Wireless manhunt, New technologies have criminals on the run

As the wireless industry has grown, a new criminal industry has grown along with it: wireless fraud. But fraudsters are now finding themselves on the defensive, a role reversal in a battle that has witnessed the companies whose services are being stolen simply trying to plug holes in the dike.

Wireless companies lost $650 million to wireless fraud in 1995, according to the Cellular Telecommunications Industry Association. The most costly is cloning, followed by subscription fraud. But new technologies are stamping out cloning fraud, and as more thieves turn to subscription fraud, the industry is attacking them there as well.

For companies offering digital service, cloning fraud is a far smaller concern because of digital's inherently more secure signal. But for analog providers, stopping clone calls before charges are incurred is a new feature. New technology allows them to use each handset's unique radio-frequency "fingerprint" as an identifier. If a call comes through from a phone with a legitimate number and electronic serial number but the RF fingerprint isn't a match, the call is killed.

Wireless companies have been using profiling systems for some time to detect fraud. These systems note customers' calling patterns and flag any unusual activity. They also flag unusually long calls and calls to overseas locations. But many companies are adding prevention methods such as fingerprinting to these systems.

Palmer Wireless of Fort Lauderdale, Fla., is currently evaluating systems to augment its profiling operation. "There is no way anyone could survive with just profiling," said Jason Mical, fraud analyst for Palmer. "It's reactive instead of preventive.

Palmer, which provides both analog and digital services, wants to be sure it can continue to serve its analog customers, Mical said. "Analog has been out there a long time. It's going to take a long time for everyone to migrate to digital," he said.

Even though digital is inherently more secure, companies are adding authentication codes - encrypted codes that phones and base stations must receive and decode - to further thwart cloning. By eliminating cloned calls, those responsible for fraud prevention can use their profiling systems to paint a picture of fraudulent activity that can lead to busting a fraudster or a fraud ring.

The CTIA has taken an aggressive stance in prosecuting fraudsters as well. The association has led efforts to add "wireless jargon," as CTIA Director of Fraud Management Tom McClure puts it, to federal and state statutes dealing with fraudulent activities. The CTIA also has developed educational programs to help law enforcement agencies at all levels pursue and prosecute wireless fraud cases.

Wireless companies will benefit from a customer relations standpoint by detecting and killing clone calls immediately, said Ira Brodsky, president of Datacomm Research in Wilmette, Ill. With profiling methods, shutting down those numbers is often the only way to stop the fraud quickly.

"If you shut down a number, you've got to go back to the legitimate subscriber and tell them, and they've likely already got business cards printed with that number on them," he said. But, with fingerprinting for analog or challenge-response for digital, "you could shut down a bad phone and assume you're not killing the customer.

Personal identification numbers have helped tremendously in that area, McClure said. Rather than changing a cloned number, providers simply assign the legitimate user a new PIN. And as fingerprinting and authentication become more prevalent, cloning fraud prevention will become even more transparent to customers.

"We've got the cloner on the run," he said. "He's frustrated just like our customers were five or six years ago.

To combat subscription fraud, many companies are implementing computer systems that process applications for service in real time, verifying personal data as a computer operator enters it. Links to various databases allow immediate verification of addresses, social security numbers and credit information.

ACCESS POINT POINTS TO ORYX Enhanced services provider Access Point has selected Priority Call Management's Oryx platform for its nationwide one-number offering. The system is scalable and enables a variety of services, including calling cards and enhanced messaging applications.

CELLULAR PLUS GOES CDMA Motorola's Cellular Infrastructure Group has secured a contract from Cellular Plus to add a code division multiple access system to the carrier's network in Georgia. Motorola will supply SC 2450 base stations and the EMX 5000 switch.

CARRIERS LINE UP BEHIND HDML Several wireless network operators are supporting the hand-held device markup language developed by Unwired Planet. AT&T Wireless, Rogers Cantel of Canada, Telia of Sweden and New Zealand Telecom are all backing the standard, which allows wireless access to e-mail, the Internet and intranets from specially equipped handsets.