Telco industry needs to deploy a solution against identity, SIM swap fraud
Mobile service providers use remote liveness detection, biometric identification and SIM binding to stop identity theft.
South Africa’s mobile service providers continue to face pressure from new and existing clients to tighten up their data security, as fraudsters continue to take advantage of false identities and SIM swap scams.
Gur Geva, Founder and CEO of iiDENTIFii, a market leader in digital biometric identity verification, says: “The two main challenges facing telco service providers is the onboarding of new clients at a contractual level, and SIM swap fraud. Both are preventable if a service provider is able to ensure that SIM cards are purchased by legitimate entities and people.”
It was recently reported that fraudulent digital transactions in South Africa increased by 43.62% in 2020. According to SABRIC (South African Banking Risk Information Centre), fraudulent SIM swaps were involved in around 13 300 reported digital banking fraud incidents across online, mobile banking and banking apps.
“If a telco cannot spot an instance of identity fraud, especially when onboarding new clients, it will leave authentic businesses or individuals vulnerable to scams. Once a fraudster has network access to facilities like communications, mobile banking, money transfers, OTPs (one-time pins) and payment permissions, their ability to wreak havoc is potentially limitless,” says Geva.
The traditional contractual sign-up process is vulnerable to fraudsters because it is a paper-based system with a weak digital authentication approach. This means that despite the security measures implemented by RICA requirements, telecommunications businesses are still exposed to human error, collusion, blatant identity fraud and SIM swapping schemes.
SIM swapping is another popular scam because a fraudster poses as a legitimate cellphone accountholder by using fake identity documents. The assailant requests a SIM swap from the real cellphone accountholder’s mobile network provider so they can have access to their account and number on a different device. Now with complete access to mobile and internet services, the fraudster can act and transact as the accountholder, including requesting OTPs to use for fraudulent banking access and online purchases.
According to Geva, an effective biometric facial authentication solution can verify the very nature of the applicant, as well as binding the SIM card to the applicant’s identity or facial image. It can validate bar coded identification documents presented, RICA details and a selfie/facial image back to the Department of Home Affairs. This prevents identity fraud and proves that the individual applying for services online is a ‘live’ person and not a deepfake. From a SIM swap standpoint, it becomes a moot point as all SIM cards are data bound to a legitimate individual with accurate RICA requirements.
It is no secret that biometric identity solutions have found success in the banking sector because it is proven that the technology works well when securing data and service channels. iiDENTIFii has been seen as a vital extension of services to South Africa’s top banks, like Standard Bank’s DigiME solution. Jonathan Lamb, head of Platform Business at Standard Bank, says: “It is essential that we provide our clients with secure systems that they can trust. iiDENTIFii’s strong track record and formidable reputation make them an ideal partner in servicing our clients.”
Geva concludes: “Currently, telco operators have a tough time negating fraudulent practices. Not only are their existing clients potential victims, but these very service providers could also be supplying communication/connectivity capabilities to the criminal element themselves. This does not have to be the narrative moving forward as the technology is available to avoid huge financial losses and personal trauma.”