Reported details and reaction are emerging to the March 2022 proposal by the Independent Communications Authority of South Africa (ICASA), the country’s telecoms regulator, to link individuals’ biometric data to SIM cards in the hope of tackling fraud.
If passed into law, mobile operators will have access to users’ fingerprint mapping, face biometrics, eye scans and even behavioral data, according to ITWeb. The data would be bound to users’ SIM cards and phone numbers and the biometric database would be used to authenticate the identity of subscribers requesting a SIM swap.
SIM-related fraud has rocketed. The South African Banking Risk Information Centre (SABRIC) said in November 2021 that SIM-swaps in digital banking fraud leapt 91 percent in a year.
The consultation period for the draft proposals closes on 11 May and just ahead of the deadline, opinions pour in from the tech sector, while a researcher at CMU Africa launches a study into the impacts of SIM registration in six African nations.
iiDENTIfii declares support
Gur Geva, co-founder and CEO of South Africa’s iiDENTIFii, a face biometrics specialist, says the objective of the proposals is to prevent crime and protect consumers from identity fraud: “Criminals who use a multitude of mobile numbers in illegal activities including fraud, money laundering, terrorism and kidnapping would have a harder time hiding from law enforcement should new regulations come into effect.
“And because biometric data cannot be copied, consumers would have an added layer of protection against their cell number being used in identity theft or to authenticate fraudulent payments.”
Geva sees the linking of biometrics to SIM cards as safe and straightforward. “As the deadline for public comment on the draft regulation approaches, iiDENTIFii has been engaging with several telcos on deploying remote digital biometric authentication in accordance with stringent local and international approved standards. The proposed regulations are far more sophisticated than current RICA laws in terms of protecting South Africans against fraud.”
He says strict privacy laws would determine how data is handled and no raw biometric would be stored.
The benefits would not end there. Biometrics linked to identity could have positive impacts across government, according to Geva. “Government departments like Home Affairs and Social Development would be able to ensure grants, documents, and other communication reaches the intended recipient.”
Then on to private sector pursuits: “There are also massive opportunities within the digital payments space as remote biometrics enable access to services that have the potential to make a meaningful impact on financial inclusion.
“As most South African adults own a mobile phone, biometrics takes the friction out of the payment process, making transactions easy, instant, and secure.”
National Lotteries Commission CIO also in favor of biometric link
“Identification of citizens via biometrics is merely the next evolution to a trend that was started decades ago, and the important thing is that innovation should be in the forefront and policies should be adjusted according to the requirements of the digital economy,” said Mothibi Ramusi, CIO of the National Lotteries Commission addressing the Public Sector ICT Forum, reports ITWeb.
He reassured the audience that the government has no ulterior motive, that it is only considering protecting them from fraud.
Ramusi also believes that the proposals could be carried out within the compliance requirements of the Protection of Personal Information Act (POPIA), conflicting with the views of local security experts.
“I want to encourage all of us here to trust that government knows what it is doing and they will ensure utmost safety of citizens’ data,” ITWeb quotes the CIO as saying.
“When citizens place too much emphasis and fears on the potential violation of POPIA compliance, they will miss out on the benefits they can reap through safety, and the endless innovation opportunities that can be unlocked for them by being able to walk around carrying their biometrics data on their phones.”
Study into realities of SIM linking to get underway
A post-doc researcher at Carnegie Melon University (CMU) Africa is preparing a study into the impact of linking identity to SIM cards and how life has adapted to the requirement, and outlined the study in a presentation to the Alan Turing Institute’s Trusted Digital Identity Interest Group.
Edith Luhanga and team are going to explore the pathways to obtaining ID, why people fail, why some succeed, the impact of having to register IDs against SIM cards. The study will research how people deal with mobile operator agents who have numerous methods for selling SIMs without ID, and the realities of using a SIM card registered to another person’s ID.
The qualitative and quantitative study will take place in three East African and three West African nations including Kenya, Nigeria and Tanzania.