I am still finding it hard to meet industry people who know much about SIM Swap fraud. The latest report on the ABSA and MTN initiative shows the urgency of getting to grips with this insidious and not-too-well-understood fraud vector. If you don’t know about SIM Swap fraud, it is committed when a fraudster, using social engineering techniques, dupes the victim’s mobile phone operator into porting the victim’s mobile number to a SIM in the possession of the fraudster and so starts receiving any incoming calls and text messages, including banking one-time-passcodes that are sent to the victim’s phone.

I blogged about SIM Swapping being a growing problem back in March 2012. I gave a piece of good news then: there is a technological solution to the problem. It is already possible to tell if a mobile number has been ported, and then subsequently prevent transactions being authorised using that particular phone unless other indicators suggest the swap was in fact legitimate. One bank in the UK has already implemented such a solution back in 2012, to great success. The bank even won an industry award for its efforts in this domain.

Yet little else appears to have been done since. SIM Swap fraud is hitting the banks’ bottom line and could erode customers’ trust in the mobile, not only as a mechanism for receiving relatively simple security codes, but as a banking and payment device overall. With the industry investing so much capital into the mobile banking and payments platform, trust in that platform and the integrity of the networks is essential.

Ultimately the security of a bank is the top priority when customers choose who to bank with. I will be following the progress of the Task Force with interest.