Sim Swapping and OTP risks

The Hellenic Banking Association announced that Sim Swapping is a significant risk that we need to consider. It is true!

Sim Swapping and OTP risks

Ιt is also true that the GSM protocol and SMS in general have various problems that aspiring hackers can use to steal data and control our devices (1).

Νowadays, technology cannot make our devices 100% secure or our web banking invincible. Something that today seems impenetrable in a few years will be considered obsolete, perforated. We need to learn to live with the dangers of technological development but also to evolve and follow practices which reduce our exposure to risk and illegal use.

We can improve our security somewhat with some quick techniques.

  • Banks themselves should incorporate the technique of Strong Customer Authentication, a practice that is now mandatory.
  • When this is not possible, they can request OTP codes in conjunction with another item, PIN or part of it in the sending of the code transmitted via SMS.

It's not a panacea ... it adds a degree of security in a (anyway relatively problematic with today's data) way, without greatly disturbing the level of usability.

At Natech we use such technology since 2010 and our customers use this tool from their first day of operation.

 

Thanasis Navrozoglou

President, CEO 

 

 

(1)https://techxplore.com/news/2019-09-simjacker-exploit-independent-handset-sms.html

https://blog.trendmicro.com/security-vulnerability-affects-most-gsm-phones-researcher-says/