Sim Security - How secure is EFANI? | EFANI Sim Security - How secure is EFANI? | EFANI

Latest news

Discover the latest from our blog

Sim Security – How secure is EFANI?

sim security

Our claim is that we have the best level of sim security to protect our customer data as well as any sim port-out hack attempt. Our entire company is built around this promise. But hey all’s well till it’s not. While technically it’s impossible to build a system that’s un-hackable, but we’ve built a standard operating process to make it practically unhackable. We’ll briefly share a few of the steps we’ve taken to ensure the protection that we promise 

#1 – We store our data in silos across multiple servers on multiple locations which are only accessible by multi-factor authentication of multiple users. This means we’ve spread our risk with no single point of failure

#2 – Our data storage centers are all ISO 270001:2005 SSAE 16 certified 

#3 – Data is E2E encrypted with zero-level authentication implemented 

#4 – We’re always using a private VPN using state-of-the-art cryptography, like the Noise protocol framework, Curve25519, ChaCha20, Poly1305, BLAKE2, SipHash24, HKDF, and secure trusted constructions 

#5 – We keep our keys locked in cold storage & use multi-signature keys for any change 

#6 – Every employee goes through a rigorous background check with no criminal history. It’s equivalent to top-level security clearance 

#7 – Data access is limited to single IP which can’t be accessed outside the USA

 #8 – For any major change which includes allowing a number to be port-out have to be approved by multiple parties and through a manual process 

#9 – We go through a minimum of 7 layers of authentications for a user to port out. In the majority of the case up-to customer discretion, he can choose up to 11 layers of authentications. These authentications are random to protect any malicious attempt 

#10 – Minimum of 7 days cooling-off period before a port out is initiated

#11 – We also use PGP encryption if the customer requests it 

We’re happy to go through an audit of customer choice on customer request & open to any kind of security challenge test