Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Phreaking Cellular - Misc. :: politi~1.txt

Cellular Fraud - How much of it is real money?

Date: 15 Feb 95 00:06:00 -0500
Subject: Re: Cellular Fraud: How Much of it is Real Money?
Organization: AT&T


My $.02 worth in three parts, carrier perception now, what is wrong
with that perception IMHO, and potential ramifications for future
wireless offerings (purely prognostication on my part).  This is
merely intended to share my experiences in a related subject.  I hope
no one takes offense at anything I've said.  No finger pointing
intended, only opinions based upon customer feedback.

Addressing fraud is an amazingly complex issue that requires numerous
companies to work together jointly when in fact they are competing
against one another in the very same businesses and constantly seeking
leverage against one another.  It is a credit to the standards bodies
that standards addressing these issues have been agreed upon by such
diverse companies.  Implementing same, is another story.  No one
company can implement the existing fraud and security standards alone.
At that point, the only option is proprietary, which is what is being
done now.  All in all, it was a thoroughly frustrating two years in an
unbelievably dynamic environment, and by far the most enjoyable job I
have held with my company.


I spent the better part of the past two years traveling to various
cellular providers to attempt to get them to distribute our cellular
privacy/security products.  I had the unique opportunity to meet with
carriers and their customers.  Although you may wonder what this has
to do with fraud, there are in fact many similarities between the two.

For instance, addressing both requires something on both the subscriber 
and switch ends, whether it be a user pressing a PIN sequence and the
switch understanding the sequence or a phone with privacy/encryption
built in and complementary adjunct at the switch or on a desk. Additionally, 
one could argue that what C1 did in NYC just pushes the fraud out a
level to the user (i.e. the calling card number you just gave the
operator is now being used to someone elses benefit at your expense)
which then enters the realm of privacy.  There was and is an interested 
user base but the carriers are not interested.  Why? (NOTE - that
these are not my opinions but those expressed to me by carrier
personnel from engineering, marketing, product management, sales,etc.
from regional VPs to engineers and sales execs):


1) Cellular is still profitable despite fraud/security implications.
Carriers sign up record numbers of users each year.  If you were reporting 
positive financials up your management line, would you change and open
up a potentially huge can of worms that could undermine your financials 
given enough press?  There is little financial incentive to do anything 
about fraud if the bottom line looks good already.

2)  Digital will take over and have fraud protection (and higher security) 
built in.  Within two years, analog will no longer be an issue and security 
and fraud problems will disappear.

3) I know some of my customers need it but I have to make a business case and 
I don't think enough people care.

4)  Our sales forces only know how to sell phones.  They have lost the ability
to sell services.

5)  We can't admit to our customers that our services are insecure!

6)  Costs too much money -- the user will never pay for it.

7)  If it were in a Motorola flip phone, we'd buy it in a minute. 

8)  Most importantly, customers (including myself) continue to pay their 
monthly cellular bills, which cover the operating expenses for the carrier 
(including losses from fraud) and provide a tidy profit as well.


1) Analog subscriber growth continues at a record pace.  What is not
taking off is airtime for potential high usage business users.  So,
carriers are now looking for new services to offer (voice messaging,
data, etc.) to attract same.  None of these services (or for that
matter the basic cellular service) offer enhanced security (that meet
the standards of many corporate security instructions) or built in
fraud protection that is an inherent part of the switch and phone and
yes for many reasons, digital is just as insecure as analog (we can
debate this in another forum if you like).  

I read a recent report (WSJ I think) that fraud in the NYC area cost
the local carriers $60M alone last year.  But if I had to guess, I'll
venture that the financial picture for the NYC carriers show positive
Economic Value Added as the numbers get passed up the corporate
financial hierarchy.  Fundamentally, I believe there are two reasons
why business customers limit air time -- cost and security.  Cost could
be driven down if fraud could be controlled.  Security could increase
call-minutes (and therefore carrier revenue), and like fraud an
optimal solution involves both your subscriber piece and the switch.
There are implications here for PCS (see prognostications below).  
I have heard many stories how employees have been given cellular
phones as perks and been told not to use them for business.  

2) Two years ago, digital was going to replace analog by 1998.  Thanks
to multiple digital standards, analog now has a rosy future.  In a
recent quote in Mobile Phone News 12/12/94, Motorola says "Digital
accounts for less than 5% of cellular growth in the U.S. As of
October 1, there were 21.5 million analog users in the country,
compared with 250,000 subscribers using TDMA..."  I have been told by
Motorola, Nokia and NEC personnel that the bread and butter for the
subscriber equipment portion of their business will continue to be
analog for the forseeable future.  Actually, I would think that the
thought of replacing 21.5 million analog phones would be an incentive
for manufacturers to use any excuse to create a new analog version of
existing phones with fraud and security built in.  

As an aside, when the Bar Associations in NY, MA, NH and other states
rule it is unethical for an attorney to discuss client matters over a
cellular phone, they are not differentiating between analog and
digital.  From this I could draw one of two conclusions; either the
carriers have done a poor job of positioning the advantages of digital
to the user or maybe there are none. Anyone offering odds that CDMA
(with whatever security/fraud standards are decided upon) will be
rolled out in a diluted version first sans some portion of those

3) Financial responsibility is extremely fragmented in cellular.  A
good general rule is any addition to the MTSO needs to be cost
justified for that MTSO.  This affects fraud/security in two ways.
First, it dilutes the business case by forcing the regional managers
to look at each expense (not unreasonable).  The net result is that
corporate tends not to look at the problem as something it needs to be
involved in because it is regional in nature.  McCaw San Francisco
certainly has more fraud potential compared to McCaw Oklahoma, so let
San Fran fix their problem.  

Second, it removes the corporate clout required to implement a
solution within subscriber equipment.  Since corporate usually
negotiates subscriber equipment purchases, regional managers have zero
chance of independently approaching a major manufacturer such as
Motorola, Nokia, etc.  If they are allowed such independence, their
numbers and therefore bargaining power are still reduced.  

4) Just an excuse for asking your sales people to sell high priced
basic service and higher priced enhanced services to a varied customer
base.  If my salary depended upon attaining a sales quota, you know
I'd be concentrating on selling basic service and a Motorola phone to
the "average" customer.  It's the easiest sell.  

5) I would assert that the press is doing an adequate job of this on
the house.  Also, isn't C1-DC's denial of roaming in NYC a tacit
admission that they have no control over the fraud problem in NYC?
Ditto for the Nynex, Bell Atlantic, C1-NY PIN deal.  And you know your
in trouble when publications such as {Woman's Day} (7/20/93) say things
like "So, if you'd rather keep your personal conversations private,
make and take them on an old-fashioned, wired telephone".  Still,
fraud and security are an extremely tough sell.  There are Fortune 100
companies whose security departments routinely monitor executives
cellular calls and provide them with transcripts.  I have given
equipment to CEO's of some of these companies, only to have it
politely returned with a note indicating that they didn't see the
need.  Very likely, these same executives have appeared before
Congress in the last couple of years to complain about their losses
from foreign intercepts by the French, et. al. and they probably
haven't addressed that problem yet either.  Losses due to
communications fraud and lack of security are too intangible to
measure by the average user that has to date been left in peace (or at
least is unaware of events to the contrary), let alone the carriers
(the press seems to be doing OK with this though).  

Now if your carrier sent you a letter saying that effective immediately 
they were doubling your monthly rate and call charges to cover losses
from fraud or told you that you would have to exchange your existing
phone at your cost, would that get your attention?  Not to worry, they
wouldn't risk losing the profitable business that they have by being
so rash.  

6) Maybe true.  Its amazing the excuses that people give for not
buying products to protect them against fraud or intercept.  It's too
big, heavy, costly, don't like the voice quality, wanted blue instead
of black, doesn't say Motorola on it, and on and on.  However, the
biggest excuse is that human beings tend not to take responsibility
for the problems that occur, especially when their insurance does not
cover the loss.  When a user is "hit" (and they often don't know that
they have been), they believe it is the responsibility of the "telephone 
company" to protect them or cover their losses (Ma still lives on in
spirit).  You need only look at the reaction to PBX fraud as evidence.
To their everlasting credit (and the good of their financial picture)
telcos/carriers are perpetuating this "feel good" spirit by continuing
to cover the losses.  The extra price of security and fraud control
equipment is tangible, one can look at a purchase order and see the
difference.  The losses due to fraud or lack of security can disappear
at many finance levels with creative accounting.  

If users were truly concerned, then there would be many more than
250,000 TDMA subscribers now.  For all its shortcomings, TDMA does
have better authentication, although initially this may not have been
the case.  By the way, this is only a guess but I'd bet that the PIN
arrangement is required for both dual mode and analog phones.  Can
anyone confirm this?  

7) It is very difficult if not impossible to get major phone manufacturers 
to make changes to cookie cutter subscriber equipment to add anti-fraud or 
enhanced security, even if it adheres to TIA standards.  These pieces
are produced in lots of hundreds of thousands at a clip.  Carriers
have painted themselves into a corner on subscriber equipment -- they
have given it away at a loss for so long to get customers to sign up
that customers have grown used to getting the equipment for free or
minimal cost.  Carriers are loathe to change this successful equation.
My Motorla digital flip user guide clearly stated that enhanced
privacy was only available for digital calls.  Typical of the industry
last year was the decision to move forward with digital and refrain
from adding features such as enhanced privacy or authentication to the
soon to be replaced analog system.  I never did find an area where the
switch supported the enhanced privacy feature that the phone had.
Maybe the industry has changed its mind by now.  But that still leaves
a minimum of 21.5 million pieces of analog subscriber equipment that
do not support any potential improvements to the switch, and those
numbers increase by thousands every day.  Sounds a bit overwhelming to
me, but I am still of the opinion (eternal optimist that I am) that it
could be done by any of the carriers if managed properly.  

8) Well, I guess that says it all.  I still pay my monthly bill but I
don't turn the phone on much any more.  I used to be able to take care
of business while driving between Phoenix and Tucson.  It made me much
more efficient.  My cellular bills used to range between $300 and $600
a month (and I didn't violate Corporate Security Instructions because
I had an attached encryption device that I used faithfully).  Then I
made that one clear phone call (sheer convenience) to make my travel
arrangements to show my equipment to BellSouth in Atlanta.  Amazing
how on a direct flight from MHT to ATL my luggage was broken open and
five cellular phones, a scanner, and an ESN reader were left untouched,
only the encryption/privacy equipment was destroyed.  

Since I changed jobs and gave my encryption devices back, I no longer
travel and have a need to stay in touch and be more efficient in my
new job (at least my new management probably isn't interested in
paying that much for more efficiency). Now I try not to turn the phone
on near Boston to let the ESN readers and scanners pick up someone
else.  I don't even like to call home and find out my kids are home
alone much less let the world know it.  I use the phone for directory
assistance and calling stores.  Makes me a much more efficient
shopper. Still its hard to pass up a $.10 pay phone (still have it
here in NH) for three minutes knowing it will cost me $1.50 on the
cellular.  Come to think of it, why do I need cellular service?  It's
not as useful as it used to be.


1) Carriers need to get analog right.  If you attend a regional C1
wireless expo, you will hear that PCS is already here today, and the
speaker will hold up a dual-mode phone and describe all of the nice
services available, meant to make your deskphone expendable.  In
reality, that analogy is based upon the ubiquity of analog service.
The concept of communications any time, anywhere is only available now
because of analog infrastructure.  To date, carriers have shown no
propensity to strengthen the notion that the wireless "deskphone" as
it exists today is as secure and fraud resistant as the wired one
(which is already on my desk and costs a lot less to operate).  They
have already entrenched in customers minds the standards for PCS;
expect more of the same.  They have made PCS sales much more difficult.  
PCS sales people will have to overcome the weaknesses of analog, something 
digital has not been able to do to date.

2) Note several disturbing trends in the carrier responses to fraud.
First, every carrier that attempts to deal with fraud is implementing
its preferred method and they are dissimilar.  I have to wonder if the
Nynex and C1-NY PIN strategies are compatible.

Second, anti-fraud efforts are concentrating on local territories.
Your Nynex PIN is probably worthless on the West Coast where you
probably stand at least an equal chance of being cloned.  

Third, all the "fixes" are user impacting and represent a step
backward from direct dial capabilities.  In an age where cell phones
are now being sold with dial tone (ostensibly to get users to
transition more easily from the deskset), we are now faced with the
probability that we either have to enter a PIN or talk to an operator
(none of which I have to do from my deskset).  These are interim steps
for an analog system that will continue to be much more than an
interim system.  This interim analog system is the test market for
enhanced PCS services and the response will not be "knock the door
down, let me get this thing" if the price of these services are lack
of security and increased exposure to fraud.  There is at least one
district director whose carrier employer is committed to enhanced
services that recognizes the risk he takes every time he powers his
current generation PCS vehicle (aka cellular phone) up, places or
receives a call.  

3) The entire concept of the Wireless PBX is doomed unless security
and fraud are addressed and solved both in the Campus environment and
with the particpating carrier.  Too many corporate security instructions 
exist which preclude discussion of proprietary business over cellular 
phones.  Keep in mind also that with the winding down of the cold war,
many ex-government security folks are now being hired by major corporations
to address the security weaknesses of these companies, and they do
know the score.

John S. Maddaus

[TELECOM Digest Editor's Note: Thank you very much for such an interesting
inside view on the cellular fraud problem. Your article was one of the
best on the topic I've printed since this thread began.   PAT]

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH