There are about 3,2 million cellular phone users in South Africa. It is estimated that this will increase to 10 million subscribers by 2005. The cellular phone industry has not been immune from crime with over 75 000 phones stolen in the past four years. What happens when a cell phone is stolen? Indications are that cellular phone fraud — generally regarded as the unauthorised use, tampering, or manipulation of a cellular phone or service — is on the increase in South Africa.

Types of cell-phone fraud

Anyone using a stolen phone, signing up for a service using false identification, or cloning a valid Electronic Serial Number (ESN) onto another cellular phone commits fraud. Cloning occurs mostly in developed countries, while developing countries experience subscription fraud and theft. Cellular fraud, particularly "cloning" and theft is a major problem for South African cellular service providers and their customers.

Cellular fraud manifests itself in four different ways:

Cellular theft — a phone is stolen from a legitimate customer and used before the theft is reported.



Subscription fraud — a subscriber signs up for a service with fraudulently obtained customer information or false identification.



Tumbling fraud — a cellular "bandit" randomly reprogrammes his phone number or electronic
serial number after every call (taking advantage of current call validation processes which occur after customers place their first call while roaming outside their "home system").



Cloning fraud — a valid subscriber’s mobile number and ESN are "hijacked" from the airwaves and programmed into another cellular phone. If successful, the charges for calls made from the cloned phone will appear on the valid subscriber’s phone bill.

What can be done?

With technically sophisticated thieves, customers are relatively helpless against cellular phone fraud. Usually they became aware of the fraud only once receiving their phone bill. One American cellular phone company estimates more than $1.5 million a day in lost revenue because of fraud, despite efforts to detect and prevent it.

Service providers have adopted certain measures to prevent cellular fraud. These include encryption, blocking, blacklisting, user verification and traffic analysis:

Encryption is regarded as the most effective way to prevent cellular fraud as it prevents eavesdropping on cellular calls and makes it nearly impossible for thieves to steal Electronic Serial Number (ESN) and Personal Identification Number (PIN) pairs.



Blocking is used by service providers to protect themselves from high risk callers. For example, international calls can be made only with prior approval. In some countries only users with major credit cards and good credit ratings are allowed to make long distance calls.



Blacklisting of stolen phones is another mechanism to prevent unauthorised use. An Equipment Identity Register (EIR) enables network operators to disable stolen cellular phones on networks around the world. According to Vodacom, 41 239 cellular phones were blacklisted between May and September 1999.



User verification using Personal Identification Number (PIN) codes is one method for customer protection against cellular phone fraud. Tests conducted in the United States found that having a PIN code reduced fraud by more than 80%.



Traffic analysis detects cellular fraud by using artificial intelligence software to detect suspicious calling patterns, such as a sudden increase in the length of calls or a sudden increase in the number of international calls. The software also determines whether it is physically possible for the subscriber to be making a call from a current location, based on the location and time of the previous call. Currently, South Africa’s two service providers, MTN and Vodacom, use traffic analysis with the International Mobile Equipment Identity (IMEI) — a 15 digit number which acts as a unique identifier and is usually printed on the back of the phone underneath the battery — to trace stolen phones.

Other warning signs that subscribers should watch out for to detect fraudulent activity include:

Frequent wrong number phone calls to your phone, or hang-ups.

Difficulty in placing outgoing calls.

Difficulty in retrieving voice mail messages.

Incoming calls constantly receiving busy signals or wrong numbers.

Unusual calls appearing on your phone bills.

Conclusion

The GSM (global system for mobile communications) Memorandum of Understanding represents network operators, regulators and administrative bodies from 109 countries and areas of the world. GSM standards which include the use of authentication, encryption and temporary identification numbers — security features which cannot be decoded or cloned on the air — are seen as an effective industry tool to handle cellular fraud in South Africa.

Presently the cellular phone industry relies on common law (fraud and theft) and in-house counter measures to address cellular phone fraud. The enactment of legislation to prosecute crimes related to cellular phones is not viewed as a priority, however. It is essential that intended computer crime legislation for South Africa be comprehensive enough to incorporate cellular phone fraud, in particular "cloning fraud" as a specific crime.

Nceba Gomomo
Institute for Security Studies