A major South African mobile provider has come under scrutiny for failing to implement mandatory biometric verification requirements under the country’s Regulation of Interception of Communications and Provision of Communication-Related Information Act (RICA), according to recent investigations by local media outlets.
RICA, which was enacted in 2002 and amended in 2021 to include stricter biometric requirements, mandates that electronic communication service providers must verify customer identities through collection of fingerprints and facial biometrics. The law aims to prevent the misuse of SIM cards and communication services for criminal activities.
The primary violation centers on the provider’s inadequate identity verification procedures, particularly the failure to collect and verify required biometric data from customers. This oversight creates significant security vulnerabilities, as individuals can potentially acquire and use SIM cards without proper authorization or tracking.
South Africa’s telecommunications sector has been working to strengthen digital identity verification across various services, with RICA compliance being a cornerstone of these efforts. The Independent Communications Authority of South Africa (ICASA) has previously imposed fines ranging from R500,000 to R5 million on providers failing to meet RICA requirements.
This non-compliance poses serious implications for national security and law enforcement efforts. RICA was specifically designed to help prevent the use of communication services in criminal activities, including terrorism and cybercrime. The current lapses in verification could potentially provide bad actors with anonymous access to mobile communications.
“The integrity of our telecommunications infrastructure depends on strict adherence to RICA requirements,” explains telecommunications security expert Dr. James Morrison. “Any gaps in verification can be exploited by criminal elements, potentially compromising national security.”
The revelations come as South Africa continues to expand its digital identity ecosystem, with recent partnerships between financial institutions and identity verification providers demonstrating the growing importance of robust digital identity systems in the region.
Authorities are expected to investigate these compliance failures and may impose penalties if the allegations are confirmed. Under South African law, telecommunications providers face significant fines and potential license restrictions for RICA violations, with enforcement actions typically following a formal investigation by ICASA.
Source: Daily Maverick
—
November 11, 2024 – by the ID Tech Editorial Team
Follow Us