ClickCease

How to Fight the Menace of Rising SIM Swap Fraud in the UK

Prove
April 1, 2021

Technological advancement in mobile has transformed the convenience quotient for people, especially in the payments and financial space. More people are increasingly transacting via mobile banking. As per data experts Caci, 25 million people in the UK, i.e., approximately half the country, are using mobile for banking activities. But, there is a flip side to this convenience quotient—fraud. The number of fraud cases has consistently increased over the past few years. As per the City of London Police, over 453,495 reports were filed in the last 13 months, resulting in financial losses to the tune of £2.4 billion through fraud and cybercrimes. One of the fraud techniques that has particularly stood out is ‘SIM swapping.’

How SIM Swap Fraud Works

SIM swapping, also known as ‘SIM splitting’ or ‘SIM jacking,’ is a fraudulent activity where a fraudster takes complete control of users’ phone accounts by either porting or cloning their SIM without their knowledge. First, scammers trick victims into divulging personal information about themselves and then socially engineer customer service representatives to take over a victim’s phone number by having them transfer the number to a SIM card in their possession. Once they’ve done this successfully, the fraudster has complete control over the unsuspecting victim’s phone number, allowing them full access to their accounts.

While victims are at risk of having their accounts drained or having their social media handles taken hostage, the harm to the service providers who failed to protect their users against these kinds of attacks ranges from significant reputational damage to liability for lost funds to the risk of losing users to more secure competitors.

The instances of SIM swap have been increasing globally. But the UK has seen an increasing number of SIM swap cases in the past few years. The highest number of SIM swap cases were recorded in 2018, where the cumulative loss was £2.9 million from 3,111 fraud cases. In the first half of 2020, 483 SIM swap cases were recorded in the UK, resulting in a loss of £839K; the average loss for a user amounted to £2,567.

Over the years, telecom service providers have implemented several safeguards to prevent mobile-related fraud. However, fighting sophisticated SIM card-related fraud requires leveraging the power of mobile intelligence. Enterprises with SIM swap detection technology may have visibility into the fact that a SIM swap has occurred. However, they cannot see when the event took place, which is a major factor in differentiating fraud from a legitimate transaction. Since many SIM swaps are legitimate, enterprises do not want to slow down the experience for customers who may have legitimately ported their numbers or upgraded their devices.

How Enterprises Can Thwart SIM Swap Fraud

What is required to address SIM swap fraud is a risk model that analyzes device and phone number-related attributes from authoritative sources at the time of a transaction and indicates the level of risk.

The good news is that Prove’s Trust Score™, designed to detect and stop this fraud vector, is now available in the UK for enterprises. Trust Score™ is a real-time measure of a phone number’s reputation which uses behavioral and phone intelligence signals to measure fraud risk and identity confidence. When a Prove client asks if a phone number is safe to send a text message to or engage with, Prove will perform many real-time checks, including a SIM swap check, to calculate a real-time Trust Score™. A low Trust Score™ will tell Prove clients to apply the appropriate policy, such as not sending the given SMS. By identifying phone numbers that have been associated with a SIM swap or other suspicious activity, Prove stops would-be scammers in their tracks and prevents them from bypassing the two-factor authentication process.

Trust Score™ has the additional benefit of creating a more seamless experience for legitimate users. One of the main complaints that consumers have about accessing online services is that proving their identities through passwords, knowledge-based authentication, and SMS one-time passcodes is cumbersome and time-consuming. Prove overcomes this trade-off by using advanced analytics to make logging into online accounts as easy for real users and impossible for scammers.

To understand why so many leading companies are using Trust Score™ to secure their customer experiences, download our report of critical vulnerabilities we uncovered by using Trust Score™ to analyze 385,000+ MFA transactions here.

Get in touch

Tags:
Banking
Tags:
EU

Keep reading

See all blogs
Comparing Identity Verification Providers for Developers

Developers know identity verification is an essential element of effective digital onboarding and the customer lifecycle. Choosing the right one can feel like navigating a maze of features and complexity. 

Nicholas Dewald
November 15, 2024
Document Verification: An Outdated Identity Check in the Digital Age

In an age where our smartphones have become almost like extensions of ourselves, the identity assurance achieved through smartphone possession and data is a natural evolution.

Leandro Margulis
November 13, 2024
Gig Economy Fraud: Can Digital Identities Be the Solution?

Rodger Desai, CEO of Prove, a leading identity verification solution provider, offers a unique perspective on the rising fraud in the gig economy, advocating for robust digital identity verification as a key defense mechanism.

Brad Rosenfeld
November 6, 2024