Citing a litany of complaints from consumers who’ve suffered significant distress, inconvenience and financial harm, the US Federal Communications Commission launched a rule-making process Thursday aimed at cracking down on SIM card swapping scams. Key among the new proposals: stronger authentication standards, and notification procedures whenever someone tries to redirect a phone number to a new device or carrier.
SIM swapping occurs when bad actors attempt to convince a carrier to redirect someone’s phone service to a new device, granting them a phone with the victim’s credentials. It’s not the only threat the FCC is taking aim at; there’s also port-out fraud, where bad actors go to a carrier different than the one you use and convince it to transfer your service to a device they can access.
“In addition,” the FCC notes, “recent data breaches have exposed customer information that could potentially make it easier to pull off these kinds of attacks.”
Specifically, the FCC proposes changing rules so carriers will be required to adopt secure methods of authenticating customers before redirecting phone numbers to a new device or carrier. It also proposes requiring providers to immediately notify customers whenever a SIM change or port request is made on their accounts.