South Korea urged to review biometric mandate for mobile phone numbers 

South Korea’s National Human Rights Commission has urged the Ministry of Science and ICT to review its plan to mandate facial recognition for new mobile phone numbers. The government department’s policy is set for full implementation next week, on March 23.

The human rights watchdog recommended what it considers three improvements to the current policy — create a clear legal basis, offer alternative authentication methods, and publish biometric security inspection results.

The commission said biometric data is “sensitive information that is difficult to recover once leaked.” It called for stronger safeguards to protect the right to informational self‑determination, reports Seoul Economic Daily.

The ministry had instructed major carriers and budget operators to add facial authentication to stop voice phishing and fraud involving burner phones. Pilot testing began on December 23. The system compares an ID photo with a real‑time facial image. It applies to new activations, number transfers, device changes and ownership transfers.

The commission said the policy limits informational self‑determination. Users who refuse or fail facial authentication cannot activate mobile services. This forces them to hand over sensitive biometric data. Because mobile phones are now essential for banking, public services, and digital IDs, the commission warned that the policy could affect basic rights such as communication, expression and access to information.

It also believes the policy lacks legal grounds. Other laws, such as the Immigration Act and the Electronic Financial Transactions Act, explicitly regulate biometric data. The Telecommunications Business Act does not. It only requires presentation of documents like resident registration cards.

The commission questioned whether the policy would even work. It said burner phones can still be activated when the registered owner participates directly, such as in “durability loans,” where people transfer phone registrations for money.

Corporate‑name activations also remain a loophole. Facial authentication, it added, is a probabilistic system that can misidentify users and may be bypassed with deepfakes or people who look alike. On this point, it is not clear how well the commission understands biometric authentication or how accurate the facial authentication systems used would be.

The commission warned that elderly people, people with disabilities, and digitally vulnerable groups may face extra barriers. Physical traits or limited digital skills could make facial authentication difficult. It said the government must clearly explain how biometric data is collected, used, stored and destroyed. It also urged regular security inspections and public disclosure of the results to build trust.

Voice phishing remains a major threat in South Korea. As of November 2025, police recorded 21,588 cases that year, with losses reaching 1.13 trillion won (US$760 million), which is the first time damages had exceeded 1 trillion won.

Article Topics

biometric authentication  |  biometrics  |  facial recognition  |  identity verification  |  smartphones  |  South Korea