls from mobile operators

– Your passwords have been rejected

How to avoid it? Do not share any personal information publicly, use two-factor authentication, and use PIN verification where possible.

How unprofessional ID verification leads to SIM swap scams

The majority of SIM swap cases happen to the clients of those mobile operators that do not pay close attention to security measures. And one of them — poor ID verification, which does not include checking ID documents such as ID card, social security number, driver’s licence, etc.

Recently a number of mobile operators have announced that they are switching to e-SIM cards, so the only thing which will be needed for it is a tiny chip that will be inserted on the phone. They claim that it will be a lot more secure than a normal SIM-card. However, if the IMEI of the phone is stolen by fraudsters, then the SIM swap will still be possible.

What are the consequences?

The fraud in the telecom industry caused a loss of $28.3 billion in 2019. Customers of mobile operators lose trust when something like SIM swap or identity verification theft happen.

Mobile operators can be accused by the clients and banks of poor security measures or uneffective identity checks.

How can proper identity verification help?

KYC (know your customer) compliance can be needed to ensure that the person applying for a new SIM-card is not under sanctions and not included in any blacklist.

ID verification for e-SIM users

e-SIM users who want to buy some prepaid plan online, or start being a client of any mobile operator might upload the selfie along with ID. This way the system could compare the person on the ID picture and selfie.

ID verification for online payments

Many mobile operators now accept online payment via credit card or some payment systems. That again gives some opportunities to fraudsters. The risk of fraud can be avoided if the mobile operator will check the identity of the client every time online payment is happening.

ID verification for logins

2FA (2 factor authentication) and biometric facial recognition before login into the personal account on a mobile operator’s website can secure customers, build trust, and improve the reputation of any telecom company.

Regulations in the industry

As it was said before, telecom companies in 155 countries are required to check the identity of the customers before selling prepaid SIM-cards online. It will also be applied to e-SIM cards.

90 percent of mobile device users are now in the countries where ID verification is mandatory before buying the SIM. But the usual way of identity verification is not enough. For example, even in the US, SIM card registration is not compulsory. Thus, it creates a lot of possibilities for fraudulent activities. Europol is dealing with millions of cases based on SIM-card swap and mobile fraud. That is why even e-SIM card purchasers should be checked closely to avoid any fraud.

How to detect and prevent the fraud? Use digital KYC solutions when checking customers’ identities.

All in all, identity verification nowadays is essential for customer onboarding in the telecommunication industry, it is undeniable. On top of that, mobile services are in constant competition with each other and one security hit is enough to put your reputation in danger to the point where you will lose customers to your competitors. Implementing identity verification would help telecom companies to speed up subscriber onboarding, prevent fraud and stay compliant with regulations.

About the author

Dmitri Laush is CEO of omnichannel identity verification solution GetID.

DISCLAIMER: Biometric Update’s Industry Insights are submitted content. The views expressed in this post are that of the author, and don’t necessarily reflect the views of Biometric Update.

Article Topics

 |   |   |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Biometrics a consistent base for varied fraud protection stacks

Biometrics for fraud protection have become a critical piece of the online world, minting billion-dollar companies, but one of the…

 

Govt should collaborate with private sector on DUA Bill: Experts

The UK is debating its new Data (Use and Access) Bill, a legislation that is supposed to pave the way…

 

Managing the risks of a digital public infrastructure in the United States

Establishing a national Digital Public Infrastructure (DPI) in the United States could serve as the backbone for a modern societal-scale…

 

Smile ID rides Nigeria’s surge in biometric verifications to 200M milestone

Smile ID has completed 200 million identity verification checks across the African continent, after celebrating 150 million checks in June….

 

Securing privacy and civil liberties in the age of cybersecurity reform

A new report that outlines a roadmap to fortify the United States’ defenses against cyber threats also highlights the delicate…

 

CDPI and GEALC sign LOI to boost DPI in LATAM, Caribbean

Work to advance the development and implementation of Digital Public Infrastructure (DPI) in  Latin America and the Caribbean region is…

Comments

2 Replies to “SIM card fraud: why mobile operators are turning attention to KYC”

  1. Dmitri, can you confirm that your “9.1 million (GBP) over the last five years because of SIM swap” number is correct? That seems awfully low and frankly not worth the bother for banks to defend. From where did you source this number? If it is indeed this low, can you comment on the trajectory or the reason why banks should pay attention to this? Thanks!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events