SIM swapping is a huge problem. It happens when a malicious actor manages to take control of another person’s cell phone line by transferring it out of their phone into one owned by the attacker. It’s a problem that has affected a lot of people in the past, and while T-Mobile and other carriers have taken measures of their own in an effort to curb this, it’s clearly not enough. The FCC is looking to step in and actually force carriers to do even more than what they’re already doing.
As announced by the FCC and reported by The Verge, the agency has introduced a new set of rules that wireless operators must adhere to, with the purpose of those rules being for protecting consumers against “scams that aim to commandeer their cell phone accounts,” helping maintain users’ “well-established freedom to pick their preferred device and provider.”
These rules force these wireless providers to authenticate users more securely and notify them if a port-out is initiated so they can then take proper action. The rules themselves are yet to be approved and entered into effect as of the time of writing — the full ruleset has been finalized by the FCC’s Privacy and Data Protection Task Force, but it needs to be subjected to a vote from the full commission, and pass that vote, in order to be effective.
It should be noted that T-Mobile, in particular, has been doing a lot to curb SIM swapping. Last year, the company began blocking users from swapping their own SIM as a precautionary measure, before later introducing a SIM block service that allowed store reps to block, and unblock, SIM swaps at an user’s request. These FCC rules should mean that the process should get even tighter going forward. It remains to be seen what T-Mobile, as well as Verizon and AT&T, will change as part of this new ruleset.