Africa-Press – South-Africa. Earlier this week, regulator the Independent Communications Authority of South Africa (Icasa) published draft regulations for public comment. Included was a proposal to tie South Africans’ biometric data to their SIM cards – and, by extension, their phone numbers.
This is proposed to crack down on SIM swap fraud and it may well be the only solution to protect the greater society.
Your cellphone could provide
a way for cybercriminals to access your financial accounts and gain access to
your sensitive personal information and other accounts – all of this
through your mobile number.
As soon as a criminal is able
to change the SIM card connected to your mobile number, it gives
them control over your mobile number — and they are able
to receive the access code to your account.
This gives the criminal free rein to
act as if it they are you conducting transactions while you are completely unaware of
what is taking place. In fact, no one will ever know that it was not you that
withdrew all the money in your current account when it was withdrawn from your
mobile app.
SIM card fraud is unfortunately rife in
South Africa and mobile network operators are at a loss how to deal with this.
In addition, the RICA legislation (Regulation of Interception of
Communications and Provision of Communication-related Information Act 70
of 2002) places a positive obligation on mobile
network operators to obtain certain when a
SIM card is sold.
Before a
telecommunication service provider enters into a contract with a
subscriber or sells them a SIM card, the telecommunication must get
details such as the subscriber’s full names, identity number, residential
and business or postal address, whichever is applicable; and a certified
photocopy of their identification document on which their photo, full
names and identity number, whichever is applicable, appear. Such information
must also be retained.
The problem, however, is
that mobile network operators make use of various entities to sell SIM cards and
cannot be at all places as all times to monitor that this information is
correct and in fact obtained. Whether we like it or not, fraud
takes place, and this means that SIM swaps take place. There is sometimes no
record of the person behind a SIM card and this allows for
criminal activity to take place unchecked.
In a world with various
pieces of legislation in place, the broader legislative landscape
should serve the public interest. It is undoubtedly in the
public interest to prevent or at least aim to limit cyber fraud and therefor
collecting biometric information could very well serve the public interest.
Icasa as the
telecommunication regulator should support mobile network obligations and put
forward solutions that benefit the industry and society in general. This might
just be a workable solution. The future will shed light as to the possibilities
when it comes to SIM card fraud and curbing that through biometric data.
Ahmore
Burger-Smidt, Director and Head of Data Privacy and Cybercrime Practice at Werksmans Attorneys. Views are the author’s own.
For More News And Analysis About South-Africa Follow Africa-Press
