the 33700 project : a global program to fight mobile spam
Post on 13-Jan-2015
1.197 Views
Preview:
DESCRIPTION
TRANSCRIPT
GSMA Seminar:
Collaborating to Overcome Mobile Spam Threats
« The 33700 Project »:
A global program to fight mobile spam
based on a strong regional collaboration
February, 27th 2012
The 33700 project: Context of the launch
Raise in the number of complaints made by mobile clients and associations of customers on SMS spamming activities
SMS spams received by government officials SMS spams having harmful effects on the image of telecom operators
Official demand by public authorities to implement a solution, with a threat to take regulatory actions, if the action were not deemed efficient and satisfying => highly sensitive, politically speaking
Decision by the French Federation of telecommunications (FFTelecoms) to create a simple and seamless process, based on self-regulation: gathering fixed and mobile operators, allowing customers to report every SMS they consider improper through a unique
5-digit number easy to memorize : 33700 targeting non-compliant service providers’ wallet, hence their business model
2
The 33700 project: The scope
3
Covering all MNOs and MVNOs members of FFTelecoms – hence all their mobile clients:
Reports are forwarded every night to:
- MNOs whose clients have reported a spam (either directly, or through clients of MVNOs)
- surcharged number operators that run target numbers
Reporting made free of charge for all the clients of the FFTelecoms members (MNOs and MVNOs):
Free reporting for all pre-paid and post-paid offers
MNO members of the Federation:
MVNO members of the Federation:
The 33700 project: A definition of SMS spams
4
First step: agreeing on a common definition of “SMS spams”*, i.e.:
unwanted messages,
reported as such by mobile clients,
including “target numbers” (premium short codes / surcharged voice numbers) to be called back**
* cf. details in annexes
** cf. “Glossary of terms” in annexes
The 33700 project: The reporting in a nutshell
5
Service provider
1 SMS sent by a service provider (fraudster when it is a spam)
2 Incriminated SMS forwarded by the client to 33700 - free of charge
3 Acknowledgment message by 33700 including a request to forward the sender’s number
4 Number of the sender sent by the customer (for a “complete report”) – free of charge
5 All incriminated messages sent to mobile and fixed operators (daily)
6 Analysis of the messages by the operators involved and implementation of countermeasures in case of infringement
Operator
6
Automatic daily forward to: mobile operators whose clients have reported SMS spams
operators of surcharged number (voice/short code) whose numbers have been reported as target numbers
Analysis of the contents of the reported SMS: dispatching to the departments
involved “classification phase”, i.e. reviewing the
contents with the contracts signed as well as the deontological rules implemented
WG in charge of the coordination
Transmission of the most fraudulent cases to public authorities
Actions taken against non-compliant service providers: official warnings numbers shut down financial penalties
The 33700 project: “Behind the scheme”1
2
34
5
6
Outcomes of reports and actions
7
Qualitative evolution of messages considered as spams: Persistence of « Hi, it’s me… » messages Recent appearance of new forms of messages “Following your agreement, please call
back…” or “As agreed, please call back at the following number…” Adaptation of the messages to the period of the year (e.g.: Xmas, New Year’s Eve, joint press
conferences of the Federation,…)
A highly useful tool including an observatory function in order to adapt to incredibly nimble non-compliant service providers
Transfer of fraudulent traffic by fraudsters from one operator to another: Traffic deviation recorded through the statistical tool developed by the 33700 platform Global campaign implemented by the Federation for its members in order to deter fraudsters
from transferring their traffic to other operators Smaller operators warned and appropriate actions taken
Blocking the marketing diversification clearly identified: Common actions impacted the “wallet” of the biggest non-compliant service providers Decision made to diversify their activities according to a basically rationale market logic Hence the actions taken by the Federation against vocal spams
8
Diversifications in vocal spams…on both sides
Vocal spam frauds consist in making a client call back a surcharged number by different methods: Making a client’s phone ring once or twice (not more) to suggest him/her to call back the
missed number which is a surcharged one Leaving a non-complete or sometimes complete vocal message on a voicemail box to suggest
him/her to call back the missed number which is a surcharged one
June 2010: Decision to open-up the reporting platform to this growing type of fraud because of the diversification process by non-compliant service providers
With a reporting process adapted (only one SMS to be sent to report) nevertheless using the same classification phase and resorting to the same countermeasures within FFTelecoms
Cooperation to fight fraudulent traffic deviations
9
October November December January February March April May June
% Fixed operator 1 64 56 75 86 50 33 32 18 18
% Fixed operator 2 31 36 22 11 19 17 15 23 23
% Fixed operator 3 3 5 1 0 21 25 1 1 4
% Fixed operator 4 0 1 1 0 2 17 39 43 25
% Fixed operator 5 0 0 1 1 4 3 2 5 21?
Consequences of direct actions taken within the 33700 WG
Fraudulent traffic deviations observed
Strong partnerships with public authorities
10
Dedicated police Dpt.
Possibility of action: new provisions aiming at fighting against non-compliant service providers through the new European legal framework now transposed into French lawOngoing reflections within the industry
Possibility of action: actions taken against non-compliant service providers for fraudCriminal actions launched to get maximum media coverage of potential convictions
Possibility of action: two-fold1. Exerting administrative police powers through sectorial investigations2. Investigating on “unfair commercial practices”(updated provisions in the new Consumption Code)
Nationalregulatory body
National Dpt. for fair competition and fight against fraud-abuse
ARCEP
OCLCTIC
DGCCRF
Assessment of the 33700 global program
11
Success of the 33700 scheme confirmed by the quantity and the quality of the reporting made by clients (on SMS and vocal spams):
On Jan. 31st: more than 3 million SMS spam reports
with a rate of « complete reports » higher than 70%
More than 2,000,000 of them identified as SMS spams with a “target number”
On Jan. 31st: around 88,000 vocal spam reports
Very strong commitment of the operators of the Federation to take legal and financial actions based on these reports (on Jan. 31st): More than dozens of official warnings sent to non-compliant service providers identified
through the classification phase – every month
More than 1,544 numbers shut down (both sender numbers and target numbers)
Dozens of contract terminations decided for the worst situations
Caution: Every action taken deals with several hundreds of reports, even thousands of them, for the most significant cases.
Achievement of the basic objectives measurable through simple figures: Fewer and fewer clients call identified target numbers
Some clearly identified non-compliant service providers encounter financial difficulties
Caution: Frauds are less interesting, financially speaking, but the spamming phenomenon still exists since clients keep on being annoyed.
2009
/08
2009
/10
2009
/12
2010
/02
2010
/04
2010
/06
2010
/08
2010
/10
2010
/12
2011
/02
2011
/04
2011
/06
2011
/08
2011
/10
2011
/12
0
20
40
60
80
100
%Fixed operator member of FFTelecoms#1 %Fixed operator not member of FFTelecoms
%Fixed operator member of FFTelecoms#2 %Fixed operator member of FFTelecoms#3
Free riding behaviors calling for an even stronger collaboration
12
Market shares of fixed operators managing target numbers reported to the 33700 PF
Next steps based on stronger collaborations
13
Downstream
Shutting down SIM cards which are fraudulently used to send SMS spams
Putting a stronger pressure on non-compliant operators through legal & sectorial actions
Upstream
Recent creation of the association « SVA+ » gathering both operators of surcharged numbers
and service providers around new commonly agreed deontological rules
The 33700 project:Actions & coordination potentially exportable?
14
The French initiative: real innovation through coordination and action=> An efficient, cost-effective, user-friendly model to be exported?
1 2 3
A common reporting platform
- Contracts between operators and service providers
- A blessing of the scheme by antitrust authorities
A local coordination cellfixed/mobile operators
A local stronglegal framework
WWW.fftelecoms.org
Thank you for your attention!
ANNEXES
The 33700 project: Which SMS to be addressed?
17
Personal message
Desired commercial message(opt-in)
Undesired but useful message/service
Undesired message/service
clientspreviously
subscribed to
Inappropriate and non desired
message/service
Scams, frauds
33700
18
The 33700 project: Key dates
October 21st 2008: Joint press conference (French minister in charge of consumption and industry / French Federation of Telecoms) to announce the launch of the 33700 program and officially promote it
November 15th 2008: Official launch of 33700 (dedicated number + platform)
January 1st 2009: Creation of the information website www.33700-spam-sms.fr
February 3rd 2009: 1st assessment of this innovative global scheme
June 21st 2010: Joint press conference of the Federation and of the concerned ministries to announce the opening-up of the platform to vocal spams reporting
November 2010: More than one million SMS spams reported
February 2011: more than 1,000 fraudulent target numbers shut down
September 2011: More than 2 million SMS spams reported
Surcharged services: A complex value chain
19
Spammed final user
Fixed or mobile local
loop operator
Transit operator (optional)
AggregatorsService
provider (optional)
Final user
Service provider
Wholesale contractsForeign or French mobile operator
Service provider /
Finaluser
SMS+ service
provider
Step 1 – the non-compliant service providers sends a SMS through wholesale contracts:
Step 2 – the client dials a target number which is a surcharged one:
Step 2bis – the client dials a premium SMS short code:
Mobile local loop
operatorFinal user
Different channels for premium numbers
SIM cardswith unlimited plan
SENDING NUMBER
Premium SMSshort codes
Wholesaleplatforms
TARGET NUMBER
Replying through aPremium SMS
short code (SMS+)
Calling a surcharged fixed number
20
The 33700 platform: A sample of report files
21
Time Content of the reported spamSender number
Sending number
Target number
MNO
Example of a SMS spamming campaign
Examples of most reported SMS spams
22
1. Messages asking for a call-back:
- You have 3 video messages on our interactive service. To get them, send READ by SMS at the 8XXXX (3€+1SMS)
- You have 1 multimedia message not read. To view it, send OK by SMS at 8XXXX (4.5€+1SMS)
- ANNE has just left a vocal message. To get it and reply, call 0899XXXXXX message code XXXX
2. Interpersonal messages: “Hi, it’s me…” and their numerous variations:
- Hi, it’s me !I’m still waiting for your call. I hate when you don’t call back. Gimme a call at 0899XXXXXX
- It’s boring to send you an SMS you don’t answer! Call 0899XXXXXX code 84XXX and listen to my message, you will understand why I am so insistent.
- You don’t pay attention to my messages even when I am insisting! You could at least listen to this message. Call 0899XXXXXX code 84XXX I’ll explain you why I’m so insistent. 1.35€+0.34€/mn
- Someone is thinking about you but hesitates to make the first move. To know his/her identity and talk in live with our medium, send OK to 82XXX (1.5€+1SMS)
3. Games and prizes:
You have been chosen at random at 9.56 AM and won the check n°409248! Call the 0899XXXXXX to know the exact amount and to cash! Thank you ! (1.35€+0,34mn)
4. And few pornographic messages…
Assessment of the 33700 scheme:Number of monthly reports of SMS spams
23
2008
/11
2009
/01
2009
/03
2009
/05
2009
/07
2009
/09
2009
/11
2010
/01
2010
/03
2010
/05
2010
/07
2010
/09
2010
/11
2011
/01
2011
/03
2011
/05
2011
/07
2011
/09
2011
/11
0
100000
200000
300000
400000
Assessment of the 33700 scheme:Number of monthly reports of vocal spams
24
juin
-10
juil-
10
aout
-10
sept
-10
oct-
10
nov-
10
déc-
10
janv
-11
févr
-11
mar
s-11
avr-
11
mai
-11
juin
-11
juil-
11
août
-11
sept
-11
oct-
11
nov-
11
déc-
11
0
4000
8000
12000
16000
20000
Glossary of terms (1/2)
25
Sender numberPhone number sending the message to the consumer.This number is not transferred when the consumer sends his first message to 33.700, but when the second one is sent.
Personal number
The service provider opens a phone line with a mass-market service mobile contract (mainly pre-paid services), offering unlimited SMS offers.Sending commercial SMS in large volume through this service is illegal.
WholesaleSMS number
International number
5-digit number opened by a service provider for each French mobile operator with a SMS wholesale/inter-carrier contract.
Number opened by a service provider for a foreign mobile operator with a wholesale SMS contract.
Premium SMSshort code
5-digit number which enables service providers to offer SMS services (aka “SMS+”). With SMS+ services, only a sender’s alias is transferred to the service provider.
Glossary of terms (2/2)
Surchargedvoice number
Number coming from the public numbering plan, dedicated to voice services only, charged at a premium rate above personal numbers.
Sent throughMSISDN
Sent through alias
Target number
SMS sent when the service provider has due access to the consumer number.
When an SMS premium service is used by the consumer: The mobile operator provides a user ID (aka “alias”) instead of the client mobile number, which is never transferred to the service provider. This alias is given for 3 months only.
Surcharged number inside the SMS spam that the consumer is asked to dial.
26
The 33700 project: The information website
27
www.33700-spam-sms.fr
Þ Possibility to report on-line through the official websites of mobile operators
top related