Biometric SIM Registration Claimed, Still Need PDP Supervisory Agency?

JAKARTA - The plan to implement SIM card registration using face recognition-based biometrics will take effect on January 1 on a voluntary basis, and on July 6, 2026 in its entirety, if there are no obstacles.

The implementation of biometric registration is expected to reduce the misuse of phone numbers, ranging from fraud, SIM swapping, to various forms of cybercrime that utilize anonymous identities.

However, in line with this, cyber security expert and Chairman of the Communication & Information System Security Research Center (CISSReC), Pratama Persadha, reminded of another cyber security.

Pratama emphasized that biometrics is a type of data that is extremely sensitive, because it is permanent and cannot be replaced if it is leaked. Therefore, he encourages the establishment of a Personal Data Protection (PDP) supervisory agency.

The same thing was also conveyed by the Executive Director of the Association of All Indonesian Telecommunications Operators (ATSI), Marwan O. Baasir, in which he hopes that the PDP supervisory agency can be formed as soon as possible to reduce the risk of data leakage.

"The institution (PDP), we hope that the government will actually accelerate the formation of the institution," said Marwan in a talk show titled "The Threat of Digital Crime and the Urgency of Registration of Mobile Customers Based on Biometric Face Recognition" which was held by ATSI on Wednesday, December 17.

However, even though the PDP supervisory agency has not been formed, Marwan emphasized that all mobile operators in Indonesia have implemented layered security standards.

Based on the facts, he added, for more than 20 years of operation, the national telecommunications industry has relatively few major data leakage incidents.

"You look back 20 years, thank God, the operator has no data leaks. Because the operator is up to date on hardware, software, firewalls, people, BCP (Business Continuity Plan). People do stress tests, do testing and so on, the operator is disciplined," he explained.

Meanwhile, the Director General of the Digital Ecosystem Ministry of Komdigi, Edwin Hidayat Abdullah, said that the draft ministerial regulation (RPM) regarding biometric registration is still in the harmonization stage.

He also emphasized that the biometric SIM registration mechanism does not depend on data storage by operators or ministries, but rather data from the Dukcapil.

"Safe, because this is where we are directly at Dukcapil. So in fact it has nothing to do with PDP. So imagine, if we open Livin or Wondr? It's also a biometric, it's also data at Dukcapil, yes," he said.