💵
ITU DFS Security Assurance Framework
  • Acronyms
  • Executive Summary
  • Introduction
  • ITU-T Recommendation X.805 Overview
  • DFS Provider Business Models
  • Elements of DFS ecosystem
  • Security threats
  • DFS Security Assurance Framework
    • Risk assessment methodology
      • Assessment of DFS security vulnerabilities, threats and mitigation Measures
  • DFS security vulnerabilities, threats and mitigation Measures In order to systematical
    • Account and Session Hijacking
    • Attacks against systems and platforms
    • Code Exploitation Attacks
    • Data Misuse
    • Denial of Service Attacks
    • Insider Attacks
    • Man-in-the-middle and social engineering attacks
    • Compromise of DFS Infrastructure
    • Compromise of DFS Services
    • SIM attacks
    • Unauthorized access to DFS data
    • Malware
    • Rogue Devices
    • Unauthorised Access to Mobile Devices
    • Unintended Disclosure of Personal Information
    • Zero-Day Attacks
    • Attacks against credentials
Powered by GitBook
On this page
  1. DFS security vulnerabilities, threats and mitigation Measures In order to systematical

SIM attacks

Ability of an attacker to gain unauthorized access to a DFS user's SIM card.

Affected entity: MNO

Risk: SIM takeover and unauthorized transactions

  • Vulnerability: Inadequate controls for user identification and verification before SIM swap and SIM recycling (SD: Authentication)

  • Vulnerability: Inadequate controls for user identification and verification before SIM swap and SIM recycling (SD: Authentication)

Risk: Unauthorized access to user's mobile DFS data o

  • Vulnerability: Mobile device theft (SD: data confidentiality)

Risk: Loss of access to accounts or reputational damage.

  • Vulnerability: Inadequacies in SIM swap and recycling process[ii] (SD: data integrity)

PreviousCompromise of DFS ServicesNextUnauthorized access to DFS data

Last updated 2 years ago