Travel eSIMs may route traffic over Chinese and undisclosed networks
9 months ago
- #security
- #eSIM
- #privacy
- Security study reveals eSIMs route user data through foreign networks without disclosure.
- Researchers found user traffic frequently passes through Chinese infrastructure regardless of location.
- eSIM providers like Holafly, Airalo, and eSIM Access were tested, showing opaque routing arrangements.
- Devices appeared to be located in China due to IP addresses from China Mobile.
- Researchers accessed region-restricted content without VPNs using eSIMs.
- Becoming an eSIM reseller is surprisingly easy, requiring only an email and payment method.
- eSIM resellers gain access to sensitive user data, including IMSI numbers and device locations.
- eSIM profiles engage in proactive communication without user knowledge, connecting to servers in Singapore and Hong Kong.
- Researchers propose enhanced transparency, regulatory frameworks, and releasing datasets for further study.