‘NCC tackling SIM data challenges for security’
Speaking with journalists in an interview, the NCC’s Executive Commissioner for Stakeholder Management, SUNDAY DARE, explained that the subscriber data so far captured by Mobile Network Operators (MNOs) for other statutory agencies are being cleaned up, verified and harmonised in accordance with the act setting up the National Identity Management Commission (NIMC), and a directive of the Federal Executive Council.
Dare urged Nigerians to be patient with the verification, and reassured stakeholders that the country is well on track to developing a credible national database of its citizens, applying global best practices and standards. ADEYEMI ADEPETUN, reports…
Are there really challenges to the SIM data from MNOs, going by purported invalidation of 95.7 million lines?
THE position of the NCC has been consistent, in the sense that as is the normal practice globally, the subscriber data that has been captured has been undergoing the normal process of verification. Whatever name you call it; it is simply a process of verification.
The operators, at the point of registration, are expected to capture specific data – biometrics (picture and fingerprint), name, address etc. Once they capture it, they put it together, and from time to time, they send it to NCC through secure electronic means.
As NCC collects it to the central system, it then checks and verifies what has been submitted by the operators. This has been the process from the beginning; it has not changed. We issued a Subscriber Registration Regulations in 2011, together with Registration Specifications and these have remained substantially the same since then. What we now have is an additional layer of verification via a Presidential Directive and an enabling law – that all data collecting agencies of government should harmonise their data with NIMC – because statutorily it is only NIMC that has the powers to create a national citizens’ database.
So, NCC falls within the category of data collecting agencies. So, as we collect SIM registration data, Federal Road Safety Commission (FRSC) collects (for drivers’ licence), immigration collects (for International Passport), among others – they submit everything to NIMC.
Now, what does NIMC do? They also collect and verify. So, it is a continuous process. Of course – even though technology is being used – there is no way you can verify and complete the processing of 160 million subscribers within a short period. And don’t forget that we had 80 million, then 90 million, then 100 million subscribers and so on… So as their data come in, we verify. That process is painstaking, it is based on technology and it is ongoing. So the question of invalid data does not exist.
Before you can connect to any network in Nigeria, data must be captured by the Mobile Network Operator (MNO) and if any data field is missing, they will not activate you. If they are “invalid”, these numbers will not work. They will not connect with the network. We have the footprint of every SIM registered in this country. What we are doing is, we are trying to verify to make sure that the accurate information is submitted.
In cases where we find out that some of the information is missing or inaccurate, we are able to go back to MNO to say – this number of people you have registered and submitted – instead of four finger prints, we got three clear finger prints, please call them to come and update; or that the address is not correct; or that we find pictures that are not correctly captured and needs to be corrected, etc.
So, what is NCC doing with the data collected?
I must emphasise that there are no serious problems. We are working on the identified issues to correct them. But, in simple terms, NIMC has a statutory duty to create a national citizens’ database. And it has been approved by FEC, under a presidential directive – that NCC and all data collecting agencies should submit their data to NIMC for harmonisation… Don’t forget, INEC has over 88 million records of peoples’ data for PVC – the same way we also have data of people that have SIM cards.
The biggest issue is security, and as it is now, as the need arises, we are able to interrogate the subscriber database for action.
The NCC has collaborated with security and law enforcement agencies on several occasions to arrest those that use their mobile numbers for advance fees fraud, or kidnapping, etc. Once we get requests from authorised channels, we interrogate our database – either the MTN database as resident with us, or the Glo database, and so on – we are able to get the picture of the owner of the telephone number, or we get the address and we give the details to the security people and they do the needful. They have moved swiftly in several cases to apprehend suspects and even successfully prosecute them.
What we are doing now is a verification process to bring the data up to higher global standards for the national database. So, we have been passing collected information to NIMC, and the agency has been doing a good job further cleaning them up and adding them to the national database.
What other agencies have you been collaborating with?
With regards to the national citizens’ database – the key thing here is that the Federal Executive Council and the NIMC Act have given NIMC the full responsibility to harmonize all data and create a citizens’ database.
Every developed country or any country that is serious about development and security keep a citizens’ database which is regularly updated. We are working with NIMC, we have met severally with the Office of the National Security Adviser (ONSA), to the extent that after about a year and half, ONSA and NCC working together were able to agree on four mode of identity that people must have before they can be register, or before they can do a SIM swap. That is, you must have either a Permanent Voter’s Card (PVC), a Nigerian or international passport, Driver’s license, and/or a National Identity Card. if you show up with any of these IDs, we are able to use that ID to query the system to confirm that you are an authentic person. We worked with ONSA to get to this level.
What NIMC is doing is putting together a central database of verified and cleaned up data from these four key agencies and other data collecting organisations. So whenever authorised agencies want to check anybody, all you do is to query that central database and call up the information on the person. So you don’t have different incomplete and disjointed databases. There is a process ongoing and because of the security implications, we cannot bring all the details out into the open. But the regulatory agencies are working together through active collaborations, and what people need to do is to be patient, to co-operate with us, and see what is going to come up eventually.
How do you get intend to other stakeholders involved?
Currently, we are holding stakeholders’ engagement with all SIM registration agents including the MNOs, their super agents and others along the value chain. What we are telling them is that they must understand that they play a very critical role in protecting the national interest as they are the first point of contact for those coming onto the Nigerian telecoms system.
We therefore require high standards and sound ethical conduct from them for us to get a very clean database.
On this, we have been going round the Nation, meeting directly with these agents. We have done this in four regions now. We have done for South-west, South-south, southeast and North-central. By next week, we will be in the North-West.
The reason we are doing this is to ensure that right from the point of first contact of the person who requires SIM registration, the details are properly taken, so that once it gets to our back-end, it is easier to properly validate and send to the central database immediately.
No comments yet