SIM swap fraud occurs when a new SIM card is linked to your mobile number, allowing the new SIM card to receive the messages such as one-time PIN numbers that are sent from the bank to “you”. However, it is not actually you – it is the fraudster who has done the SIM Swap.
The fundamental weakness of a bank using an OTP is that it only verifies that you have a mobile number linked to your account. Over the years a number of mitigations have been put in place to prevent this including the verification of the sim card and not allowing an OTP to be delivered if the link between the SIM card and the Mobile number was recently changed.
The approach adopted by WIZZIT is to use the additional factor of something that only the customer knows – enter a PIN number onto the mobile in a secure Pin pad all PCI DSS accredited.
This adds another dimension to the security of the transaction. If a message is redirected for logon. The fraudster would need to know the secret PIN in order to complete the transaction, making the WIZZIT Authenticator more secure than a simple OTP.
For more information click here to contact us