How would you solve the problem of internet banking and SIM-swap fraud?

supersunbird

Honorary Master
Joined
Oct 1, 2005
Messages
45,699
#68
I would use an encryption software like bit locker for the sim cards. Or something similar. OR put a smart chip in everyones wrist!
And that will solve SIM swap fraud how? And prevent the One Time Pin being sent to that fraudulently acquired SIM how?

Curious to learn.
 

vic777

Expert Member
Joined
May 6, 2015
Messages
1,219
#69
I would use an encryption software like bit locker for the sim cards. Or something similar. OR put a smart chip in everyones wrist!
SIM cards already have encryption, that is not the problem. Criminals don't hack the SIM or access sensitive data on the SIM. The problem is that banks don't all detect SIM swaps.
 

terryn9002

Active Member
Joined
May 31, 2017
Messages
79
#70
Firstly I am with Capitec Bank and Telkom Mobile. I have not had any problems with either.

I use the banking app which does not use OTP or sms verification.

But if I do realise something is up I would contact my bank imidiately. They are very helpfull and I am sure they will be able to reverse any fruadulent transactions.
 

AlphaJohn

Executive Member
Joined
Sep 10, 2012
Messages
6,100
#71
Firstly I am with Capitec Bank and Telkom Mobile. I have not had any problems with either.

I use the banking app which does not use OTP or sms verification.

But if I do realise something is up I would contact my bank imidiately. They are very helpfull and I am sure they will be able to reverse any fruadulent transactions.
The app use TOTP+HOTP, its just in the background. When it asks you for a pin on transaction it sends the OTP to via HTTPS instead of letting you type it in on the ste. You can see this in action when you have no internet on your phone and have to generate the code.
 

encrypted

Senior Member
Joined
Oct 19, 2004
Messages
753
#75
Capitec have the dongle/app.
FNB is slowly moving everything to the APP.

Absa/Std are so crap it doesn't really matter..
 

Rouxenator

Dank meme lord
Joined
Oct 31, 2007
Messages
33,715
#76
What you guys seem to forget is that SIM swap fraud is only used for getting access to people's bank accounts. It can be much bigger than that.

If your SIM is swapped and then used to call in a bomb threat to parilment, to set off a cellphone bomb, or to download child pr0n, or any other illegal activities YOU will be guilty of it. The subscriber identity module is directly linked to you. This is identity theft.
 

SykomantiS

Expert Member
Joined
May 7, 2012
Messages
2,128
#77
If sms has to be used, and there is no other way, how about a csp?

A request for the customer selected pin is sent to the device (this pin different from the login credentials and atm pin) and only after a valid reply, send the otp.

So you'd have a username, password and csp in order to log in, the csp being used to verify before an otp is sent.
 
Top