(Last Updated On: August 27, 2014)
London based GSMA, which is the global association of telecoms operations using the GSM technology, has thrown a major blow on Equity Bank’s planned roll out of overlay SIM cards. Safaricom opposed the plan and this halted any planned roll out till the Communication Authority of Kenya decided on the case.
GSMA say that even though Finserve and Taisys may have taken all the necessary security precautions there is still danger of malicious third party accessing sensitive data through malware. This is by downloading a Trojan application to the overlay SIM to access sensitive data.
The thin SIM technology has been used in China to provide mobile banking and also in the United States by a company providing travelers connection to local wireless networks whenever they travel.
GSMA also says that the overlay SIM has the ability to harvest and reveal sensitive data since it is in between the normal SIM card and device. These are data such as PINs, passwords etc. It can bypass security technologies eg cryptographic keys hence record any sensitive data without the users knowledge.
GSMA recommends that the overlay SIM should be analyzed and certified by an independent consultant to prove it is free from any security concerns