Vodafone IT error let prepaid users avoid ID checks

By on
Vodafone IT error let prepaid users avoid ID checks

Investigation revealed.

Vodafone will be forced to improve its processes for verifying the identity of prepaid SIM customers after an IT error let some purchasers through without checks.

The telco has agreed to an enforceable undertaking with the Australian Communications and Media Authority (ACMA), which investigated the case.

“The breaches ... resulted from changes to Vodafone’s IT systems that allowed customers to self-select online that their identity had been verified in store, without any further check that this had actually occurred,” the ACMA said.

ACMA found that Vodafone had “failed to verify the identity of at least 1028 customers before activating their prepaid mobile services.”

The actual number is likely to be much higher as the 1028 occurred on just three days in a the year-long period that the loophole in the SIM purchase process existed.

Investigation notes [.docx] show that Vodafone actually suspended 6383 prepaid services after the ACMA asked questions.

These 6383 users were suspended because Vodafone “was unable to verify the identity of the customer as part of [its] process of contacting those customers who remained active users of prepaid mobile carriage services and who had used the ID-checked in store option to activate their services.”

The ACMA said that ‘it seems highly likely that similar multiple contraventions occurred over the course of the remaining days of the investigation period which were not the subject of the ACMA’s detailed investigation.”

However, the regulator said it “makes no finding regarding any other possible contraventions beyond the 1028 contraventions” it pinged Vodafone for.

All telcos are required to verify the identity of customers of prepaid mobile services before activating their services.

The data is particularly useful for law enforcement purposes, the ACMA said.

A court-enforceable undertaking now commits Vodafone “to conduct a review and risk assessment of any future proposed changes to its systems and processes, instigate training programs, conduct compliance audits every six months and report to the ACMA.”

The ACMA’s acting chair James Cameron said that telcos “must check that changes to their IT systems don’t run the risk of contravening legal requirements.”

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
acma check identity mobile prepaid sim telco telco/isp vodafone

Most Read Articles

NBN Co says 'not possible' to show cheapest FTTP connections

NBN Co says 'not possible' to show cheapest FTTP connections
Sydney man allegedly stole $600k of AWS Snowball drives

Sydney man allegedly stole $600k of AWS Snowball drives
NBN speed standards emerge at top tiers

NBN speed standards emerge at top tiers
DTA calls out contractors and consultants as barriers to change

DTA calls out contractors and consultants as barriers to change
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

Managed Security Service Providers for Dummies
Managed Security Service Providers for Dummies
The Cost of Cloud Expertise report
The Cost of Cloud Expertise report
The business case for hyperconvergence
The business case for hyperconvergence
What Every CIO Should Know about DevOps & Container Guides by Puppet
What Every CIO Should Know about DevOps & Container Guides by Puppet
The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators
The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators

Events

Log In

Username / Email:
Password:
  |  Forgot your password?