Pros and cons of eSIM adoption, expert weighs in

- Advertisement -

With the recent launch of the Philippines’ first electronic subscriber identity module (SIM) card by PLDT Inc. mobile unit Smart Communications Inc. , the country is  positioned to be part of the  anticipated surge in eSIM adoption rate by 2025, according to cybersecurity firm Palo Alto Networks.

But Steven Scheurmann, regional vice president for Asean of Palo Alto Networks, said while eSIM adoption has a wide range of benefits, this comes with attendant risks.

In an interview, Scheurmann said the introduction of pre-paid eSIM benefits Filipino consumers who can  now access prepaid mobile services without the need to buy a physical SIM card. One can simply scan a QR code using their eSIM-compatible smartphone and register their new mobile number online.

- Advertisement -spot_img

Scheurmann said eSIM offers convenient activation and flexibility of switching networks for consumers.  It is also known for its enhanced security features, as network providers can access and control eSIM remotely, making tracking and locating a lost phone easier.

For telcos, he said, eSIM technology presents big opportunities as it allows them to expand their role in the Internet of Things (IoT) market and efficiently connect more devices to their networks.

“By offering multi-device plans and data packages, telcos can generate additional revenue while enhancing the overall customer experience. eSIMs also help network providers strengthen consumer security with data encryption and enhanced authentication protocols,”  Scheurmann said.

But just like physical SIM cards, eSIMS are  devised through “ social engineering techniques” or the psychological manipulation of consumers to divulge confidential information.

Scheurmann said impersonation is one of common methods scammers use for data breaches. The modus operandi would often start with scammers impersonating the victim, calling up their network provider, and requesting an e-SIM activation. Then, they deceive the user into forwarding an e-mail sent by the service provider to their registered e-mail address. Victims are coerced to fill in their bank details in a Google form to gain access to their bank accounts.

The scammers then use an e-SIM-enabled device to activate the victim’s SIM. Subsequently, the user’s original SIM gets deactivated,thereby losing access to their number and, eventually, the money in their bank accounts.

Scheurmann said eSIMs are susceptible to social engineering attacks like  SIM swapping and the management of users’ identities. In this tactic, threat actors deceive network provider employees into aiding in transferring a victim’s phone number to the attacker’s SIM card by exploiting urgent claims or feigning the loss of their own eSIM profile. Once the attacker gains control of the victim’s SIM, they can intercept verification codes sent via SMS and phone, enabling unauthorized access to financial accounts and social media.

According to Scheurmann, eSIMs are also at risk of vulnerabilities in the IoT and supply chain.  IoT devices can be attacked through weak cyber hygiene, leading to unauthorized access or manipulation of eSIM profiles if connected to compromised networks. Counterfeit eSIMs may be introduced into the supply chain, leading to phishing attacks via tampered activation links.

Palo Alto said with the introduction of the country’s first prepaid eSIM and the increasing compatibility of the latest smartphones with this technology, many Filipinos will likely begin to embrace eSIM especially  that in 2021, approximately 89 percent of Filipinos were found to be using prepaid mobile services.

A GSMA Intelligence report said approximately 98 percent or approximately 1,225 operators are planning to provide eSIM services by 2025, indicating a remarkable growth rate of almost 371 percent between 2022 and 2025, surpassing the 152 percent growth observed between 2019 and 2022 in terms of eSIM adoption rate.

“These figures highlight the progression of eSIM implementation in the Philippines, where the initial introduction of eSIM in 2018 was limited to postpaid subscribers. With the recent launch of prepaid eSIM, the country is now positioned to be part of the significant anticipated surge in eSIM adoption rate by 2025,” Scheurmann said.

He aded: “Introducing prepaid eSIM marks only the initial phase of its adoption in the country. It is crucial to be vigilant against emerging attack methods devised by threat actors leveraging this new technology. Safeguarding data in the era of eSIM requires a collaborative endeavor between consumers and organizations, necessitating the adoption of best practices to facilitate a secure transition to eSIM and foster enhanced digital transformation in the Philippines through enhancing connectivity, enabling IoT deployments, facilitating remote work, and unlocking new mobile offerings.

 

Author

Share post: