SIM farms and SIM boxes: Understanding the threat to A2P messaging

SIM farms and SIM boxes remain a growing concern for mobile network operators (MNOs) and the telecommunications industry. But what exactly are SIM farms, and how do they make money?

In this article, we’ll explore the inner workings of SIM farms and SIM boxes, the threats they pose to A2P messaging, and the cost associated with them. We’ll also discuss the legalities and compliance issues surrounding these systems, as well as what MNOs can do to take control and solve the problem.

A SIM farm is a system that uses a large number of SIM cards to send messages , often for fraudulent or illegal purposes. They are also used to terminate calls, but we’ll be focusing on the SMS side of things.

A SIM box , on the other hand, is a device that allows a user to connect multiple SIM cards to a single connection, allowing them to send messages at a lower cost. Banks of SIM boxes comprise farms. The two terms are considered synonymous and can be used interchangeably.

Distributed SIM farms are a bit of a novelty. They use an application that allows mobile subscribers to sell their unused SMS to SIM farm operators. These messages are then sold down the SMS value chain to enterprises.

SIM farms can be used to bypass standard A2P messaging channels, which are used by businesses to send messages to their customers.

SIM farms make money by sending messages that come at a lower cost than traditional A2P messaging channels.

SIM farm operators can do this by setting up shop in countries where MNOs sell cheap SIM cards at low prices with unlimited texting plans, and no registration processes.

These setups allow fraudsters to exploit peer-to-peer (P2P) messaging routes for A2P traffic. Exploiting P2P routes costs SIM farm operators a fraction of a traditional A2P message – which is why SIM farm SMS costs are so low. But you get what you pay for in this instance.

SIM farm operations pose a significant threat to A2P messaging, as they can be used to send spam messages, fraudulent messages, and even malware.

This threat is driven by two factors – an absence of due diligence and KYC processes on the SIM farm side, and the low cost of SMS termination that appeals to spammers and malicious actors.

This can also lead to a decrease in trust in A2P messaging, as well as a loss of revenue for MNOs. Additionally, SIM farms can also overload mobile networks, leading to network congestion and a poor user experience.

And it’s not just MNO’s that are affected by SIM farms and SIM boxes but enterprise businesses as well. SIM farms pose several threats to enterprises that rely on A2P messaging for their business operations. Some of the main threats include:

It’s important for businesses and MNOs to be aware of these threats and take steps to protect themselves from SIM farms and SIM boxes. This can include implementing a SMS firewall, monitoring for unusual traffic patterns, implementing fraud detection and prevention systems, and having incident response plans in place.

Additionally, MNOs can also implement SIM registration, or limit tariffs to make it more difficult for fraudsters to misuse SIM cards, while implementing a proper framework.

Multijurisdictional data protection legislation must be taken into account whenever sending business SMS.

Just in Europe, fines for violations of the General Data Protection Regulation (GDPR) can be as severe as €20m or 4% annual turnover – whichever is higher. When it comes to data protection, the EU means business.

Standard SIM farms don’t violate GDPR outright. But considering SIM farms’ non-compliant business model, it’s improbable that they’ve invested the considerable sums required to be GDPR compliance.

Distributed SIM farms are non-compliant by the very nature of the technology. This is because the app user has access to the intended recipient’s number, as well as the content. A clear violation of data protection policy just about anywhere in the world.

And while SIM farms may be based in countries with lax privacy protection laws, the obligation is on businesses to diligently select their service providers.

In addition, business are also required to:

Failure across any of these points could see a business fined for GDPR non-compliance.

And with businesses headquartered outside of the EU that do business in Europe required designate a data protection officer – there is no excuse for not being data compliant in the eyes of the law.

The cost associated with SIM farms and SIM boxes can be significant for MNOs. They can lead to a loss of revenue from A2P messaging, as well as increased costs for network management and security.

Market analyst Mobilesquared surveyed 66 MNOs and found that one-fifth of them believed they had lost between 15 and 20 percent of their revenue to fraud.

But it’s not just about money. SIM box traffic can be slow and of poor quality, which prevents operators and enterprises from meeting service level agreements, trashes the customer experience and exposes them to fraud.

MNOs can take control of the problem of SIM farms and SIM boxes using penetration test traffic systems to trace how A2P SMS is being routed to subscribers.

Intelligent analysis of such results can detect the use of SIM boxes as the entry point onto the network to cause the A2P SMS termination bypass. While detection and identification capability related to these techniques is improving all the time, results will at most be “just near real-time”.

Given richer feature sets of increasingly cheap SIM box technology combined with rising levels of deployment and identity evasion ingenuity, the need for more sophisticated methods to safeguard against their usage for A2P SMS traffic is required.

That’s where implementing a SMS firewall becomes a necessity. A SMS firewall is a system that can detect, and block messages sent from SIM farms in real time.

The more sophisticated SMS firewall systems can represent a more effective approach to SIM box detection and blocking since they process SMS traffic in real-time and thus have the capacity for immediate grey route A2P SMS traffic identification and blocking.

The challenge for existing, legacy SMS firewalls is that SMS traffic emanating from SIM boxes can be easily adjusted to defy the simple volumetric and pattern checks, especially if these are implemented as static configuration. SIM box operators also can dynamically re-program the IMEI (almost on a per-transaction basis), which evades any one-dimensional blocking technique based on IMEI detection.

That’s when MNOs need a multi-faceted approach and in combination with a next generation SMS firewall implement other measures such as SIM card registration, which can help to identify and block the use of SIM farms and SIM boxes.

In conclusion, SIM farms and SIM boxes are a growing concern for MNOs and the telecommunications industry. They pose a significant threat to A2P messaging and can lead to a loss of revenue and increased costs for MNOs. However, by implementing a SMS firewall and other measures, MNOs can take control of the problem and protect their networks from SIM farms and SIM boxes.

And in order to do so MNOs need to work with a telco partner that understands the challenges and work together to have a comprehensive security strategy in place that includes monitoring for unusual traffic patterns, implementing fraud detection and prevention systems, and having incident response plans in place. Additionally, MNOs should also educate their customers on the dangers of SIM farms and SIM boxes and encourage them to report any suspicious activity.

In summary, SIM farms and SIM boxes are a real threat to A2P messaging and can cause a significant financial loss to the MNOs. But with the right partner to provide the right measures and strategies in place, MNOs can protect their networks and revenue while ensuring compliance with laws and regulations.