South Korea mandates facial-recognition scans for new SIM registrations

TL;DR

South Korea’s Ministry of Science and ICT announced a rule requiring facial-recognition verification when customers register new mobile accounts, using biometric data stored in carriers’ PASS apps. The move follows large data breaches this year — including SK Telecom’s exposure of 23 million customers — and aims to curb scams that exploit stolen personal data.

What happened

The South Korean government has introduced a new identity-verification requirement for people purchasing mobile service: carriers must verify new customers with a facial-recognition scan. The Ministry of Science and ICT said the facial biometric check will augment existing steps that already require verifiable identity documents at point of sale. The three major operators — SK Telecom, LG Uplus and Korea Telecom — each provide a PASS app for storing digital credentials; the new rule will use facial data held in those apps to confirm identity. The policy responds to a rise in criminal schemes that register mobile lines using stolen personal data, including voice-phishing operations. This year South Korea suffered two major data breaches affecting a large share of the population, notably an SK Telecom incident that exposed information on 23 million customers and led to regulatory fines and a large compensation order.

Why it matters

• Aims to make it harder for fraudsters to open mobile accounts using stolen personal data.
• Shifts more identity-verification reliance onto biometric data stored in carrier apps.
• Follows high-profile breaches that exposed tens of millions of records and hit consumer trust.
• Adds regulatory and operational pressure on carriers and virtual operators implicated in counterfeit registrations.

Key facts

• The Ministry of Science and ICT announced facial-recognition checks for new mobile account registrations.
• Facial biometric data will be used from carriers’ PASS apps, which store digital credentials.
• South Korea’s population is roughly 52 million; two major data thefts this year affected more than half of residents.
• E‑commerce firm Coupang leaked over 30 million records earlier this year, an incident that cost its CEO his job.
• SK Telecom exposed data on all 23 million of its customers and was previously fined about $100 million by authorities.
• South Korea’s Consumer Dispute Mediation Commission ordered SK Telecom to compensate 23 million customers ₩100,000 ($67) each, totaling about $1.55 billion; half as bill credits and half as loyalty points.
• Mobile Virtual Network Operators were responsible for 92% of counterfeit phones detected in South Korea in 2024.
• The policy is intended to reduce scams such as voice phishing that rely on fraudulently registered mobile lines.

What to watch next

• Implementation timetable and enforcement details — not confirmed in the source.
• Whether the new checks reduce voice-phishing and SIM-fraud rates — not confirmed in the source.
• Any legal, privacy or technical challenges to storing and using facial biometric data — not confirmed in the source.

Quick glossary

• SIM: A subscriber identity module that stores the unique identifier used to connect a mobile device to a carrier’s network.
• Biometric: A measurable biological characteristic — such as a facial pattern — used to verify an individual’s identity.
• PASS app: A mobile application run by South Korea’s major carriers that stores digital credentials and is used for identity verification.
• Mobile Virtual Network Operator (MVNO): A wireless service provider that does not own its own radio network infrastructure but resells service using another operator’s network.

Reader FAQ

Who will need to submit a facial scan?
Anyone registering a new mobile account in South Korea; the requirement applies at the point of sale, according to the ministry announcement.

Is this a response to recent security incidents?
Yes. The rule follows major data breaches this year, including an SK Telecom incident affecting 23 million customers and a separate e‑tailer leak of over 30 million records.

How will carriers store or use the facial data?
The announcement says carriers will use facial biometric information stored in their PASS apps to verify identity, but technical storage and retention specifics are not detailed in the source.

When does this new verification take effect?
Not confirmed in the source.

SECURITY 33 There’s so much stolen data in the world, South Korea will require face scans to buy a SIM SK Telecom's epic infosec fail will cost it another $1.5…

Sources

• There’s so much stolen data in the world, South Korea will require face scans to buy a SIM
• South Korea to require face scans to buy a SIM
• South Korea to require facial recognition for new mobile …
• S. Korea begins trial of mandatory face recognition for new …

Related posts

• Sanders urges nationwide pause on datacenter builds amid AI surge
• Government asks BBC to revive computer literacy and explain AI to the public
• China to Test Apple Intelligence with 2,000 Banned-Topic Questions