Blog

Q&A: The Impact of eSIMs on Fraud Rates

Post by:
Fitzwilliam Anderson
September 23, 2022
Post by:
No items found.
September 23, 2022
Q&A: The Impact of eSIMs on Fraud Rates

Earlier this month, Apple made headlines when it announced its plan to ditch the traditional SIM card in the iPhone 14. Since the announcement, we’ve received a ton of questions from customers about what, if any, implications this will have on Prove specifically and cybersecurity generally. To get the answers to these critical questions, I spoke with Prove’s VP of Authentication Bill Fish. 

So what’s happening exactly?

Bill Fish: Since 2018, Apple has had a hybrid approach to SIM cards, meaning that iPhones contain both a traditional SIM card that you can remove as well as support for eSIM cards. Moving forward, however, Apple plans to ditch the physical SIM card entirely and embrace a full eSIM model. Long story short: the iPhone 14 will be the first of its kind to have only eSIM capability. 

What’s an eSIM? 

Bill Fish: In many respects, the eSIM works exactly like the traditional SIM card with one major exception. Because the eSIM is embedded into the actual hardware of the phone, you can’t remove it with a paper clip or replace it manually when you travel. 

Why is Apple switching to eSIM?

Bill Fish:  An eSIM allows users to activate a new cellular plan digitally. This means you don’t have to purchase a new SIM card at the airport the next time you are going on an international trip. It also means that you can switch cellular service carriers almost instantly. T-Mobile is leveraging the eSIM to offer prospective customers a free 3-month free trial and smaller carriers are feeling bullish about the change to eSIM as well.  Beyond adding user convenience, embracing the eSIM gives Apple some much-needed space in the next iPhone. Because Apple is always on a mission to build thinner phones, every bit of hardware they can consolidate is a good thing in their eyes. 

What are the security implications of this transition? 

Bill Fish: Apple is feeling optimistic when it comes to eSIM’s impact on security. Kaiann Drance, Apple’s VP of iPhone marketing, explained that the eSIM makes devices ``more secure” because they can’t physically be removed if the device is stolen. While this is true, it is important to note that this is not the most common fraud vector. The bigger concern is traditional SIM swaps that take place remotely. 

Do you think the switch to eSIM will have an impact on the rate of SIM swaps?

Bill Fish: This is the million-dollar question. The logic behind the concern is sound: if the eSIM really makes it easier and faster for users to switch cellular plans, will fraudsters be able to conduct SIM swaps faster? Only time will tell but I think it’s important to underscore the fact that iPhones today already have eSIM capabilities so fraudsters can do this already. 

On the other hand, there are some experts in the cybersecurity industry who believe that this change will actually decrease SIM swaps: 

“Since there is no physical SIM card in an eSIM system, no one can fraudulently claim that their SIM card got lost or damaged as all the identity details reside in the owner's phone. eSIMs prevent cybercriminals from acquiring another SIM card or re-registering the number in their name.”

This narrative makes sense but fraudsters are an innovative bunch so you can be sure they will continue to wreak havoc regardless of Apple’s change in technology. 

What can companies do to fortify OTPs to reduce the impact of SIM swaps?

Bill Fish: Prove’s Trust Score™ is a real-time measure of phone number reputation that can be leveraged for identity verification and authentication purposes. Trust Score analyzes behavioral and Phone-Centric Identity™ signals from authoritative sources at the time of a potential transaction to mitigate fraud such as SIM swap fraud and other account takeover schemes. The important thing to emphasize about Trust Score is that it detects eSIM swaps as effectively as it detects the swap of old-school SIM cards. The main message for Prove customers who use Trust Score either as a standalone API or as a component of our Pre-Fill and Prove Identity solutions is simple: you're still protected from SIM swaps.

Create secure frictionless customer experiences using modern identity solutions

Join over 1,000 businesses that rely on Prove across multiple industries, including banking, FinTech, healthcare, insurance, and e-commerce. Contact us today.

Keep Reading...Read our latest white-paper on this subject!

Tap the button below to read our latest white-paper on the subject as industry leaders.

Accelerate your onboarding

Contact us to learn how leading companies are using Prove Pre-Fill to modernize the account creation process by shaving off clicks and keystrokes that kill conversion.

Create frictionless customer experiences

Get in touch to find out how we can help you identify your customers at every stage of their journey and offer them seamless and secure experiences.

Schedule a demo

Let our expert team guide you through our identity verification and authentication solutions. Select a date and time that works for you.

Schedule a demo

Find out how we can help you deliver seamless and secure customer experiences that comply with PSD2/SCA. Select a date and time that works for you.

Interested in more information about Prove Pre-Fill?

Download Aite-Novarica Group’s full report about Prove Pre-Fill, including a product overview, customer results, and how the product works.

Interested in more information about MFA?

Download the guide now to learn how you can improve security, cut down on fraud, and create the best possible customer experience.