ClickCease

How to Fight the Menace of Rising SIM Swap Fraud in the UK

Prove
April 1, 2021

Technological advancement in mobile has transformed the convenience quotient for people, especially in the payments and financial space. More people are increasingly transacting via mobile banking. As per data experts Caci, 25 million people in the UK, i.e., approximately half the country, are using mobile for banking activities. But, there is a flip side to this convenience quotient—fraud. The number of fraud cases has consistently increased over the past few years. As per the City of London Police, over 453,495 reports were filed in the last 13 months, resulting in financial losses to the tune of £2.4 billion through fraud and cybercrimes. One of the fraud techniques that has particularly stood out is ‘SIM swapping.’

How SIM Swap Fraud Works

SIM swapping, also known as ‘SIM splitting’ or ‘SIM jacking,’ is a fraudulent activity where a fraudster takes complete control of users’ phone accounts by either porting or cloning their SIM without their knowledge. First, scammers trick victims into divulging personal information about themselves and then socially engineer customer service representatives to take over a victim’s phone number by having them transfer the number to a SIM card in their possession. Once they’ve done this successfully, the fraudster has complete control over the unsuspecting victim’s phone number, allowing them full access to their accounts.

While victims are at risk of having their accounts drained or having their social media handles taken hostage, the harm to the service providers who failed to protect their users against these kinds of attacks ranges from significant reputational damage to liability for lost funds to the risk of losing users to more secure competitors.

The instances of SIM swap have been increasing globally. But the UK has seen an increasing number of SIM swap cases in the past few years. The highest number of SIM swap cases were recorded in 2018, where the cumulative loss was £2.9 million from 3,111 fraud cases. In the first half of 2020, 483 SIM swap cases were recorded in the UK, resulting in a loss of £839K; the average loss for a user amounted to £2,567.

Over the years, telecom service providers have implemented several safeguards to prevent mobile-related fraud. However, fighting sophisticated SIM card-related fraud requires leveraging the power of mobile intelligence. Enterprises with SIM swap detection technology may have visibility into the fact that a SIM swap has occurred. However, they cannot see when the event took place, which is a major factor in differentiating fraud from a legitimate transaction. Since many SIM swaps are legitimate, enterprises do not want to slow down the experience for customers who may have legitimately ported their numbers or upgraded their devices.

How Enterprises Can Thwart SIM Swap Fraud

What is required to address SIM swap fraud is a risk model that analyzes device and phone number-related attributes from authoritative sources at the time of a transaction and indicates the level of risk.

The good news is that Prove’s Trust Score™, designed to detect and stop this fraud vector, is now available in the UK for enterprises. Trust Score™ is a real-time measure of a phone number’s reputation which uses behavioral and phone intelligence signals to measure fraud risk and identity confidence. When a Prove client asks if a phone number is safe to send a text message to or engage with, Prove will perform many real-time checks, including a SIM swap check, to calculate a real-time Trust Score™. A low Trust Score™ will tell Prove clients to apply the appropriate policy, such as not sending the given SMS. By identifying phone numbers that have been associated with a SIM swap or other suspicious activity, Prove stops would-be scammers in their tracks and prevents them from bypassing the two-factor authentication process.

Trust Score™ has the additional benefit of creating a more seamless experience for legitimate users. One of the main complaints that consumers have about accessing online services is that proving their identities through passwords, knowledge-based authentication, and SMS one-time passcodes is cumbersome and time-consuming. Prove overcomes this trade-off by using advanced analytics to make logging into online accounts as easy for real users and impossible for scammers.

To understand why so many leading companies are using Trust Score™ to secure their customer experiences, download our report of critical vulnerabilities we uncovered by using Trust Score™ to analyze 385,000+ MFA transactions here.

Get in touch

Tags:
Banking
Tags:
EU

Keep reading

See all blogs
Company News
Introducing Prove Link™ – Unlocking the Power of Identity for Any Business

To continue achieving our mission of accelerating trusted interactions on the internet, we’re proud to announce the introduction of the Prove developer self-service platform and the Prove LinkTM SDK. With these tools, it’s now faster and easier for any company to integrate our industry-leading identity technology into its brand operations.

Rodger-Desai
July 16, 2024
Company News
Combating Deepfakes: Leveraging Phone-Centric Identity℠ Verification to Overcome Media-Based Vulnerabilities

Identity verification systems that depend on image or audio samples for digital customer onboarding are increasingly vulnerable to deepfake attacks.

Tim Brown
July 5, 2024
New York Passes Child Data Protection Act to Protect Kids Mental Health and Online Privacy

As the world becomes more digital, it also becomes more anonymous. While some level of anonymity has its place, it can also facilitate malicious activities such as cyberbullying, identity theft, and the spread of misinformation.

Mary Ann Miller
June 27, 2024