Mobile SIM sellers fooling PTA, NADRA; making mockery of biometric verification

Warid biometric verification

A mobile SIM that is activated through a biometric verification system is considered clean today. What if the SIM is verified and activated through the biometric process and still is an illegal chip? Yes, the word “illegal” has long buried in our news reporting database ever since the biometric SIM verification regime started in August 2014 across Pakistan.

Cellular operators, on the wish and guidelines of government and concerned regulators including PTA, poured in billions of rupees for acquiring and installing biometric SIM verification devices but only after two years, they were as ineffective as the previous shortcode based verification processes that Pakistan Telecommunication Authority (PTA) had introduced earlier. The only primary reason for the digital verification was making the SIM activation process seamless, secure and foolproof. However, once again, the process has become vulnerable at the hands of SIM sellers and criminals are easily getting what they want; an active SIM which is not in their name.

As per latest findings the devices which are used to capture the thumb impression of a subscriber and verify it with NADRA’s record before activating a mobile SIM can be easily tricked with a picture or copy of the thumb impression. Not only this, there are several other ways in practice for duping the biometric verification system.

Sources at Federal Investigation Agency (FIA) revealed after coming across several such cases that these devices can easily be fooled by a photocopy of the thumb impression or an adhesive material. Even the master biometric devices are being cloned and sold in the market.

“These low-cost devices which are being used at thousands of point of sales all over the country for issuing mobile SIMs do not maintain a high level of precision. In such incidents, a layer of silicon is used which gets embossed by a thumb impression when it is pressed. The impression is later used to activate multiple SIMs without the subscriber getting any clue about multiple activations”, an FIA official explained.

Alternatively, getting a thumb impression in Pakistan is much easier in the name of providing free food, participation in a Hajj Umra lucky draw program or a free plot. For such goals, there are a number of groups working in the field who are tasked to fraudulently obtain the thumb impression of simple villagers who are not much aware of such impostors.

Despite the fact that biometric SIM verification system is well in place, the incidents of unauthorized SIM activation, transfer of SIM without the consent of users are still in practice.

An official at a leading cellular operator on the condition of anonymity commented that it is the pressure to sell more that is passed on to the franchisees for which they used various methods to sell more SIMs. However, he showed ignorance about tampering with the biometric verification process.

Although, PTA and cellular operators deny the existence and issuance of illegal mobile SIMs after biometric SIM verification system, however, SIMs activated without a user’s consent can also be termed as illegal which causes menace for the security agencies.

“There isn’t a flaw in biometric technology which is considered secure all over the world. However, what matter is how someone uses it”, explained the FIA official.

Although, not very relevant but abusing the biometric process was also reported in India just recently where, in Matunga, some 200 students at Institute of Chemical Technology fooled the biometric devices by using resin adhesive. The material captured the thumb impressions of students who wanted to remain absent from the class, and their friends continued to register their attendance for many weeks.

Pakistan currently boasts 139 million mobile SIMs subscribers, and there is a limit of five SIM currently in practice against a particular CNIC in Pakistan. However, dodging a biometric device is still a serious security glitch that authorities and telcos must address before there is a complete ban on the sale of SIMs once again in the name of security.

Comments
  1. Exploiting systems or initiatives when they become a year or two old, has become a common practice. Implementing the projects for a long term and assuring quality should be made a priority, anybody can just introduce them!

  2. But isn’t there a limitation for every technology? There are also several articles about how facial recognition can be tricked with a picture of a person, I think the problem of fingerprint verification is the same one. The revelation that how people give away their thumb impression for various reasons like free food or a lucky draw should be a major concern for security agencies as fake mobile SIM is not the only way to misuse a fingerprint.

  3. But isn’t there a limitation for every technology? There are also several articles about how facial recognition can be tricked with a picture of a person, I think the problem of fingerprint verification is the same one. The revelation that how people give away their thumb impression for various reasons like free food or a lucky draw should be a major concern for security agencies as fake mobile SIM is not the only way to misuse a fingerprint.

Leave a Comment

Your email address will not be published. Required fields are marked *

Name *