[ggm]

I live in Australia, and every number port has required me to have the old SIM live, and respond to an SMS token exchange, before the receiver could proceed. Or, present the 3 trick questions and be recorded with the telco desk, and incur liability.

I've done three: Telstra to A now defunct MVNO back to Telstra and now Aldi.

I have never been able to socially engineer the change without either other online proof of posession, or this SMS exchange. Never.

Maybe I just found providers who implemented tighter controls.

I wasn't clear, that I also believe the RATE of sim port attacks in Australia is far, far lower than in the USA. I don't doubt some happen, but I think we have less per head of population. In part, I think the 100 points checks and KYC plays to this.