Forum Discussion
Protecting against SIM swap fraud
GraemeR The service is suspended after a request for a replacement sim - you would notice the phone not working in that case.
This is different from a PAC code being requested and sent to a new network.
It all sounds very passive - this is not really much protection, it relies on me noticing within a couple of days my SIM is not working, I don't always use my phone for calls each day.
I was expecting that Smarty would provide some security such as allowing a user to add a PIN or separate password which would be required for any future SIM card swap request, and if they are not provided by the requestor then Smarty would require a more extensive proof of SIM ownership such as writing to the registered address and leaving the service inactive until SIM ownership had been confirmed.
CharlyA_1208171 But surely the scumbags would need to have accessed your account with your email and password before they could request a replacement sim. It would then be sent to your registered address.
From a security view point (I've worked in IT and systems security for decades) it is wise to have multiple layers. Look at it this way, we know that sometimes people's emails are compromised, so Smarty relying on emails not being compromised as the base of the security of the SIM is a risk.
