Standard Bank is working on an authentication system that does not use SMS or rely on a mobile number.
Internet banking fraud that uses a SIM-swap scam, in addition to stolen login credentials, continues to be a problem for clients of South African banks.
Many banks adopted one-time PINs (OTPs), sent by SMS, as a second factor of authentication to protect client accounts.
In the event that your online banking login details are compromised, criminals can’t get into your accounts without the OTP.
Fraudsters attack this second layer of authentication through various types of SIM-swap scams, all of which result in them getting control of your cellphone number for long enough to log into your bank account.
Currently, only Capitec offers a second factor authentication for consumer bank accounts in South Africa that isn’t linked to a cellphone number.
However, Standard Bank said it is able to detect and validate customers’ SIM age, and has built rules around the SIM-age validation.