May 21, 2012
Cramming and bill-to-mobile payments: Managing the risk
An interesting market segment in the evolving mobile payments industry is bill-to-mobile payments, which is a service that permits wireless carriers to add charges to consumers' mobile phone bills for generally small-value transactions involving digital and virtual goods purchased over the Internet. At the same time, the telecommunications industry is accommodating the addition of more third-party charges to consumers' mobile phone bills. Naturally, fraudsters are finding opportunities to apply unauthorized charges to these bills, a practice known as "cramming." As bill-to-mobile services grow more popular, how do we mitigate the potential risk of this fraudulent activity?
Telecoms and bill-to-mobile services
Telecoms have license to add charges to bills for a variety of call-based services. The advent of bill-to-mobile as a type of mobile payment began as intermediary platform providers—namely, Zong and Boku—entered the market to facilitate payments from consumers to online merchants through mobile carrier billing. Even Facebook allows the purchase of Facebook credits for games and apps to be billed to the customer's mobile phone bill in lieu of a credit or debit card payment. These services have become hugely popular as an electronic micropayment solution alternative to credit and debit cards. This makes a lot of sense when you consider the younger demographic market segment for online games and their social reliance on mobile for day-to-day interaction.
Regulation and law enforcement
As mobile phone usage grows, the incidence of criminal activity is growing in lockstep. In fact, since deregulation of the telecommunications industry, according to one state's Department of Justice report, complaints about erroneous charges on telephone bills have grown. Crammers bet on consumers not reading their phone bills carefully, and thereby failing to notice an extra dollar or two fraudulently charged each month.
The Federal Communications Commission's (FCC) Truth-in-Billing rule requires that telecom firms organize bills clearly by complying with specific requirements, such as including "clear and conspicuous notification" of charges that would be apparent to a reasonable consumer and that the name of the merchant associated with each charge is clearly identified on the bill. It also requires that the bill contain clear and conspicuous disclosure of inquiry contacts in the event of a billing dispute so that the consumer will know who to contact to dispute unauthorized charges.
While the FCC's rule might not have envisioned a mobile-payment-enabled environment and associated charges for financial services, the rule should provide adequate consumer protections for victims of phone bill cramming.
Managing the cramming risk for mobile payments
Currently, U.S. wireless carriers are limiting bill-to-mobile services to micropayments for virtual and digital goods. Purchases are typically limited to $100 a month because so far the carriers have not demonstrated an appetite for managing credit risk. Telecom firms generally resolve complaints quickly, as the cost associated with time spent by staff devoted to error disputes far exceeds the value of the charge in a complaint. As these services grow, however, this may not always be the case.
With appropriate consumer protection regulation in place, risk mitigation lies with the consumer, who should consider the following steps to protect against cramming:
- Read your bill monthly, just as you would a credit card bill.
- Be alert for changes in your bill, particularly those with language including words like "activation" and "service fee."
- Address irregularities as soon as possible. The FCC's Truth-in-Billing rule requires phone bills to include a toll-free number to make it easy for a consumer to quickly report a dispute about a charge.
By Cynthia Merritt, assistant director of the Retail Payments Risk Forum
TrackBack URL for this entry:
Listed below are links to blogs that reference Cramming and bill-to-mobile payments: Managing the risk:
- As with Nuclear Disarmament, So with ACH: Trust, but Verify
- The Personal Cost of Fraud
- When Fraud Hits Home: Questioning Today’s Authentication Methods
- FFIEC Weighs In On Mobile Channel Risks
- Cash: Reports of Its Pending Death Are Greatly Exaggerated
- The 411 on Banning the RCC
- Surviving the Emerging Payments Providers
- Between a Rock and a Hard Place?
- There's an App for That!
- What Is GPR Feeding On? Part 2 of 2
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- February 2016
- January 2016
- December 2015
- November 2015
- account takeovers
- ATM fraud
- bank supervision
- banks and banking
- card networks
- check fraud
- consumer fraud
- consumer protection
- cross-border wires
- data security
- debit cards
- emerging payments
- financial services
- identity theft
- law enforcement
- mobile banking
- mobile money transfer
- mobile network operator (MNO)
- mobile payments
- money laundering
- money services business (MSB)
- online banking fraud
- payments risk
- payments study
- payments systems
- phone fraud
- remotely created checks
- risk management
- Section 1073
- social networks
- third-party service provider
- trusted service manager
- Unfair and Deceptive Acts and Practices (UDAP)
- wire transfer fraud
- workplace fraud