Cellnet flaw gives thieves free calls

Click to follow
The Independent Online
FRAUDSTERS ARE exploiting glaring weaknesses in the Cellnet mobile phone network to use stolen credit card details to "top up" prepaid handsets - a flaw that the company is only slowly trying to repair.

The fraud does not come to light unless the owner of the stolen details notices the unusual transactions on their card account and complains. The fraudster is guaranteed at least a month between topping up the phone and the fraud being detected. Once alerted, Cellnet can only prevent such phones from making calls, but not from receiving them. It has no way of locating the phone's user, so that passing details of the fraud on to the police is effectively useless.

Cellnet admitted to The Independent that the flaws exist but said it is introducing new security measures to try to reduce them "in the next couple of months".

But it is understood to be facing a growing number of fraudulent uses of its prepaid phones, launched only last July. At least 100 false claims have been made - though there may be many hundreds more. If somebody owns a Cellnet prepaid phone, they would be less likely to notice a fraudulent charge on their account.

Among those who did notice the fraud is Steve Pardoe, a company director in an electronics firm based in Cheshire, whose credit card was used fraudulently to top up a Cellnet prepaid phone. He said: "I found a charge of pounds 50 on my credit card bill against Cellnet in Slough. When I called to query it, I was told it was for telecoms services. I explained that I didn't have a Cellnet phone, and they said it would be somebody `topping up' a prepaid phone." The money was refunded against his card.

Prepaid mobile phone have proved enormously popular with buyers. The four networks - Cellnet, Vodafone, Orange and One2One - all offer them, and in total have sold almost three million. The advantage to buyers is the prepaid phones do not require a contract - meaning that users avoid costly lock-in clauses, which proved unpopular with many of the early contracts. Instead, the customer buys the phone, usually for about pounds 100, with a certain number of prepaid airtime minutes, which can be used immediately. Once these have gone, the owner can "buy" new minutes with a credit card from a shop or, on some networks, over the phone.

But while the other networks have put safeguards, such as name and address checks, in place, Cellnet has streamlined its system so far that no human intervention is required, and users can top up their phones using only the keypad. This means no basic checks are made.

A Cellnet spokesman said: "There is a small level of fraud occurring with top-up phones. But we feel that with these phones we have a marriage between a high level of security and ease of use for the customer. We understand that when somebody finds that their card has been wrongly used they can be reimbursed." The security measures to be introduced are the result of new technologies that were not available to Cellnet when the handsets were launched.

Mr Pardoe has complained to the telecoms watchdog, Oftel. He said: "I think Cellnet has decided that the downside to it is very small. Effectively, the airtime doesn't cost it anything to provide; so when it has to repay the money to the credit card company, there's no real loss of a physical object. Cellnet has had a free loan. The people who lose out are those whose credit card details are stolen and charged."