Update: „An entrepreneur and virtual currency investor is suing AT&T for $224 million, claiming the wireless provider was negligent when it failed to prevent thieves from hijacking his mobile account and stealing millions of dollars in cryptocurrencies. Increasingly frequent, high-profile attacks like these are prompting some experts to say the surest way to safeguard one’s online accounts may be to disconnect them from the mobile providers entirely… “SIM swap” on his mobile phone account at AT&T in early 2018″ (src)

SIM swap scam (also known as Port-Out scam or SIM splitting[1])  is a type of account takeover fraud that generally targets a weakness in two-factor authentication & two-step verification, where the second factor or step is an SMS or a call placed to a mobile telephone.

The fraud centres around exploiting a mobile phone operator’s ability to seamlessly port a telephone number to a new SIM. This feature is normally used where a customer has lost or had their phone stolen.

The scam begins with a fraudster gathering details about the victim, either by use of phishing emails, by buying them from organised criminals,[2] or by directly socially engineering the victim.[3]

Once the fraudster has obtained these details they will then contact the victim’s mobile telephone provider.  The fraudster will use social engineering techniques to convince the telephone company to port the victim’s phone number to the fraudster’s SIM. For example, by impersonating the victim and claiming that they have lost their phone.

In some countries, notably India and Nigeria the fraudster will have to convince the victim to approve the SIM swap by pressing 1.[4][5][3]

Once this happens the victim’s phone will lose connection to the network and the fraudster will receive all the SMS and voice calls intended for the victim.

This allows the fraudster to intercept any one-time passwords sent via SMS or telephone calls sent to the victim; and thus to circumvent any security features of accounts (be they bank accounts, social media accounts etc.) that rely on SMS or telephone calls.

(src)

BIS (Bank of International Settlements, formed 1930 (yes 3 years before world war2)) is also known as „Bank of Central Banks“.

„cryptocurrency has been a somewhat attractive form of payment instrument for money laundering, terrorist financing and tax evasion“

Now, what are those features?

  • Anonimity: The anonymity surrounding cryptocurrencies, prevents transactions from being adequately monitored, allowing shady transactions to occur outside the regulatory perimeter.
  • Cross-border nature: Transaction occur cross-border, and are nearly instant in the network and are confirmed in a couple of minutes. Since they happen in a global network of computers, they are completely indifferent of any physical location. There are no third parties involved in verification or validation.
  • No gatekeeper: The software that everybody can download is for free and there is no centralized coin issuer or an intermediary to oversee the coin trading activities. Anyone can receive and send cryptocurrencies as soon as a cryptocurrency software is installed without being monitored by a central government authority.

Due to these factors, countries are concerned about the misuse of cryptocurrency, especially to launder proceeds of crime, fund terrorist activities and evade taxation. In a recent report by a data security company, CipherTrace, $761 million has already been laundered via cryptocurrencies so far this year.

IMF and EU are advocating for regulating cryptocurrency, despite challenges such as anonymity, cross-border nature of use cryptocurrency, lack of central intermediary to regulate, etc.

In February 2018, Ms. Christine Lagarde, head of IMF said in an interview on CNN that due to the potential illicit use of cryptocurrency, cryptocurrency regulations are inevitable.

The US has already extended its AML regulatory framework to cryptocurrency. Other countries include, Australia, Canada, Japan, Mexico and Switzerland.

Therefore, it is important to recognize the role cryptocurrencies play in the financial markets, and to start thinking about allowing emerging technologies to have a level playing field in these markets.

Blockchain technology, if properly used, can be applied in a large variety of sectors, including, trade, commerce, healthcare and governance. It could be used in pledging of collateral, registration of shares, bonds and other assets, and operation of land registers, and many more.

Keynote speech by Mr Ahmed Naseer, Governor of the Maldives Monetary Authority, at the 5th Maldives Islamic Banking & Finance Industry Conference, Malé, 27 November 2018.

src: https://www.bis.org/review/r181224a.htm

admin