More than a decade after Bangladesh introduced biometric SIM registration to eliminate anonymous mobile connections, SIM cards registered under other people’s identities remain widely available across the country, exposing significant weaknesses in a system designed to prevent digital crime and strengthen accountability.
Sold through Facebook groups, online marketplaces and mobile phone shops, these SIMs are often bundled with pre-verified mobile financial service (MFS) accounts, creating ready-made digital identities that can be used almost instantly for financial transactions and online activities. Investigators say the thriving trade has become an important enabler of cybercrime, online fraud, illegal gambling and money laundering, while making it increasingly difficult for authorities to identify those behind such offences.
Recent law enforcement operations suggest the problem extends far beyond isolated incidents. In separate raids this year, investigators recovered tens of thousands of SIM cards, GSM gateways and other telecommunications equipment from groups allegedly involved in large-scale criminal operations. Authorities believe anonymously registered SIMs are increasingly being used to facilitate a range of illegal activities, from phishing and financial scams to the movement of illicit funds through mobile financial services.
Investigators say the market is sustained by a combination of factors, including weaknesses in SIM distribution channels, compromised identity information and the growing availability of anonymous digital services online. The result is a parallel ecosystem in which SIM cards and mobile wallets registered under legitimate identities can be purchased and used by entirely different individuals, leaving innocent citizens vulnerable when criminal activity is traced back to their names.
The continued existence of this underground trade has raised questions about the effectiveness of current safeguards and the security of citizens’ personal information. As regulators, telecom operators, mobile financial service providers and law enforcement agencies grapple with the challenge, experts warn that the gap between biometric registration and actual user verification continues to provide opportunities for organised criminal networks to operate behind borrowed identities.
Several recent operations highlight the scale of the problem. On January 12, the Detective Branch (DB) of Dhaka Metropolitan Police arrested eight people, including five Chinese nationals, and recovered 51,261 SIM cards, 21 VoIP GSM gateways and other equipment. On May 13, detectives arrested another nine suspects, including six Chinese nationals, recovering 280 SIM cards and GSM modules.
Investigators said the groups collected mobile financial service agent SIMs registered under other people’s identities and connected them to GSM gateways, allowing hundreds of SIMs to operate simultaneously.
DB Additional Commissioner Shafiqul Islam said criminal groups collect money through bKash and Nagad accounts before transferring the funds abroad through laundering networks.
“The money is reaching them through bKash or Nagad, and they are immediately laundering it overseas,” he claimed.
The Rapid Action Battalion (RAB) also recently arrested two members of a train-ticket blackmarketing syndicate in Jamalpur and recovered 963 SIM cards, further highlighting the widespread use of anonymously registered connections in criminal activities.
Investigators say dishonest retail agents play a key role in creating the supply chain behind the anonymous SIM market.
According to DB chief Shafiqul Islam, some agents register multiple SIM cards using a customer’s biometric information and later sell the extra SIMs.
“Suppose someone comes to buy a SIM using their biometric data and NID information. The agent may register several additional SIMs using the same details and keep them,” he said.
“These SIMs are later sold in the market. Criminals buy them and use them for illegal activities. But when investigators trace them, the registration belongs to someone else.”
Officials say such SIMs are easily found in mobile shops, while online marketplaces have made the trade even more visible.
More than 100 Facebook groups were found advertising SIM cards linked to bKash and Nagad accounts. Some sellers offer fully verified KYC accounts, while others advertise merchant and agent accounts that normally require trade licences and banking documents.
Telecom officials say the problem is closely linked to compromised national identity data.
A mobile operator official said companies depend on Election Commission verification and cannot reject registrations if NID information is approved through the government database. The official described cases where SIM cards were purchased using the NIDs of at least 20 centenarians, including people aged over 100.
The concerns are not unfounded. The Criminal Investigation Department (CID) earlier arrested two Election Commission computer operators accused of selling citizens’ NID information for Tk 200 to Tk 300 per record. Investigators said the suspects accessed information linked to 365,608 NIDs within 30 days and allegedly earned around Tk 110 million.
Authorities have also warned that stolen personal and biometric information is being traded online, creating additional risks for citizens whose identities can be exploited without their knowledge.
Asked whether stolen biometric data could be misused for SIM registration, Grameenphone CEO Yasir Azman said: “Hackers can do many things if they want.”
Telecom operators and mobile financial service providers acknowledge the problem but point to different causes behind the growing misuse of SIMs and digital identities.
Yasir Azman said operators do not control the entire identity verification system and have shut down thousands of suspicious retail outlets in an effort to curb abuse.
Robi’s Chief Corporate and Regulatory Officer Sahed Alam said compromised national identity data was one of the most serious concerns facing the sector.
“If we cannot secure this area, securing other data will not help,” he said.
bKash’s Chief External and Corporate Affairs Officer retired Major General Sheikh Md Monirul Islam blamed dishonest agents who deceive customers into opening accounts without their knowledge.
“There is no reason for these KYC accounts to end up in the hands of Chinese nationals,” he said.
Technology entrepreneur Fahim Mashroor said telecom operators and financial institutions must take greater responsibility for identifying suspicious activity before it develops into large-scale criminal operations.
He questioned why individuals can still hold multiple SIM cards and urged the use of artificial intelligence to detect suspicious accounts.
“AI and modern technologies can be used to identify these suspicious accounts,” he said.
BTRC Vice-Chairman Abu Bakar Siddique agreed that the SIM ownership limit requires further review.
The limit was reduced from 15 to 10 SIMs per person last year, and regulators are considering lowering it further to five.
Until stronger controls are introduced, officials warn that the anonymous SIM market will continue to fuel a growing digital crime economy, turning identities into commodities and mobile wallets into channels for illegal finance. The persistence of the trade, despite years of biometric registration, highlights the challenge facing authorities as criminals continue to exploit weaknesses in identity verification, data protection and regulatory oversight.
