SIM Fraud Solution Sparks Privacy Fears

by admin 0 Comments

Security
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Privacy and data security concerns have been raised over a plan to link South African phone users’ biometric data to their SIM cards.

The proposal by the Independent Communications Authority of South Africa (ICASA) was among a list of draft regulations published by the watchdog for public commentary in March. If approved, it would give cell phone networks access to their customer’s fingerprints, facial recognition data, retina scans and biometric and behavioral data.

“On activation of a mobile number on its network, a licensee must ensure that it collects and links the biometric data of the subscriber to the number,” states the proposal. 

“A licensee must ensure that, at all times, it has the current biometric data of an assigned mobile number.”

Under the proposal, the mobile network must ensure that the biometric data of a user requesting a SIM swap corresponds with the biometric data associated with the mobile number.

Icasa said the proposed new security measure would reduce fraudulent activity and SIM swapping attacks. 

“The authority is of the view that the association of mobile numbers with the biometric data of a subscriber will assist to curb the hijacking of assigned subscriber mobile numbers,” said Icasa.

Members of the public, who have until May 11 to comment on the proposal, have expressed fears that it will lead to an invasion of privacy. Identity theft concerns have been raised in submissions to the DearSA website that query what could happen if a SIM card is stolen or cloned.

Other submissions ask what could happen if the biometric data entrusted to the care of phone networks is lost, hacked or stolen. 

Dear SA chairperson Rob Hutchinson said concerns had also been raised around the usage of private data by the service providers and potentially by the government. 

“We feel that this bill, although well-intentioned, has major flaws in practical application,” said Hutchinson.

“The public participation process has so far revealed many valid concerns from those who will be affected – which will hopefully encourage Icasa to consider the public input and redraft the proposal to meet the concerns of the public and requirements of government.

This article was originally published by Infosecurity-magazine.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

Over 850 Vulnerable Devices Secured Through CISA Ransomware Program
Apache Cordova App Harness Targeted in Dependency Confusion Attack
What makes Starmus unique? – A Q&A with award-winning filmmaker Todd Miller
North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
US Takes Down Illegal Cryptocurrency Mixing Service Samourai Wallet

Leave a Reply

Your email address will not be published. Required fields are marked *