SIM card fraud: why mobile operators are turning attention to KYC
This is a guest post by Dmitri Laush, CEO of GetID, an omnichannel KYC solution.
The number of mobile gadget-users is forecast to grow to 7 billion people. Nowadays mobile operators worldwide have started to offer prepaid SIM-cards, which can be purchased online. It is a fast and convenient decision for users, however online onboarding gives a lot of opportunities to fraudsters, who can use fake identity documents, might be persons of interest or be related to terrorist activities. That’s why telecom companies in many countries across the globe are obliged to verify their customers’ identities during the onboarding process.
Let’s take a look at different types of fraud in the industry and how to prevent it.
Types of fraud in the industry
SIM swap and how it occurs
Bank customers all over the world lost more than £9.1 million (US$11.9 million) over the last five years because of SIM swap. How does it happen? SIM swapping (also known as SIM Jacking) takes place when a person’s contacts are transferred to the SIM of a malicious online user through some hacking techniques.
SIM jacking can happen when the person is not enabling 2FA authentication for some essential services like personal email, for example. So the fraudster can apply to the mobile operator claiming that SIM-card is lost and receive a new one under the victim’s name. Once the fraudster gets the SIM-card he can have access to a bank account and other sensitive information, and he can change the passwords, leaving you locked out from everywhere.
What identifies this type of fraud?
There are a few signs like:
– Weird activities in your social media. You see people replying to the messages or comments you have never sent
– Your text messages or calls do not reach the recipients
– Messages or calls from mobile operators
– Your passwords have been rejected
How to avoid it? Do not share any personal information publicly, use two-factor authentication, and use PIN verification where possible.
How unprofessional ID verification leads to SIM swap scams
The majority of SIM swap cases happen to the clients of those mobile operators that do not pay close attention to security measures. And one of them — poor ID verification, which does not include checking ID documents such as ID card, social security number, driver’s licence, etc.
Recently a number of mobile operators have announced that they are switching to e-SIM cards, so the only thing which will be needed for it is a tiny chip that will be inserted on the phone. They claim that it will be a lot more secure than a normal SIM-card. However, if the IMEI of the phone is stolen by fraudsters, then the SIM swap will still be possible.
What are the consequences?
The fraud in the telecom industry caused a loss of $28.3 billion in 2019. Customers of mobile operators lose trust when something like SIM swap or identity verification theft happen.
Mobile operators can be accused by the clients and banks of poor security measures or uneffective identity checks.
How can proper identity verification help?
KYC (know your customer) compliance can be needed to ensure that the person applying for a new SIM-card is not under sanctions and not included in any blacklist.
ID verification for e-SIM users
e-SIM users who want to buy some prepaid plan online, or start being a client of any mobile operator might upload the selfie along with ID. This way the system could compare the person on the ID picture and selfie.
ID verification for online payments
Many mobile operators now accept online payment via credit card or some payment systems. That again gives some opportunities to fraudsters. The risk of fraud can be avoided if the mobile operator will check the identity of the client every time online payment is happening.
ID verification for logins
2FA (2 factor authentication) and biometric facial recognition before login into the personal account on a mobile operator’s website can secure customers, build trust, and improve the reputation of any telecom company.
Regulations in the industry
As it was said before, telecom companies in 155 countries are required to check the identity of the customers before selling prepaid SIM-cards online. It will also be applied to e-SIM cards.
90 percent of mobile device users are now in the countries where ID verification is mandatory before buying the SIM. But the usual way of identity verification is not enough. For example, even in the US, SIM card registration is not compulsory. Thus, it creates a lot of possibilities for fraudulent activities. Europol is dealing with millions of cases based on SIM-card swap and mobile fraud. That is why even e-SIM card purchasers should be checked closely to avoid any fraud.
How to detect and prevent the fraud? Use digital KYC solutions when checking customers’ identities.
All in all, identity verification nowadays is essential for customer onboarding in the telecommunication industry, it is undeniable. On top of that, mobile services are in constant competition with each other and one security hit is enough to put your reputation in danger to the point where you will lose customers to your competitors. Implementing identity verification would help telecom companies to speed up subscriber onboarding, prevent fraud and stay compliant with regulations.
About the author
Dmitri Laush is CEO of omnichannel identity verification solution GetID.
DISCLAIMER: Biometric Update’s Industry Insights are submitted content. The views expressed in this post are that of the author, and don’t necessarily reflect the views of Biometric Update.