Handset sales have been an important source of revenue for telecom carriers. The business model has proved successful as telecom carriers offer new smartphones in exchange for long-term service contracts. However, fraudsters have found new opportunities to acquire mobile phones without the intention of paying for them by committing handset fraud.
What is a Handset Fraud?
Handset fraud is defined as the unauthorized use, tampering, or manipulation of a mobile phone or mobile network service.
Different Types of Handset Fraud?
1. SIM Swapping
Mobile phone numbers can legally be ported from one telecom carrier to another when a customer switches services. The phone number can also be ported between devices when customers upgrade or change phones.
But, scammers use personal information to have the number ported to devices they possess. To steal the number, scammers start collecting personal information on the target individual from social media, phishing emails, or malware before engaging in social engineering.
This is to trick the telecom carrier into connecting the phone number to a SIM card in their possession. Later, they connect with the telecom carrier, impersonating a customer who has lost or damaged the SIM card.
Then they ask the customer service to activate a new SIM card in the scammer’s possession. Once the wireless carrier completes the request, all the phone texts and calls are redirected to the scammer’s phone.
2. Subscription Fraud
In this method, fraudsters sign up for a service provided by carriers with fraudulently obtained information about individuals. They use this stolen identity to obtain mobile handsets and services with no intention to pay.
As retail prices of smartphones have increased over time, a grey channel has been created and exploited by fraudsters to resell smartphones illegally obtained from carriers.
This type of fraud is referred to as First-party fraud where a person knowingly misrepresents their identity or gives false information for financial or material gain.
Subscription fraud is a serious credit risk issue of default. A large proportion of default can be classified as bad debt which has serious consequences on telecom carriers that operate on wafer-thin margins.
A device locking technology enables telecom carriers to achieve a higher level of assurance that financed smartphones are protected from handset fraud activities, including subscription frauds.
3. Payment Fraud
Fraudsters use stolen credit or debit cards or, in some instances, counterfeit cards to order or purchase smartphones from carriers or retail stores. This is one of the lucrative ways to make use of stolen cards is by reselling the illegally obtained phones.
How to Protect Against Handset Fraud
There are ways where telecom carriers and individuals can protect themselves against handset fraud:
- Remote handset locking: Telecom carriers could install remote handset locking technology that acts as a deterrent against handset fraud. Through a simple and intuitive administration console, telecom carriers can block and disable functions of all smartphones fraudulently acquired phones.
- PIN codes: For example, after the infamous data breach caused by SIM swapping, T-mobile has added a new security layer to their number portability process, requiring users to create a PIN. Customers transferring their number now need to create a 6-digit pin from T-mobile’s app or website.
- Online behavior: Beware of phishing emails that fraudsters may send to access personal information that would help them convince the telecom carrier about one’s identity.
- Account security: Increase the account security with a unique, strong password and security questions and answers.
- Call-backs: Telecom carriers could call customers back to validate their identity and to catch identity thieves.
- Bank and telecom carrier alerts: Banks and telecom can share their knowledge of SIM swap activity and implement additional checks when SIM cards are reissued.
Handset sales are going to remain an important source of revenue for any telecom carrier. As a result, they need to introduce a business imperative that prevents handset fraud by adopting non-intrusive technology along with security practices that protect subscribers and handset investment, both.