South Korea’s government announced on Friday it will require local mobile carriers to verify the identity of new customers with facial recognition scans, aiming to reduce scams, the Ministry of Science and ICT said in an announcement.
The measure extends existing customer authentication arrangements that require verifiable identity documents at the point of sale to add biometric verification by facial scan, the ministry said, citing problems with criminals registering mobile accounts and using them for voice phishing.
South Korea’s three main mobile carriers – SK Telecom, LG Uplus and Korea Telecom – each provide an app called ‘PASS’ that stores digital credentials; the new scheme will use facial biometric information stored in that app to verify identity.
The country, which has a population of almost 52 million, has experienced two major data theft incidents this year affecting more than half its residents. E-tailer Coupang leaked over 30 million records and SK Telecom exposed data on its 23 million customers. Authorities previously fined SK Telecom $100 million after finding weak information security practices, including exposed plaintext credentials and unencrypted user data, and the Consumer Dispute Mediation Commission on Sunday ordered the carrier to compensate all 23 million customers ₩100,000 ($67), half as bill credits and half as loyalty points.
The compensation order will cost the carrier about $1.55 billion, the notices said. The ministry said it hopes the facial verification requirement will make it much harder to register a mobile phone account using only stolen data.
Not all of the blame has been placed on SK Telecom: the ministry’s announcement said Mobile Virtual Network Operators registered 92 percent of counterfeit phones detected in South Korea during 2024. The ministry did not provide a timetable for when the new facial verification requirement will take effect.