Page 37 - ITU-T Focus Group Digital Financial Services – Recommendations
P. 37
ITU-T Focus Group Digital Financial Services
Recommendations
Title of recommendation SIM cards security issues
Working Group Technology, Innovation and Competition
Workstream Security
Audience for recommendation MNOs
MNOs and DFS agents should be made aware of the risk of SIM swap operations and ensure that mechanisms
are in place to ensure that the legal, verified owner of the SIM is being provided with a new card.
Systems should be made available by MNOs to ensure that PSPs can determine in real time whether a SIM
has recently been swapped before high value transactions and payments to new beneficiaries are allowed.
Having these controls in place can help to mitigate the effects of SIM swap fraud, a type of phishing fraud
where attackers pose as MNOs to unsuspecting customers in order to steal their credentials.
MNOs should track any occurrence of SIM swap attacks. Customer service agents should implement processes
for detecting potentially fraudulent activity, and MNOs can use data such as tracking device type and location
to detect these SIM swaps.
31