SIM card fraud - who is to blame?

MKFrost

Expert Member
Joined
Oct 23, 2012
Messages
3,837
I'm not technically savvy but how about linking the IMEI number of the phone to the bank account and not the sim/phone number?

In that way you can swap sim's until you are blue in the face. If you do not have the actual phone you cannot do anything. If you lose your phone then you go through the normal procedure as before.
 

rrcatto

Well-Known Member
Joined
May 24, 2007
Messages
280
To do a SIM swop, you need to present the RSA ID associated with the SIM - how do the fraudsters get around this?
 

Allin

Expert Member
Joined
Oct 6, 2010
Messages
1,311
RICA is another waste of time and money. In our dorpie you can buy "pre-RICA'd" SIMS at just about every Chinese store.
 

MDE

Expert Member
Joined
May 18, 2009
Messages
2,031
I'm not technically savvy but how about linking the IMEI number of the phone to the bank account and not the sim/phone number?

In that way you can swap sim's until you are blue in the face. If you do not have the actual phone you cannot do anything. If you lose your phone then you go through the normal procedure as before.

From what I've been told recently is that the ABSA app does link the IMEI to the account. I think the issue is also online internet banking and people entering there details to phishing sites.

I read somewhere which I agree with is to put a 48hr hold on payments to any new beneficiaries and a note when you login on the page somewhere showing the pending payments.
 

MKFrost

Expert Member
Joined
Oct 23, 2012
Messages
3,837
...put a 48hr hold on payments to any new beneficiaries and a note when you login on the page somewhere showing the pending payments.

I understand the reasoning behind this but it will be taking step backwards in my opinion.

The banks should improve on the method of authentication. As said, currently the SMS system is linked to the phone number and thus the sim card. They should break away from this and link to the IMEI number which is linked to the phone.

Authentications are thus still sent to the phone no matter whether you change the sim or not. Only way to bypass your authentication process will be to physically steal your phone.

This sort of removes one of the weak links i.e. the service providers from the equation.
 

markings

Expert Member
Joined
Jan 24, 2010
Messages
1,713
I understand the reasoning behind this but it will be taking step backwards in my opinion.

The banks should improve on the method of authentication. As said, currently the SMS system is linked to the phone number and thus the sim card. They should break away from this and link to the IMEI number which is linked to the phone.

Authentications are thus still sent to the phone no matter whether you change the sim or not. Only way to bypass your authentication process will be to physically steal your phone.

This sort of removes one of the weak links i.e. the service providers from the equation.
Delaying payments is a solution which would have some detrimental economic implications for new businesses.

Why not link the bank account to 2 SIMs and send the login and new beneficiary notice to both of them? Phones are cheap nowadays.
 

supersunbird

Honorary Master
Joined
Oct 1, 2005
Messages
55,687
SIM card swap fraud is totally the relevant network and the criminals fault.

The using of SMS for authentication is totally the relevant banks fault.

The giving out of bank accounts security details in phishing e-mails/websites is totally the customers fault.
 

House

Banned
Joined
Aug 17, 2006
Messages
5,482
Both the services providers and banks are at fault. None of these companies have internal processes or security in place to prevent this fraud. Instead, both companies have terms and conditions in place letting clients know that the fraud is their own fault and in many instances will not reimburse losses suffered.

So, unless they shape up their internal security processes this fraud will continue to increase and the companies will keep pointing fingers to clients...
 
Top