- Email: [email protected]
Cellular carriers try new tricks to beat bandits
Computers & Security, Vol. 14, No. 2
and companies may combine SSL with offerings from other vendors. Rival contenders include Terisa Systems of Menlo Park, California, a company which has produced a technology called ‘secure http’. Wall Street Journal, March 20, 1995. Costly cellular phone fraud rises with number ‘cloning’, Kathy O’Malley. In the United States, cellular phone fraud as a result of cloning is reported to be costing the cellular phone industry $1.3 million every day. The cellular phone industry, growing at 28 000 per day, has reason for concern. It is losing 4% of its annual revenues to fraud. The worst hit areas have been Los Angeles, Miami and New York, but the problem is spreading. The earliest scam was known as ‘tumbling fraud’ which involved the use of fake numbers that weren’t detected by early verification systems until calls had been completed. When computer validation of signals became more sophisticated, cloning was born. The numbers are often stolen with the use of a device called an electronic serial number (ESN) reader. The equipment ‘reads’ the signals as they are being transmitted. Selling the stolen numbers is big business, since they can be programmed into the handset of new phones or cloned onto blank computer chips. In some cities, small businesses provide a front for backroom ‘phone banks’ where international calls are made on cloned phones. There is also a growing market ofwilling buyers of cellular phones already programmed with cloned numbers. The initial cost can be as high as $1000 but this is offset by the promise of no monthly bills for airtime usage. However, the phones become useless when numbers are disconnected by the cellular phone carriers after they discover the cloning. Some vendors are now offering fraud-detection systems to cellular companies. Among the most popular is software that detects changes in calling patterns, such as increase in volume or simultaneous calls being made from different parts of the country. Chicago Tribune, March I, 1995. Unravelling copyright rules for cyberspace, John Mark08 Government officials from 11 industrial nations have concluded their first official meeting on copyright issues in cyberspace, with plans to keep looking for agreements on protecting intellectual property in an electronic world. It is hoped that the group will work towards a consensus that the United States hoped could be presented to a broader international copyright organization. Big differences still arise in the copyright issues of the United States and countries such as France,
Germany and Japan. Those differences could limit the ability to buy and sell electronic information and entertainment products. It has been stated that although American copyright law was well suited to new advances in technology, the international situation was more difficult because countries that were net copyright importers often had little incentive to meet American demands for expanded copyright protection. New York Times, March 9, 2995. Cellular carriers try new tricks to beat bandits, Gautam Naik. A cellular phone thief claims to have earned $250 000 in cash, cars and cocaine by stealing phone service from cellular carriers and reselling it to drug dealers and other customers. Cellular pirates have become bolder and more sophisticated, outwitting just about every anti-fraud remedy that cellular companies have tried. Now the industry is preparing a new electronic arsenal of antitheft techniques. These include digital ‘fingerprinting’ofphones, encrypted call-and-respond ‘authentication’ systems and voice recognition. Cellular fraud has grown five-fold in the last three years, a rate greater than the industry itself. Some 40% of the industry’s losses are due to a low-tech form of fraud. Cellular phone users charge up huge bills which they refuse to pay, then signing up to a new service at a later date. This problem can be overcome with the use of a database from which companies can identity potential fraudsters and refuse to sign them up. Cellular services have begun to impose security PIN codes that require users to enter a few extra numbers before dialling a call. However, cellular bandits have devised a clever way of getting around the problem. They steal a number in a market that doesn’t use PINS then clone that number for wide use in a market that does. Nynex Corp. started using PINS last Autumn and since then the thieves have been turning their attention to US Cellular Corp, tripling its fraud losses. Many carriers expect to roll out a new approach, ‘authentication’ for a new generation of digital phones later this year. Each phone, encoded with a unique cryptogram, must respond with a specific answer when ‘challenged’ by the cellular network, and the responses are scrambled to prevent hackers from scanning them. The cellular bandits do not seem perturbed. It will be impossible for the carriers to recall 24 million cellular phones to fit them with ‘kthentication’ software, and they will probably find their way around anything else that comes up. Wall Strert]ournal, March 1, 1995.
119
and companies may combine SSL with offerings from other vendors. Rival contenders include Terisa Systems of Menlo Park, California, a company which has produced a technology called ‘secure http’. Wall Street Journal, March 20, 1995. Costly cellular phone fraud rises with number ‘cloning’, Kathy O’Malley. In the United States, cellular phone fraud as a result of cloning is reported to be costing the cellular phone industry $1.3 million every day. The cellular phone industry, growing at 28 000 per day, has reason for concern. It is losing 4% of its annual revenues to fraud. The worst hit areas have been Los Angeles, Miami and New York, but the problem is spreading. The earliest scam was known as ‘tumbling fraud’ which involved the use of fake numbers that weren’t detected by early verification systems until calls had been completed. When computer validation of signals became more sophisticated, cloning was born. The numbers are often stolen with the use of a device called an electronic serial number (ESN) reader. The equipment ‘reads’ the signals as they are being transmitted. Selling the stolen numbers is big business, since they can be programmed into the handset of new phones or cloned onto blank computer chips. In some cities, small businesses provide a front for backroom ‘phone banks’ where international calls are made on cloned phones. There is also a growing market ofwilling buyers of cellular phones already programmed with cloned numbers. The initial cost can be as high as $1000 but this is offset by the promise of no monthly bills for airtime usage. However, the phones become useless when numbers are disconnected by the cellular phone carriers after they discover the cloning. Some vendors are now offering fraud-detection systems to cellular companies. Among the most popular is software that detects changes in calling patterns, such as increase in volume or simultaneous calls being made from different parts of the country. Chicago Tribune, March I, 1995. Unravelling copyright rules for cyberspace, John Mark08 Government officials from 11 industrial nations have concluded their first official meeting on copyright issues in cyberspace, with plans to keep looking for agreements on protecting intellectual property in an electronic world. It is hoped that the group will work towards a consensus that the United States hoped could be presented to a broader international copyright organization. Big differences still arise in the copyright issues of the United States and countries such as France,
Germany and Japan. Those differences could limit the ability to buy and sell electronic information and entertainment products. It has been stated that although American copyright law was well suited to new advances in technology, the international situation was more difficult because countries that were net copyright importers often had little incentive to meet American demands for expanded copyright protection. New York Times, March 9, 2995. Cellular carriers try new tricks to beat bandits, Gautam Naik. A cellular phone thief claims to have earned $250 000 in cash, cars and cocaine by stealing phone service from cellular carriers and reselling it to drug dealers and other customers. Cellular pirates have become bolder and more sophisticated, outwitting just about every anti-fraud remedy that cellular companies have tried. Now the industry is preparing a new electronic arsenal of antitheft techniques. These include digital ‘fingerprinting’ofphones, encrypted call-and-respond ‘authentication’ systems and voice recognition. Cellular fraud has grown five-fold in the last three years, a rate greater than the industry itself. Some 40% of the industry’s losses are due to a low-tech form of fraud. Cellular phone users charge up huge bills which they refuse to pay, then signing up to a new service at a later date. This problem can be overcome with the use of a database from which companies can identity potential fraudsters and refuse to sign them up. Cellular services have begun to impose security PIN codes that require users to enter a few extra numbers before dialling a call. However, cellular bandits have devised a clever way of getting around the problem. They steal a number in a market that doesn’t use PINS then clone that number for wide use in a market that does. Nynex Corp. started using PINS last Autumn and since then the thieves have been turning their attention to US Cellular Corp, tripling its fraud losses. Many carriers expect to roll out a new approach, ‘authentication’ for a new generation of digital phones later this year. Each phone, encoded with a unique cryptogram, must respond with a specific answer when ‘challenged’ by the cellular network, and the responses are scrambled to prevent hackers from scanning them. The cellular bandits do not seem perturbed. It will be impossible for the carriers to recall 24 million cellular phones to fit them with ‘kthentication’ software, and they will probably find their way around anything else that comes up. Wall Strert]ournal, March 1, 1995.
119