Telcos have no responsibility to stop SIM fraud. Telcos have communicated the last 30 years SMS is not secure (travels as plain text) and should not be used for 2FA. If companies have ignored this advise then it is on them.
SIM swapping also allows you to intercept voice calls, which are encrypted and supposed to be secure. The idea that telcos have no responsibility to stop people from taking over the telephone number that customers pay for is completely absurd. Moreover, often the SIM swapping is done by employees of the Telco itself using company infrastructure.
No you are not correct. The whole underlying mobile phone network infrastructure is based on (failed) trust and is not secure. Though it is slowly being replaced.
The incumbent telcos would love a regulatory framework where they must store address info and other personal data of their clients: Clients would then be much less likely to switch.
International tourists will also be less likely to get a local SIM card and then pay exorbitant roaming charges.
(Here in South Africa, clients must provide proof of their residential address. Some telcos even insist on verifying the thumbprints of their clients)
Don't see how that's relevant to the thread at hand. The problem here is that the Telco has an existing paying customer for a number, and has systems that allow other malicious actors to take over that number instead. It's not about verifying the absolute identity of the account owner, they only need to verify that the new SIM using a number has permission from the person who rightfully owns the account. In many cases, this fraud is being committed by employees of the carrier (e.g. at it's retail locations). That means the carrier clearly doesn't have adequate controls to prevent abuse.
