The Telecom, supplement to Kommersant publishes comments made by lawyer Andrey Mikonin to an article titled Confidence Gaming by Correspondence and to an article titled Operators Defended Their Subscribers

26 February 2010

Confidence gaming by correspondence

In Russia a business model involving micropayments via sms messages sent on short numbers with premium rate service, turned into organised legalisation of fraudulent gains. The cheating scheme is simple — payments are collected by promoting diverse confidence games, quasi-services, and sometimes just by directly cheating gullible cellular data users. High money is concerned: according to AC&M Consulting, the annual volume of fraudulent operations with the SMS payments is $50 million. Telecom decided to sort out to whom does the money go.

Every SMS-message helps

The cheating scheme aimed at earning illegal income out of micropayments is simple and transparent, it is also beneficial to all participants of the chain, apart from the subscriber. The gist of it is as follows: the content provider launches a partner program which allows registration of any person willing to derive profit from SMS traffic. A specific code is assigned to a partner which is used for identify the latter: should someone send a message with this code to the short number of the content provider, the latter shall charge the respective partner for a sum of money as a part of this message worth; as a rule, within the range of 50-70 %. The rest of money shall be partitioned between mobile network operator and the content provider.

The code received shall be used by the so-called partners of content-providers to accept payments for diverse goods and services —in almost 100 per cent of cases it means access to some information (the technology enables the subscriber who has sent an SMS message to send a reply message with a preset text — e. g., a link or a password to access a web site or to download some content). The partner’s task is to maximize their SMS traffic and, accordingly, to maximize their income. Such profit deriving scheme was adapted by swindlers as well— they register in partner programs with maximum sms price (about 300 roubles) and, as in any confidence game, entice victims with some very attractive services at a low price or free of charge.

There are loads of "baits" used to decoy unsuspecting users, inventors of such baits never lack imagination, you have to hand it to them: it may be a program, allegedly allowing you to read other people’s sms or to discover location of any subscriber using his phone number, or "transforming" phone camera into an x-ray device, to show you people in the altogether, or a banal "Trojan horse" which disables your PC and requires to send an SMS to enable it. "Free ICQ clients for cell phones" are actually programs which keep sending SMS to premium-numbers until the account is completely zeroed, while online IQ tests or "Date of Death calculators", should your answer to all the questions, shall require to send an SMS, to know the result of tests. This being said in response to the first message they often ask to send the second, then the third one.

The main confidence trick used by swindlers is to inform subscribers that they may send message free of charge, however, it is just a flagrant deceit, that is why they more often let people know that the services cost as little as 5 or 10 roubles. At the same time they will footnote in mouseprint that the above sum will be charged for one-day provision of services, and that they require that payment for the quasi-service be made 6 months in advance. Interestingly, it would be impossible to institute criminal proceedings against organizers of confidence games: as a rule, they would publish "Service provisioning rules" including a remark about "mock service" and a notice that they will not guarantee that the service essence shall meet subcribers' expectations. That is, supposedly, a clever person should understand that mobile operator has quite officially warned that his money shall be wasted, and that he shouldn’t complain having foolishly sent an SMS message— there is no use crying over spilt milk!

From the psychological point of view it’s a clever trick – hardly anybody wishes to declare himself fooled. So, according to Mobilnye telesystemy (MTS) OJSC, the number of complaints against swindlers makes only 0.02 % of the total number of orders for mobile content. Obviously, that is the reason for success of such “business”: the annual share of fraudulent services in the total volume of content provision makes 16 % or 109 million roubles in monetary terms, according to MTS, and $50 million — according to AC&M Consulting. “We are researching the market, so we are aware of approximate volume of profit derived by Aggregators out of such services, as SMS interceptors, gsm- position-finder and pseudo-antiviruses. On a conservative estimate, prior to the MTS company toughened their requirements to partners, the total daily turnover of fraudulent services in the market could reach 3-4 million roubles,” said Sergey Tulaev, the Director General of Planet3 (i-Free group of companies). This being said, 34 % cases of fraud involve misleading information about the price of a particular service, 16 % — multiple charging (subscribers have to send multiple messages instead of one); only 5% cases of fraud fall on viruses and nonexistent services such as an X-ray camera.

To whom does the money go

During the VI Mobile VAS Conference which was held at the past year-end, Kirill Petrov, the managing director of content provider i-Free listed 7 key players in the micropayments market: i-Free, А1 Agregator, ZED, IncoreMedia, Plastic Vedia, Neva-Line, Smsonline. Actually, it is these companies that aggregate the lion's share of payments via SMS. According to presentation (available to Ъ), prepared for a mobile operator, the heavyweight of SMS fraud is the Mediaholding Pervy Alternativny: it comprises Content Provider Pervy Alternativny, "А1 Agregator", А1 Systems, One Agile. According to the data from this presentation (see diagrams below), 30 % of cheated subscribers fall on this media holding. Dmitry Tsedrik, the managing director of Mediaholding Pervy Alternativny has informed a correspondent of "Ъ" that "should the fact of illegal actions of a partner be confirmed by the data available to operator or on demand of security agencies, the А1 Agregator company (a content provider being a part of Mediaholding Pervy Alternativny. —"Ъ") shall cease to cooperate with this company and suspend partner payments". However, there is a notice on the company site, regarding penalties up to complete nonpayment of accrued amounts, therefore one may assume that existence of numerous confidence games is first of all profitable for the content provider who shall use the collected funds for his own benefit rather than to further reimburse the subscribers. The employees of the “Pervy Alternativny” preferred not to answer to a direct question posed by Telecom about whether they indemnify the cheated subscribers, and if they do, what are the amounts of payment.

Interestingly, the mobile operator also derives profit from fraudulent schemes. For instance, the representatives of the MTS company have informed us that based on subscribers’ complaints about fraudulent or incorrectly rendered services the provider is penalised for an amount equal to 9 % -90 % of the aggregate profit derived using the short number specified in complaints. As a result, providers were fined for 36.6 million roubles in 2009. We don’t know how much money out of this amount was returned to subscribers, however, it’s easy to calculate that even should all of 0,02 % of complaints pertain to "confidence games", subscribers were compensated for no more than 7 320 roubles.

"Of course, unfair aggregators cash in on fraud, and frequently even do it twice, capitalizing on commission and on penalty. Since until quite recently the risk to be fined by operator incurred by aggregator was a minimum one, as a rule, the penalty of the client turned a profit to aggregator. Penalties introduced by MTS, can change this situation— certainly, only in the event that they will be regular," said Mister Tulaev. "In 2007 there was a precedent when experts of Laboratoriya Kasperskogo announced that they discovered a new Trojan horse program for smart phones and last generation phones. The virus had the following harmful effect: being installed on a phone, the virus started automatic sending of text messages on short service number 1055 which belonged to our company. We have returned all wasted funds to aggrieved subscribers. However, from a lawyer’s point of view, it is mobile operator who must return the funds, since the Service Provision Agreement was made by and between operator and subscriber. Certainly, money shall be refunded, but if it is operator who returns the money, it simply shall take more time," said Anna Chesnova, the chief executive officer of Zed Russia (Mobikon CJSC).

Fighting a losing battle

It is fair to say that operators and content providers all the same combat against fraudulent activity in the area of mobile communication. For instance, the MTS company launched the “Infokontent” service in the context of which the subscriber can independently receive data concerning the cost of content SMS/MMS-numbers, and also concerning contact phone numbers of provider’s Helpdesk. In November, 2009 there were 35 000 inquiries for the Infokontent service, the mobile operator estimates the number of prevented claims as 5.5 thousand. They also introduces an automatic subscriber notifier on the cost of services (Advice Of Charge — AoS): in response to an inquiry for the content service a message with information concerning the cost of inquiry to the given short number shall be sent to the subscriber, the latter must confirm ordering of the service. It allows to decrease the number of complaints by 90 %, but may simultaneously result in decrease of profit on the given short number by 70 %. Megafon OJSC plans to launch similar services for their subscribers in this March. “Should complaints from subscribers arise, a short number shall be put on monitoring, and, upon revealing the facts of fraud no bonus shall be paid to the content provider. In some cases money shall be refunded to subscribers,” said representatives of Megafon.

In prospect MTS considers formation of providers black lists; it should considerably complicate reconnection of blocked swindlers via other content aggregators. However, MTS believes that the main method of combat against fraud is provision of information to the public: to eliminate confidence games you should first educate the easy marks". The Beeline company agrees with this statement: since April, 2008 they launched the special program “Mobilnaya gramotnost (Mobile literacy). It is a social initiative of the Beeline company aimed at solving to a problem of fraud, arising from mobile communication services. In the context of this program they launched a “competent mobile answering device”, it enables the subscribers to learn about all the existing methods of mobile fraud and how shall a subscriber behave should they be cheated. This service is rendered to subscribers of Beeline in all the regions of Russia, the number to call is 068044.

The main method to be used by aggregators to combat against unfair services is to refuse to cooperate with private persons. The main reason is that no legal measures are actually applicable to private persons rendering unfair services on aggregator’s numbers. The second method is monitoring. Only a careful monitoring of all the concerned market players and prompt notification of operators about rendering of fraudulent services on a phone number or resource may have some effect. Besides, an aggregator should carry out inside monitoring of its partners. Penal sanctions applied to aggregators whose numbers are used to provide fraudulent services should also be toughened. For instance, in Ukraine such services are less widespread because penalties for rendering them severe enough to prevent swindlers from launching such," commented Madam Chesnova.

At the moment there is only one effective method of combat against swindlers— to penalize by financial sanctions the aggregators which provide their short numbers for micropayments. Only a regulator (mobile operator who shall penalize unfair participants of the market) may really influence the current situation. Such measure was taken in the end of January by the MTS company which fined several aggregators, and everybody evidenced that this measure is very effective. Unfortunately, any other methods are ineffective today. The majority of aggregators cannot but yield to temptation to cash in on doubtful services, that’s why "punitive measures" are quite justified in this case," believes Mister Tulaev.

According to Andrey Mikonin, the lawyer of the S&K Vertikal law firm, SMS services shall be considered fraudulent actions only should the funds written off the account exceed the amount declared in the advertising ad of this service, or should the promised service (information) be not provided to the user. In each specific case, the presence or absence of cheating (fraud) shall be established by competent agencies, by the court. "This being said, mobile operators are not authorized to control the content of messages sent by their subscribers, therefore there is no way to hold an operator liable," said Mister Mikonin. According to him, since the amount of money stolen by swindlers are always insignificant, the rights (of subscribers) may be efficiently protected by filing collective claim to supervising and/or law enforcement agencies. At the same time, the governmental agencies cannot by acknowledge (accept) such claims." A claims accompanied by necessary evidence, including an account statement, copies of advertising ads of the service concerned etc. other, may always be forwarded to the governmental agency by mail with the enclosure list, be stated in a telegram, handed over in written form as an independently prepared document, having specified that the incurred damage is significant for you and your rights were infringed," summarises mister Mikonin.

The supplement (St.-Petersburg) no. 33 (4333) of February, 26, 2010.

Operators defended their subscribers

This February the St.-Petersburg Prosecutor’s Office has made submission to management of North-West branch of Megafon and the St.-Petersburg branch of Mobilnye Telesystemy (MTS) OJSC in connection with discovered infringements of the law on enforcement procedure. Operators denied bailiffs access to private information on subscribers which are debtors on enforcement procedures.

In the end of 2009 department of the Federal Bailiff Service (UFSSP) has asked St. Petersburg chief prosecutor Sergei Zaitsev to make out whether the mobile operators refusal to cooperate with bailiffs is legal or not. Operators decided not to disclose their information on "debtors" to UFSSP. Among other things, they decided not to supply department employees with phone numbers of citizens of interest to the bailiffs, and not to inform them of details of respective telephone accounts, etc. Employees of the UFSSP informed us that private information is only necessary to inform the debtors on problems they will face. However, according to Vadim Dmitriev, the deputy chief bailiff of St.-Petersburg, in case of the beginning of partnership with mobile operators, bailiffs would also like to write off money from mobile accounts of debtors." The law on enforcement procedure has vested bailiffs with right to levy execution upon any property rights of debtors. Relationships between such people and mobile operators fall under a category of property rights, therefore, we may levy execution upon these funds,” believes Mister Dmitriev.

For their part, operators believe, that the federal law “On private information” prevents them from co-operation with bailiffs. In accordance with the applicable legislation, phone numbers and details of telephone accounts of subscribers are private information. Security officials may get access to this information in the context of operational and search activity (ОRD), but the bailiff service is not an agency involved in operational investigation activities.

Actions of the Prosecutor’s Office didn’t affect the attitude of mobile operators. For instance, employees of the MTS press-service declared that the Prosecutor’s Office isn’t authorized to obligate operators to disclose information on their subscribers to the order of the UFSSP. "Only the court can oblige an operator to disclose information. In Some regions of Russia such disputes have already been resolved to the benefit of mobile operators, for example, there were judgments in favour of the MTS company in the regions of Siberia and the Far East,” said representatives of the MTS. Moreover, the operator press-service has quoted series of judgments to ban collection of funds from the user's account. In April, 2009 the MTS company has successfully defended the subscriber’s account from bailiffs in the Supreme court of Kareliya. The judicial assembly specified that funds shall become the property of operator since the money is transferred by subscriber to the operator, while the subscriber is only entitled to demand the service to be rendered or the money to be refunded. In the beginning of November, 2009 the MTS company has won a similar suit in Petrozavodsk. The court rendered a judgment that by making an advance payment the subscriber acquires a property right, i.e. he can require an operator either to provide communication services subject to the contract, or to return the funds if the above service are not provided." As reported the company press-service, “Judgments in favour of MTS have been delivered also in Khabarovsk, Stavropol, the Altay territory and many other regions".

Interestingly, as opposed to competitors, Tele2 avowed their cooperation with bailiffs. "TELE2 St.-Petersburg has respect for activity of the bailiff service and realizes the importance of their functions. At the same time we believe that bailiffs should act within legal framework. State agencies are entitled to request information within the context of tasks imposed on them. The TELE2 St.-Petersburg company co-operates with bailiffs service in the context of the current legislation, taking into account specificity of the statutory acts which regulate rendering of mobile services. More recently the TELE2 St.-Petersburg company didn’t receive public prosecutor's submissions concerning disclosure of information,» said representatives of the operator’s press-service.

Lawyers believe that mobile operators have the right to protect private information on their subscribers. "Information about a citizen, including his private information and data on his settlements with mobile operator are considered secret data protected by constitution, and the right of such secrecy is detailed in the communication law. The applicable legislation does not explicitly authorize a bailiff to access such secret data, and the existing general powers to get information cannot be given extended interpretation aimed at overcoming of constitutional provisions. That’s how the conflict of laws is construed, especially by arbitration courts,” said Andrey Mikonin, lawyer of the law firm S&K Vertical. According to him, should information on a citizen as subscriber and on his settlements with respective mobile operator nevertheless be disclosed to the bailiff (for instance, via law-enforcement agencies or the said citizen), such data shall hardly be used to satisfy the rights of recoverer. A mobile operator is not a bank, it does not possess subscribers’ money, and all they have is an obligation to render communication services or to return advance payment on request made by subscriber, and not by recoverer or bailiff. No funds can be "written off" the subscriber’s account by recoverer or bailiff,” summarizes Mister Mikonin.

Telecommunication analysts believe that conflicts between bailiffs, the Prosecutor’s Office and mobile operators arise out of imperfect branch law. Claims advanced by bailiffs are another manifest in the fact that branch law should be corrected. The most logical way is to cease asking people to indicate their passport details when offering start prepaid mobile packages. This norm is not strictly observed all the same. By the way some providers, without waiting changes of the branch legislation, started to render communication service “without asking for passport details”, said Jury Brukvin, the Director General of analysis agency "Rustelecom". Denis Kuskov, the Director of information analysis agency Nedelya Sotovykh Tekhnology agreed with his colleague." To enable the bailiff service to receive information from mobile operators, it is necessary to amend the current legislation, and in the meantime I support operators referring to the law "On communication". Subject to the said law subscribers data are confidential information so they may be disclosed to the limited public agencies, and the UFSSP isn’t among these agencies yet,” believes the analyst.

The supplement (St.-Petersburg) no. 33 (4333) of February, 26, 2010.

Back to the list