News of the British couple who had their mobile phone stolen on holiday and subsequently faced a phone bill for GBP8,000 ($14,630) after the phone was used fraudulently, highlights the risk to both mobile phone users and operators associated with mobile roaming.
But more could be done to avert the risk posed by phone fraudsters, ComputerWire has learned.
London’s Metro newspaper reported yesterday the story of a couple that were holidaying in Mozambique when their mobile phone, on the T-Mobile network, was stolen. The couple were on a fishing trip and were unaware that their phone had been stolen, and over the next seven days it was used to make hundreds of fraudulent calls to Senegal, Pakistan and the Middle East.
T-Mobile did spot the fraud and blocked the line, even before it was reported stolen, but only after seven days’ worth of international calls had been made from the number. While T-Mobile initially insisted that the unfortunate couple should pay the bill, yesterday lunchtime in the face of growing publicity the company announced that it would waive the bill.
The case throws up a number of important issues in the mobile space. While most if not all mobile operators employ fraud detection software to try to prevent this kind of fraudulent use of a phone when it is lost or stolen, it is not foolproof, nor can it detect a fraud instantaneously.
But for the software to work, it needs to analyze the latest call detail records (CDRs) to establish unusual behavior. When a mobile user is roaming outside of their own country these CDRs are not generated by their home operator but by partner operators. It can take several days for these records to be passed back to the home operator, during which time many thousands of pounds can be defrauded.
T-Mobile spokesperson Patrick Barrow told ComputerWire: These calls were not made on our network, but on a partner network. It’s very hard to detect something when the activity is not actually on our network.
But there is something operators can do to protect themselves and their customers. It is called Near Real Time Roaming Data Exchange (NRTDE) and a little-known German company called OpTel Informatik GmbH has developed it. According to the company, instead of passing data slowly via the usual billing routes from one partner back to the home operator, NRTDE offers direct transfer via a centralized data exchange platform, using Internet Protocol.
It supports the common CDR standards, and because it can use Internet Protocol to transmit the data, it should be relatively inexpensive, according to the company. Because the information is passed in near real-time to a central exchange, fraud detection is much faster and risks are reduced.
T-Mobile’s Barrow could not comment on the technology, but according to OpTel Informatik, the system was actually developed with engineers from none other than T-Mobile. One drawback is that it relies on not only T-Mobile but also on T-Mobile’s roaming partners to adopt the system for it to work effectively.
Another issue is that while the fraudulent use of a phone to make a call may cost either the owner of the phone or the operator several dollars per minute, with the move towards the use of mobile phones to handle more complex and higher value transactions, the potential damage wreaked by fraud could escalate.
Meanwhile, until systems like OpTel Informatik’s become widely adopted, the risk of fraudulent use of roaming mobile phones will be ever-present. Rodaway’s advice is: It is worth people considering using their phones abroad to check the terms of their agreements in the event they become the victim of fraud, and consider insurance against it if it is available.
This article is based on material originally produced by ComputerWire.