Introduction
The mobile industry has always suffered from fraud and revenue leakage. However, much of the focus is on well-known fraudulent practices such as non-payment of bills, abuse of credit, and organised schemes such as bulk SMS or SIM box fraud. Countering network and customer crimes are priorities for mobile operator fraud and revenue assurance teams, but less attention is devoted to crime that originates on or relates to the mobile device itself.
These offences cut across the entire mobile device lifecycle and extend from device theft in the mobile supply chain to the trafficking of devices for resale outside the intended market. This class of criminal activity has proliferated due to the high value of smartphones making it attractive for criminals to steal devices, defraud insurers and warranty providers, to abuse shared usage policies or to defraud the device recall process. With new mobile devices costing up to USD2,000 and the increasing reliance of consumers on their smartphones to conduct very high value activities, device-related crimes continues. This is despite industry efforts to contain and eradicate such crimes through initiatives like the GSMA’s International Mobile Equipment Identity (IMEI) Database.
This is not a trivial area of communications wrongdoing. In the USA alone, the GSMA estimates that more than four million devices are trafficked annually, with the cost of bulk prepaid trafficking totalling USD900m. That’s a loss of USD225 per device trafficked. And those figures only represent the prepaid segment of a single country. Aggregating figures globally and from both the postpaid and prepaid markets would see a much larger figure. In fact, device security platform vendor Trustonic, which has its technology embedded in more than 2 billion devices, conservatively estimates that device-based frauds could have an annual impact to mobile operators of at least USD10bn per annum if the US figures are extrapolated globally. The company bases this estimate on its customers and prospects reporting that device-based illegal activity affects between 5% and 30% of the devices that operators sell.
The scale of the problem is certainly substantial. In the UK, there were 446,000 thefts of mobile phones in 2016 and The Sun newspaper has reported discovery of significant volumes of UK-used iPhones are being sold for GBP560 (USD730) in stores in Lagos, Nigeria. The UK and US markets are far from the only ones to suffer substantial device theft. In Peru, La Republica has reported that 6,000 devices are stolen per day while, in Argentina, La Nacion has reported that thefts of mobile devices exceed 4,700 each day. Meanwhile, Colombian telecoms regulator CRC reports that mobile phone theft grew 79% in the first half of 2017 compared to the first six months of 2016. In Mexico, mobile theft is so prevalent that consumers are starting to carry dummy mobiles in order to hand them over instead of their real phones if they are robbed.
Theft from users is only part of the issue and, while it is a key enabler of trafficking, criminal activity across warehousing, road freight and retail stores within the operator’s supply chain also result in large volumes of counterfeit or grey devices hitting the market. Russian operator Rostelecom estimates that 15% of devices on its network are illegal or not certified and the Mobile Wireless Forum says that there were 184 million fake phones in use in 2017.
What Can Be Done?
Operators are well aware of the problem and are trying to counteract it. Verizon, for example, is locking its smartphones for the first six months of a contract in order to prevent them being fraudulently used in the event of a theft. However, in other markets, where regulators have mandated that devices are unlocked, crime is rising. Canadian operator Rogers reported that it has seen a 100% increase in the volume of missing devices that were supposed to be shipped directly to customers.
Mobile operators, their suppliers and industry organisations are coming together to address this growing issue. For example, the GSMA’s IMEI Database records the IMEI of handsets that are lost or stolen. Operators can then block the phone from their mobile network in a process known as IMEI blacklisting. The blacklisted IMEIs are provided to the GSMA’s central IMEI Database which allows participating operators to exchange data and block devices on multiple networks, effectively rendering them worthless from a re-sale point of view.
Whilst blacklisting is an effective way to lock devices after their theft has been discovered, it does not address frauds or thefts that operators are not aware of, potentially within the supply chain. A more comprehensive approach to combat device-related crime is therefore required. Trustonic, a specialist provider of device and application security founded by ARM and Gemalto in 2012, has developed a holistic approach to the on-device security issues operators face. Its Asset Lifecycle Protection Service (ALPS) has been designed to stop profit erosion caused by smartphone fraud, device trafficking, sold but not activated (SBNA) devices, and activated but not used (ABNU) device exploitation.
ALPS is integrated directly into the device manufacturing process, so protection is in place from the moment devices are built and is operational throughout their lifecycle. ALPS secures the device at a fundamental level – in the modem firmware – giving operators and mobile virtual network operators (MVNOs) a secure communication path to control the device’s modem in order to allow or restrict device communications. ALPS is trusted by some of the largest mobile operators around the world and has been implemented on tens of millions of devices.
Use Cases
Remote SIM Unlock
Manually unlocking a device after purchase can be a cumbersome, tedious, confusing and error-prone process for both the customer and the retailer. Customers dislike it because of the time it takes, typically around two hours, and the generally poor user experience, while, for operators, the cost of providing SIM unlock is high.
ALPS addresses these issues by enabling providers to remotely and securely unlock devices. Using Trustonic’s embedded security technology, devices can be network locked at the point of manufacture and remotely unlocked only when they have been legitimately sold. The unlocking process can be done quickly and automatically, without the need for any customer interaction. In addition, the device can be remotely locked or unlocked again later in its lifecycle just as quickly and simply.
Supply Chain Security
The OEM, distributor, operator and retailer supply chain is under attack from criminals at every point. Devices are being stolen while in transit from the manufacturer to the dockside, from the shipping container to the warehouse or between there and the retailer. They’re also being stolen from retail stores themselves, sometimes by insiders from the ‘back of house’ where devices are being prepared for sale. The unlock codes on devices are easily broken by fraudsters, meaning they can be sold and reused.
ALPS secures the supply chain at every point by enabling OEMs to lock their devices before they leave the factory, and for operators to unlock them only when they’re sold and activated in the store. Even if a stolen device is shipped to another country, it cannot be activated on the network because it is locked.
Device Financing and Subsidy Lock
Credit rejection rates associated with device financing are high; in some cases, as much as 80%. This is an issue, regardless of whether a device is sold through a subsidy or lease plan. If a customer defaults on their payments or abuses the terms of their plan, the operator bears the cost. For example, if a customer buys a device, but only uses Wi-Fi instead of connecting to the operator’s network, the operator cannot recoup its subsidy.
ALPS provides operators with the ability to lock a device for non-payment or for infringing the terms of a contract. This capability means operators can provide devices to customers previously considered too risky for their business.
Activated but Not Used (ABNU)
An area of concern for operators is when devices are activated but not used, thereby generating no revenue, even though the device may have been subsidised by the operator. ALPS enables operators to control devices that are purchased and activated but sold out of the market. These devices are usually not seen again on the original carrier networks and this activity is often indicative of identity fraud because the devices are acquired, and contracts signed up for by criminals using stolen identities. ABNU protection monitors when the device is attached to the network, to analyse whether usage is in line with the original operator’s expectation.
Leasing
Mobile network operators and other companies have substantial businesses leasing devices to customers such as enterprises. These providers depend on reliable device control in order to protect their businesses. There are several opportunities for crime to be committed in relation to leased devices, such as resale of leased devices during the leasing term. This sees devices fraudulently sold on while still under the terms of the original lease. Another crime involves sale of the device at the end of the leasing period rather than returning it to the device provider.
ALPS enables devices to be locked if they are not returned at the end of a leasing period. Lease providers also have greater control during the lease and are able to analyse usage and react if it falls outside the expected parameters.
Companion Devices
The ability to enforce the terms of a contract enables operators to offer new types of plans. For example, with ‘share everything’ plans, multiple devices and lines can be purchased together, with data, minutes and SMS all consumed across the devices. However, should the subscriber default on payments, the operator can remotely lock all the devices associated with the plan since all are subsidised and subject to the same terms.
Similarly, third parties offering devices as incentives can enforce the terms of their contracts. For example, a bank might offer a new account with the incentive of a free smartphone when the account is opened. The terms state that the customer must use the account for a minimum of two years. If the terms of service are broken, the bank loses their customer, the revenue from the account and the smartphone. However, by using ALPS, the device can be locked, preventing the customer from selling it on and depositing any gains into a competitor’s bank account.
Warranty and Insurance Fraud Prevention
Warranty fraud occurs when a company’s defective product replacement policy is exploited. For example, a customer who purchases a device online then claims it is defective and demands a replacement under warranty will have to return the original device – which may, of course, not be defective.
Mobile operators and retailers want to be able to support this type of ‘forward replacement’ so customers are never left without a device. However, because of fraud, many are reluctant to do so, insisting instead that a device is returned before a new one is issued.
With ALPS in place, customers can be supplied with a replacement device that is locked. This device cannot be used until it’s activated. Automatically unlocking the new device, while simultaneously locking the original device that is under warranty, means that only one device is ever unlocked at a time, protecting both assets and ensuring customers follow the prescribed replacement process. This solution can also be used by third-party companies who handle warranty replacements on behalf of operators, providing them with the ability to lock these devices.
Device Recall
Occasionally, devices need to be recalled by the manufacturer. However, it can be difficult for manufacturers and operators to enforce this. This can be especially problematic when a regulatory body legislates that a device that it considers unsafe must stop being used, because there is no way of enforcing that users send in their devices.
ALPS provides original equipment manufacturers (OEMs) and their operator partners with the technical ability to enforce a recall policy by remotely locking a device, thus rendering it unusable. ALPS can also be used to inform customers about a recall; for example, by displaying information on the device together with the care number.
How ALPS Works
Trustonic’s ALPS solution is unique in the market because it is embedded into the device at the manufacturing stage and can be deployed across devices from multiple OEMs. It is not a retrofit, nor an app or a software upgrade. During manufacture Trustonic and the OEM exchange cryptographic keys and establish a strong device-identity binding that can be used to talk to the modem securely in the future.
Trustonic’s Trusted Execution Environment (TEE) operating system (OS) sits alongside the Android OS on the device processor and once the TEE is in place, Trustonic can communicate with it using hardware on the factory line to perform cryptographic binding of that device to its IMEI. After the keys are injected and received back, they are encrypted into the Trustonic cloud and can be accessed in encrypted format.
This enables an operator or other trusted party to later challenge the integrity and security of a device in the field by interrogating Trustonic’s ALPS Device Endorsement Service. Factory integration across multiple different OEMs is unique to Trustonic. However, ALPS is not simply about installing an OEM preload; it’s about installing an OS for security and fraud prevention on devices at the point of manufacture. The Trustonic TEE OS boots even before Android boots.
The complexity of achieving this should not be underestimated. Trustonic has spent the last seven years getting embedded into the device OEMs’ production facilities and now has relationships with most Android OEMs. This has given the company the ability to run on 2 billion devices globally and achieve large-scale ALPS deployments at two of the top three North American operators.
It’s also important to understand that just having OEM access is not enough because it’s also necessary to work with the original design manufacturer (ODM). For this reason, Trustonic is now in more than 100 factories for device manufacturers integrating Trustonic’s hardware-based security onto their lines, working with them to ensure the technology is integrated correctly. To this end, Trustonic has in-region field engineers in manufacturing locations such as Shenzhen, Shanghai, Beijing, Tokyo, Taipei and others, who can work with the OEM and ODM engineers to ensure ALPS is installed correctly. Trustonic is therefore fully integrated into the global device supply chain and also for factory lines at the engineering level.
Conclusion
The scourge of mobile device-related crime is becoming more acute as it spreads across multiple dimensions of the mobile business from trafficking to counterfeiting, to lease and finance fraud. Only by integrating the capability to combat these frauds into devices at the manufacturing stage can this multi billion-dollar annual loss be stemmed by the mobile industry. By implementing ALPS, operators can turn the tide, protect their businesses from innovative criminal networks and stimulate new revenues from customers they would previously have been unwilling to do business with.
