TELECOMMS company MTN has has gone on an all-out drive to put systems in place in a bid to improve security.
This follows reports from customers who had complained about losing money from their bank accounts.
The mobile phone company said it constantly reassessed the applicability of security controls.
It said new and different controls were developed and implemented if existing measures were breached.
But, as with any security and control system, those measures remained under threat from individuals who explored ways of defeating it.
The company said the process of tightening its security was endless, citing criminals always finding ways to improve their fraudulent methods as a reason.
Since 2009, the company has implemented and made available to the banking environment a feature called Subscriber Identity for Third Parties (Sift).
It gives banks real-time alerts on Sim card changes.
The company’s view is that if implemented by a bank, Sift (available to the banking sector at a nominal cost) would mitigate fraud risk. MTN hoped the solution, now zero-rated, would be widely used by the banking industry to address the challenges it faced.
It also implemented other security interventions for the Sim-swap process. These measures include improved Sim swap verification and a double opt-in to activate the Sim swap, giving control to customers.
Another solution within the Simswap verification process introduced was a one-hour SMS notification, to ensure the legitimate customer had time to confirm the request.
The company said it was investigating a solution that would allow customers to be contacted on a secondary number or an e-mail address to verify their Sim card swaps.
But this would be dependent on customers giving the company such details. If successful, the Sim swap would be activated only after the customer had given consent via an alternate contact detail.
MTN urged customers to safeguard their internet and telephone banking log-in details against social engineering (phishing) schemes to safeguard their accounts.
Where fraudulent activity had taken place, the company was working with the South African Police Services and the South African Banking Risk Information Centre to help in investigation so perpetrators could be brought to book.