Six Democratic members of Congress wrote FCC Chairman Ajit Pai today asking the agency to launch a rulemaking to protect consumers from “SIM swap” fraud, which can allow crooks to steal sensitive data and money.
“Consumers are regularly advised by companies, government agencies and experts to secure their critical online services using two-factor authentication. These services often use text messages (SMS) as their second factor. But fraudsters are often able to get wireless carriers to transfer the cell phone accounts of victims to them, steal their login credentials and then empty their victims' bank accounts. This method of fraud is known as ‘SIM swap’ fraud,” said today’s letter from Sens. Ron Wyden (D., Ore.), Sherrod Brown (D., Ohio), and Ed Markey (D., Mass.) and Reps. Ted W. Lieu (D., Calif.), Anna G. Eshoo (D., Calif.), and Yvette D. Clarke (D., N.Y.).
“According to press reports, some carriers, both in the U.S. and abroad, have adopted policies that better protect consumers from SIM swaps, such as allowing customers to add optional security protections to their account that prevent SIM swaps unless the customer visits a store and shows ID. Other carriers will only conduct SIM swaps after confirming the receipt by the customer of a one-time password sent by email or text message,” the lawmakers added. “Carriers in other countries, including Nigeria, South Africa, Kenya, the United Kingdom and Australia, also make SIM swap data available to financial institutions so that they can take appropriate additional security measures if a customer's SIM has been swapped recently.
“Unfortunately, implementation of these additional security measures by wireless carriers in the U.S. is still spotty and consumers are unlikely to find out about the availability of these obscure, optional security features until it is too late,” the letter continued. “As the primary regulator of the wireless industry, the FCC has the responsibility and authority to secure America's communication networks and protect consumers who rely on those networks. To that end, we urge the FCC to initiate a rulemaking to protect consumers from SIM swaps, port outs and other similar methods of account fraud.”
The lawmakers also asked the FCC to answer a number of questions by Feb. 14, including whether the FCC tracks SIM swaps or port-out fraud, whether current number porting or preferred provider change rules can prevent fraudulent ports, and whether the Commission believes that carriers are obligated to protect consumers from such fraud.
An FCC spokesman declined to comment on today’s letter.
Last September, the Consumer Help Center posted information on “port-out fraud.”
“One way to hijack your phone number is through a porting-out scam. Mobile phone numbers can legally be ported from one provider to the next when you switch your phone service. Phone companies have established safeguards to protect this process, such as having account holders set up a PIN or a password they must provide when calling about their account. But scammers with enough of your personal information can interfere, hijacking your phone number and with it your identity,” the post said. —Paul Kirby, [email protected]
MainStory: Congress FederalNews FCC
Interested in submitting an article?
Submit your information to us today!Learn More