Cyprus ends anonymous mobile use with prepaid SIM registration ID law

Cyprus will next month require users of prepaid SIM cards to have a verified identity or be disconnected.

The new law was passed by the Cypriot Parliament earlier this year. It applies to all prepaid connections, including eSIMs and M2M cards embedded in IoT devices such as alarms, GPS trackers and smart meters. Unregistered SIMs will be automatically deactivated once the transition period ends on 10 November.

The measure is claimed to improve national security and support law enforcement by stopping anonymous numbers being used by criminals Cyprus had been one of the few EU states still allowing unregistered prepaid SIMs.

All prepaid customers must now be identified through official ID documentation. The process is free for consumers and does not require changing SIM cards or numbers. Mobile providers must roll out secure data-collection systems that comply with GDPR.

The reform aligns Cyprus with a growing regulatory trend across Europe. Greece, Italy and Spain already require prepaid SIM registration. The European Commission has this as part of its counter-terrorism and cybercrime strategies.

The prepaid segment of Cyprus’s mobile market, which has offered flexibility for tourists, temporary workers and cost-conscious consumers. Retailers serving tourists will need to include ID verification, while operators may need to invest in more robust digital onboarding tools to avoid bottlenecks.

The Office of the Commissioner for Electronic Communications and Postal Regulation says identity data must be handled “in full compliance with European privacy law” and used solely for authentication and traceability purposes.

The law could have spin-off benefits for operators by improving customer data accuracy, aiding in fraud prevention, churn analysis and marketing.

Cypriot mobile networks are expected to ad campaigns to inform prepaid customers of the new law.