Reverse charge premium rate SMS sign-up theories and opinion

Premium rate SMSOver the years, people have complained about getting signed up to premium rate SMS services without their consent.  These text messages involve a reverse charge, typically €2.50 per SMS received for a 57xxx or 59xxx number.

I have checked over various complaints reported on the discussion forum.  One thing is very clear – Premium rate SMS services in Ireland are badly implemented (unlike collect calls), leaving them open for abuse. 

First, let’s look at a few theories of how people are being signed up.  It is also to the mobile operator’s benefit as they receive a slice of each charge.  No Irish operator offers to block premium rate SMS services, unlike in the UK.

Signing up without confirming by text

Going by user feedback, users can sign up to premium rate SMS services by just supplying their number to a premium rate provider.  In this example, a user entered a mobile number into a dubious competition.  This type of service periodically sends a series of reverse charge SMS messages to the number for each draw.  The user claims to have never responded to any text or clicked any link within any received text.

The problem here is that is possible to sign up anybody to such a service without their consent.  For example, if a user intentionally supplies someone else’s number to one of these services, the owner of that number would be signed up.  Similarly, a mistyped mobile number can lead to the owner of the mistyped number being signed up, left to wonder how they got signed up.

In-app ad sending the SIM phone number

Some apps require permission to access the user’s accounts or Telephone, such as to allow in-app purchases, pause/silence audio during calls and so on.  The Telephone permission also provides the app with the SIM phone number.  As many apps generate revenue through in-app advertising and pop-ups, these in-app ads may be able to retrieve the SIM number from the app.

If the ad has access to the phone number, it can promote premium rate services where the user just needs to touch the ad to sign up.  Rogue advertisers or apps that involve click-fraud could end up doing this automatically without the user ever seeing the ad.  In this case, the premium rate service provider will no doubt claim that the user manually entered their mobile number, not realising that click-fraud was involved.

Dubious SMS received with a link

When a service sends out text messages to mobile numbers, it can include a unique link in every text message it sends out.  With scam SMS messages, they can read something like “You have 1 new photo message, click http://xxxx/ to view.”  Spammers can harvest mobile numbers from malicious apps reading user’s contact lists or generate them randomly.

If a user clicks a link in the text message, the online service can look up which mobile number that unique link was sent to.

App sending the original SIM number

If a user ports their mobile number, their SIM-supplied phone number (if present) with the new operator will be deactivated and replaced with their ported number.  The original SIM supplied number will generally end up being recycled, however, the user’s SIM will still report the original number to any app that requests it.  If an app picks up this original SIM number and signs it up to a premium rate service provider (e.g. user touches an ad prepopulated with the number), the unlucky victim who ends up with the recycled number will be signed up.

This is an example where a new Tesco SIM was already signed up to a premium rate SMS service.

Phone number supplied by mobile operator

When a phone or 3G/4G enabled tablet makes a data connection, the mobile operator assigns it a unique IP address within its network.  Generally, Internet services cannot identify individual devices on the mobile network due to mobile operators using a carrier grate NAT.  This NAT translates these private IP addresses into routable public IP addresses.

A mobile operator’s NAT router can map each IP address to its corresponding phone number that accesses specified links.  Subject to an agreement with a web service, it can supply this number in headers or log it for later reporting.  Mobile operators already cross-check IP addresses against phone numbers such as to block certain phone numbers from accessing adult services.  Meteor does this to provide unmetered access to YouTube and social media services to the applicable customers.

How should premium rate SMS services be implemented?

Let’s first look at how collect telephone calls and COD postal services work.

Which a user receives a collect telephone call, an operator will ask the user whether to accept the collect call before connecting.  If the user chooses not to proceed, the call is disconnected and there is no resulting charge.  Similarly, if a parcel arrives with COD charge, the user can choose to either refuse the package or pay the COD charge to receive the package.

Personally, the same method should be applied to reverse charge SMS services.

Mobile operators could easily implement this:

  1. When one or more reverse charge SMS texts arrive, the mobile operator temporarily holds the messages and sends the user a notification text.
  2. The user receives a notification text like ‘You have (#) new reverse charge messages from 57xxx.  Respond with ‘ACCEPT’ by DD/MM/YYY to receive these messages.  Total cost to receive: €#.##.’
  3. If the user replies with ‘ACCEPT’, the mobile operator delivers the messages and charges the user the associated reverse charge cost.
  4. If the user does not respond within the specified time, the messages are deleted and no commission is passed to the premium rate operator.
  5. If these messages are part of a subscription service and the user responds with ‘STOP’, these held messages are deleted immediately.  No further commission is passed to the premium rate operator.

Advantages for the user:

  1. If their number is signed up to a premium rate service either as a once off charge or a subscription without the user’s consent, they can refuse to receive the messages from the very start, just like refusing a collect call or COD package.
  2. If the user signs up to a subscription service such as a weekly horoscope, they can choose when to receive the messages.  This would be particularly useful for a prepay user who is low on credit.  This gives them a chance to top-up and then respond with ‘ACCEPT’ to receive the reverse charge messages on hold.
  3. It would protect against accidental subscriptions, such as if a child touches an ad to sign up to such a service.  Another example would be entering a competition, not realising it involves a weekly subscription fee.

Awaiting reverse charge SMSIn fact, prepay mobile operators already have a similar system in place to hold messages while the customer is out of credit, as shown on the right. When the user tops up their account, the mobile operator automatically releases the held messages and deducts the resulting charge from their credit.  If they can do this when the user is out of credit, surely they can add the functionality to hold such messages until the user responds with a text to release them.

Leave a Reply

Your email address will not be published. Required fields are marked *