Telco short-termism hits m-banking


It has always been of interest to see how easily mobile phone companies evade any kind of responsibility for their customers being targeted by fraudulent organizations, writes Shahin Shojai, editor of the Capco Bulletin, a briefing from the Antwerp-based Capco consultancy.

Most readers are aware of mobile fraud, and the range of attacks is as varied as the number of countries where mobile networks are available. The most common attack is the ‘ringtone’ scam, through which companies offer ‘free ringtones’ on websites in return for people submitting their phone number.

Unaware mobile users then receive a text message asking them to choose one of various ringtones, but the text fails to advise them that as a consequence of requesting and receiving the ‘free ringtone,’ they will be signing up to receive three ringtones a week costing £1.50 each, a service which is extremely difficult and sometimes impossible to opt out of.

Crueller scams play on natural human instinct and curiosity, such as the scam that has received a lot of attention in Japan, known as ‘wangiri,’ which means ‘one ring and cut.’ The scam uses a computer to dial mobile phone numbers at random and hangs up after one ring, leaving a number stored as a ‘missed call’ on the receiving party’s phone.

If the person returns the call, and in most cases they do, they are charged premium rates for the call. There are also similar SMS scams, which involve texting random mobile phone numbers pretending to be secret admirers or long-lost friends, using ambiguous and often flattering messages designed to be irresistible.

In these cases mobile users are charged ridiculous rates for replying to the message as well as receiving texts back.

Similar tactics have been used to announce non-existent prizes. Earlier this year, a plague of fraudulent banking text messages broke out in China. This scam was on a very large scale and Beijing Security Bureau received reports of 1,265 cases.

Messages were sent to handsets claiming to be from their bank, telling users that a certain amount of their money had been spent in shopping malls along with a phone number to call for inquiries. Their calls were then answered by fraudsters posing as bank officials who deceived many people successfully by asking for their bank details and passwords, and caused individual losses of up to $38,000.

How can mobile companies deny any kind of responsibility towards the victims? It has always been a mystery as to why fraudulent transactions on the mobile networks need to be paid for and almost impossible to question. For example, if one is incorrectly charged on a credit card it is almost always possible to question, and where fraud is involved, definitely possible to avoid payment. How is it that such a service is not available to mobile phone users?

Do the mobile companies immediately pay fraudsters when a transaction is charged for on the mobile network? It would be extremely surprising if that was the case. There must certainly be a period between when a transaction was consummated and the mobile company paying the provider for the service.

So, how is it that they act as if the cash to the provider was dispensed instantaneously? Could it be that the share of profits for the mobile companies from such fraudulent activities outweighs the benefit of maintaining happy clients?

No matter what the logic behind such totally illogical behaviour, the fact that mobile phone companies negate any kind of responsibility and pass on the entire risk of the transaction to the client without providing any barriers for protection could jeopardize the potential growth of mobile payments in the future.

How comfortable would individuals be in making payments to providers using their mobiles when we now hear that you can even be charged for receiving SMS messages? Of course, it is close to impossible to stop fraudsters when they can basically send you messages and charge<