Orange, Free, SFR and Bouygues Telecom have joined the GSMA Open Gatewayan initiative launched by the GSMA (the association which represents the interests of mobile operators around the world). This initiative aims to standardize access to telecom network services via open APIs. They must allow developers or businesses to easily connect to services provided by operators.
As part of this initiative, the four French operators have developed two tools intended to combat online fraud and identity theft. Intended for France, these two application programming interfaces (APIs) must prevent cybercriminals from orchestrating attacks that impersonate a user by exploiting information linked to their phone number or mobile account, such as SIM card scams. They have been developed with several financial institutions, including BforBank and Fortuneo.
Also read: Inactive eSIM scam – hackers empty the bank accounts of the dead
Two APIs to fight scams and fraud
To cut the rug out from under hackers, Orange, Free, SFR and Bouygues Telecom will offer developers an API called KYC Match. As the name suggests, the API allows businesses to improve their KYC (Know Your Customer) process. Mainly used in the financial and banking sectors, KYC is used to verify the identity of Internet users. Its main objective is to prevent illegal activities such as money laundering, fraud or terrorist financing. A KYC form is mandatory for many financial entities, such as cryptocurrency platforms that want to receive approval from the Financial Markets Authority.
Concretely, developers will be able to “verify information provided by clients with records” held by the operators. Telecoms rely on the personal data they hold about their subscribers, such as mobile phone number, name, postcode, address, date of birth and email address. The release clarified that no personally identifiable information is shared. This programming interface must stem identity theft.
Telecoms will also launch SIM Swap, an API supposed to fight against SIM card scams. Fraud involves moving your phone number to another SIM card, allowing the cybercriminal to receive and send SMS messages pretending to be you. It is based on compromised personal dataheld by cybercriminals following leaks.
To combat this scourge, which also affects eSIM, the API will make it possible to check whether a telephone number has recently been associated with a new SIM card. When a customer makes a transaction, the institution can analyze the relationship between phone number and SIM card. If a recent change is detected, it may indicate that a criminal is at work. The developer can then choose to block the transfer or request additional confirmation before authorizing the transaction.
The APIs are based on the new CAMARA standard, aiming to standardize open APIs for telecom networks. By establishing common standards for telecoms, CAMARA helps accelerate the deployment of new tools, including these APIs designed to fight fraud.
Launching next year
The availability of these two APIs is planned for the first half of 2025. They have been rigorously tested on the French market. As Orange explains, “our identity APIs have already been deployed by many banks and financial service providers in France to help fight fraud”.
Orange, Free, SFR and Bouygues are also planning to put online a third tooltitled Number Verification. It allows you to verify a customer's phone number “transparently and automatically”, without sending a code by SMS. The press release remains vague, but mentions “the next generation of strong authentication”. This could be some form of authenticator app, like Google Authenticator.
“The initiative benefits businesses, mobile operators and their customers, saving developers time, money and effort”argues Henry Calvert, director of networks at the GSMA.
This initiative comes in a context in which the French have become the preferred target pirates. Over the past few months, cybercriminals have collected a wealth of personal data on Internet users who live in France. Armed with sensitive information, they can orchestrate formidable offensives, including package delivery scams.
???? To not miss any news from 01net, follow us on Google News and WhatsApp.
Source :
Orange
