Watch On:
Summary
Many banks and corporate IT systems force users to use SMS one-time passwords to secure their accounts, but these can easily be bypassed for most users. Before heading to your activity, you lock your valuables away in a locker, meaning your phone and wallet are together. By simply enabling a PIN lock on your SIM card, you can prevent a third party from using your SIM card on a different device without first entering that code (or obtaining a bypass code from the network provider, known as a PUK code). That said, it is still possible to set up SIM PINs on eSIMs, and this could add an extra layer of security, particularly if your phone allows the reading of text messages or answering phone calls when in the locked state.
Show Notes
Many banks and corporate IT systems force users to use SMS one-time passwords to secure their accounts, but these can easily be bypassed for most users.
I personally use apps like iVerify to stay on top of my mobile security; however, these measures can easily be bypassed for most users when it comes to SMS one-time passwords.
An iPhone user can access this feature by navigating to Settings > Mobile Data > SIM PIN to change their SIM pin and activate it for use.
On Android, this can be found in Settings > Security > Set up SIM card lock.
While many of us in cyber security understand the pitfalls of sending one-time passwords over SMS, the reality is that this is something we have no option but to use with many vendors.
Source
https://www.computerweekly.com/opinion/How-to-protect-against-SMS-mobile-security-weakness
