, NAIROBI, Kenya, Sep 22 – Safaricom is now calling on the Communications Authority of Kenya (CA) to fast track the security review of thin SIM technology use in the Kenyan market.
This comes after CA gave the green light for the thin SIM technology in the country for a year, giving Equity Bank hopes of launching its Mobile Virtual Network Operator services through its licensed firm Finserve Africa Limited.
Safaricom, which has opposed the move, wants CA to publish guidelines which will protect consumers and involved financial institutions in case of hitches once the technology kicks off.
“We thank the Central Bank of Kenya (CBK) and the CA for the preliminary inquiry into the integrity of the SIM overlay technology, and the security concerns around its deployment. Whereas Safaricom does not necessarily agree with some critical aspects that led to the determination of CA’s decision, we will give our full cooperation to the CA as is required,” Safaricom’s Corporate Affairs Director Nzioka Waita said in a statement.
The firm maintains that it is still concerned of the effects the thin SIM overlay may have “as pointed out by The GSMA in their submissions to the CA.”
Some of the concerns include potential to observe record and divulge mobile user PIN details, potential to intercept, manipulate or destroy Unstructured Supplementary Service Data (USSD) communications and possibilities of causing denial of service to existing SIM’s by intercepting.
Others include risks of carrying out actions without the explicit permission or knowledge of the mobile user and possibilities of obtaining unauthorised access to the SIM card and change configuration settings.
“In the interim, Safaricom will review some of its legal commitments to its customers and banking partners with the view of addressing the legal exposures that could be created by the use of the SIM overlay technology, particularly in relation to mobile banking activities,” Waita added.
But while making its decision, CA maintained that enough investigations had been done on the technology to allow its interim use, and that it exposed no risks to consumers.
“Based on the opinion of GSMA, save for the inherent vulnerabilities of all SIM cards, there are no specific and confirmed vulnerabilities arising from the use of the thin SIM,” CA Chairman Ngene Gituku said earlier during the announcement.