Indonesian Political, Business & Finance News

Expert recommendations for effective biometric SIM card verification

| Source: ANTARA_ID Translated from Indonesian | Technology
Expert recommendations for effective biometric SIM card verification
Image: ANTARA_ID

Cybersecurity expert Pratama Persadha has recommended a series of technological strategies for implementing a biometric verification system for new prepaid SIM card customers, which will soon take effect in Indonesia, to ensure it runs effectively. The Chairman of the Communication and Information System Security Research Center (CISSReC) proposed solutions ranging from preparing a design that prioritises privacy to incorporating a liveness detection mechanism. “The most important thing is the application of the privacy-by-design principle from the initial stages of system development. Biometric data must not be treated like ordinary customer data. All processes of collection, transmission, storage, use, and destruction of data must follow very high security standards,” said the lecturer at the State Intelligence College on Friday. The state must strictly enforce the Personal Data Protection Law, particularly regarding the management of personal data, to ensure that the data used by telecommunications operators for verification is used as intended. “Independent security audits need to be conducted periodically, including penetration testing, vulnerability assessment, cloud configuration audits, and cyber incident simulations,” said Pratama. The implementation of the biometric verification system for new prepaid SIM card customers will begin in Indonesia on 1 July 2026 and will apply to all telecommunications operators, including XLSMART, Telkomsel, and Indosat Ooredoo Hutchison. Not only highlighting the government’s role, Pratama also advised telecommunications operators to use a robust encryption system. He also reminded them to include a financial technology mechanism in the verification system provided by the operators. This mechanism is important to ensure that the face used truly belongs to a person who is physically present, not a photo, video, or deepfake manipulation. Concluding his statement, Pratama reminded that when this system is implemented, telecommunications operators must also transparently explain how the system works. The public needs to know what data is collected, the purpose of data collection, and the mechanism for data deletion when the data is no longer required. “Public trust will only be formed if technical security is accompanied by transparent and accountable data governance,” Pratama concluded.

View JSON | Print