SIM Fraud Solution Sparks Privacy Fears

Security

Privacy and data security concerns have been raised over a plan to link South African phone users’ biometric data to their SIM cards.

The proposal by the Independent Communications Authority of South Africa (ICASA) was among a list of draft regulations published by the watchdog for public commentary in March. If approved, it would give cell phone networks access to their customer’s fingerprints, facial recognition data, retina scans and biometric and behavioral data.

“On activation of a mobile number on its network, a licensee must ensure that it collects and links the biometric data of the subscriber to the number,” states the proposal. 

“A licensee must ensure that, at all times, it has the current biometric data of an assigned mobile number.”

Under the proposal, the mobile network must ensure that the biometric data of a user requesting a SIM swap corresponds with the biometric data associated with the mobile number.

Icasa said the proposed new security measure would reduce fraudulent activity and SIM swapping attacks. 

“The authority is of the view that the association of mobile numbers with the biometric data of a subscriber will assist to curb the hijacking of assigned subscriber mobile numbers,” said Icasa.

Members of the public, who have until May 11 to comment on the proposal, have expressed fears that it will lead to an invasion of privacy. Identity theft concerns have been raised in submissions to the DearSA website that query what could happen if a SIM card is stolen or cloned.

Other submissions ask what could happen if the biometric data entrusted to the care of phone networks is lost, hacked or stolen. 

Dear SA chairperson Rob Hutchinson said concerns had also been raised around the usage of private data by the service providers and potentially by the government. 

“We feel that this bill, although well-intentioned, has major flaws in practical application,” said Hutchinson.

“The public participation process has so far revealed many valid concerns from those who will be affected – which will hopefully encourage Icasa to consider the public input and redraft the proposal to meet the concerns of the public and requirements of government.

Products You May Like

Articles You May Like

Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe
DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages
CISA and EPA Warn of Cyber Risks to Water System Interfaces
US Organizations Still Using Kaspersky Products Despite Ban
US Government Issues Cloud Security Requirements for Federal Agencies

Leave a Reply

Your email address will not be published. Required fields are marked *