ITU-T Focus Group Digital Financial Services
                                                      Recommendations







                Title of recommendation       SIM cards security issues
                Working Group                 Technology, Innovation and Competition

                Workstream                    Security
                Audience for recommendation   MNOs





                MNOs and DFS agents should be made aware of the risk of SIM swap operations and ensure that mechanisms
                are in place to ensure that the legal, verified owner of the SIM is being provided with a new card.


               Systems should be made available by MNOs to ensure that PSPs can determine in real time whether a SIM
               has recently been swapped before high value transactions and payments to new beneficiaries are allowed.
               Having these controls in place can help to mitigate the effects of SIM swap fraud, a type of phishing fraud
               where attackers pose as MNOs to unsuspecting customers in order to steal their credentials.
               MNOs should track any occurrence of SIM swap attacks. Customer service agents should implement processes
               for detecting potentially fraudulent activity, and MNOs can use data such as tracking device type and location
               to detect these SIM swaps.






















































                                                                                                       31