As part of the global GSMA Open Gateway initiative, South African operators will now be able to implement world-class number verification and SIM swap – Application Programme Interfaces (APIs). They will be available to all mobile commerce and financial institutions and developers to create new services to combat digital fraud and protect South Africa’s 47 million mobile subscribers.
South Africa saw a 24% surge in reported incidents of digital banking fraud in 2022, according to a report published last year by the South African Banking Risk Information Centre (SABRIC). The rise, which resulted in cyber criminals stealing over R740 million from unsuspecting victims, was primarily attributed to the growing number of fraud cases related to banking applications and online banking.
Standardising APIs presents a promising avenue for mitigating such threats. By leveraging their infrastructure and expertise, MNOs can enhance security measures within banking applications and online banking platforms. They are also able to implement robust fraud detection and prevention mechanisms, bolstering overall resilience of digital banking systems against cyber threats.
The new APIs ensure 100% privacy and will have important applications in sectors including banking, finance, insurance, and retail.
The standardisation of APIs allows developers to implement:
- Number Verification – offers seamless verification of a user’s mobile number by providing the next generation of strong authentication and user experience. It is a simple evolution path for any business that uses mobile numbers and SMS One-Time-Passwords. Instead of relying on SMS, Number Verification can be seamlessly and automatically activated to verify a user’s identity. This not only enhances the user experience but also eliminates potential issues, such as users not receiving an SMS or facing difficulties due to limited familiarity with technology.
- SIM Swap – used to check whether a given phone number has recently changed SIM cards. This helps to prevent account takeover attacks, in which fraudsters take control of the account owner’s SIM card using social engineering techniques and stolen personal data. For example, at the time of a financial transaction, a financial institution can check whether the relationship between the customer’s phone number and SIM card has recently been changed, helping them to decide whether to approve the transaction or not.
The initiative will benefit developers in South Africa and elsewhere in the world, helping businesses to accelerate the growth of digital services and applications.
The GSMA Open Gateway initiative
The GSMA Open Gateway is a framework of network APIs, developed in collaboration with mobile operators worldwide, designed to provide developers with universal access to operator networks.
Launched at MWC Barcelona 2023, the initiative represents a paradigm shift in the way the global telecoms industry designs and brings to market new mobile applications and digital services. It fosters interoperability among operators, industry associations, developers, and content creators, while adhering to all relevant technical standards, regulations, and user privacy standards. 237 mobile networks and 65% of global connections – are already a part of the initiative.
Angela Wamola, Head of Sub-Saharan Africa of the GSMA, said: “Banking fraud is a growing threat in South Africa, and mobile network operators are strategically placed to work with developers to help banks, financial institutions and commerce providers mitigate the risk and protect their customers. The availability of the two APIs to South African operators will equip enterprises with additional means of verifying that their customers are who they say they are and protecting them against identity theft, all while maintaining the user experience – and the GSMA’s Open Gateway provides developers with a single integration that works across operators.”