Fraud Management Systems - Authentication

Authentication works by automatically sending a series of encoded passwords over the airwaves between the cellular telephone and the cellular network to validate a customer each time a call is placed or received. Authentication uses a complex security feature that contains a secret code and special number based on an algorithm shared only by the cellular telephone and the wireless network.

Whenever a customer places or receives a call, the wireless system asks the cellular telephone to prove its identity through a question- and-answer process. This process occurs without delaying the time it takes to connect a legitimate cellular call. There is no charge for this service. Authentication uses advanced encryption technology that makes it almost impossible for a subscriber’s mobile phone number to be cloned.

It involves the exchange of a secret code based on an intricate algorithm between the phone and the switch. These algorithms are so complex that service providers say that they will remain impenetrable for at least 20 years. Authentication technology identifies cloned phone numbers immediately, before costly communications can take place. The digital network and the authentication-ready phones operating on it carry matching information.

When a user initiates a call, the network challenges the phone to verify itself by performing a mathematical equation only that specific phone can solve. An authenticatable phone will match the challenge, confirming that it and the corresponding phone number are being used by a legitimate customer. If it does not match, the network determines that the phone number is being used illegally, and service to that phone is terminated.

All this takes place in a fraction of a second. Prior to authentication, a PIN had to be entered before the call was connected. All that the user needs now is an authentication- ready phone to take advantage of the service, which is usually offered free. Where authentication service is available, subscribers no longer need to use a PIN to make calls, except when roaming in areas where authentication is not yet available.

PINs have become an effective fraud prevention tool. If a subscriber’s phone gets cloned anyway, a simple call to the service provider to obtain a new PIN is the extent of the customer’s inconvenience—there is no need to change phone numbers, which also obviates the need for new business cards and letterheads.

The subscriber does not even need to come into the service center. But PINs are far from bulletproof, and cloners have proven particularly adept at cracking most security systems carriers have deployed. Still, PINs have decreased cellular phone fraud by as much as 70 percent.

Radio frequency Fingerprinting

Radio frequency fingerprinting is a step up from the use of PINs. With digital analysis technology that recognizes the unique characteristics of radio signals emitted by mobile phones, a fingerprint can be made that can distinguish individual phones within a fraction of a second after an attempt to place a call is made. Once the fraudulent call is detected, it is immediately disconnected. The technology works so well that it has cut down on fraudulent calls by as much as 85 percent in certain high-fraud markets, including Los Angeles and New York.