Secure SIM Profile Query API.

[pcjayasinghe]

Problem description
The use case behind this is that the Cambodian government wants to securely query SIM profie from each mobile operator. To achieve this, they have requested all operators to provide APIs for secure data access.

Possible evolution
The current API query used to retrieve a subscriber's SIM profile exposes specific personal and technical information associated with a mobile subscriber's account. This includes sensitive data such as the subscriber's name, date of birth, ID card details, and SIM status. While this information is essential for identity verification, service eligibility checks, and account management, the exposure of such sensitive data raises significant concerns about data privacy and security, necessitating stringent controls and safeguards to mitigate potential risks.

Alternative solution
We are a Cambodian mobile service provider called Cellcard. We have developed this API and plan to publish it under the CMARA project. This initiative aims to establish a common API standard that all mobile communication providers can adopt for similar use cases, promoting consistency, interoperability, and operational efficiency across the industry.
Additionally, we had a meeting with GSMA, where they suggested we make a proposal to the CAMARA EKYC project, as this API aligns more closely with EKYC-related initiatives

Additional context
Please find the full API Documentation URL : https://drive.google.com/file/d/1zDhR9Ca13O_zyuHGnXNY3bmdwnU2R1L4/view?usp=sharing.

[jgarciahospital]

Hi @pcjayasinghe,

If your proposal is to enhance an existing API, please fill the required template and create a PR of it to the proposals folder.

AS soon as ready, this will be discussed in the following backlog meeting and if agreed will be reported towards the KYC API subgroup.