Feeds

Mobile fee dodgers will get away with enough cash to bail out Greece

US code paranoia lets cash trickle through cracks

SANS - Survey on application security programs

Mobile customers are dodging fees running to hundreds of billions of dollars by a combination of accident and design – both facilitated by badly designed billing systems which aren't up to the task. However, US paranoia plays its part too.

The numbers come from Juniper Research and estimate that by 2016 operators will have under-billed punters by almost $300bn globally, enough to pay off half the Greek debt. The operators most at risk are those running networks in Africa and the Middle East, where call records don't always make it back to the billing systems and SIM cloning remains rampant thanks to the US ITAR restrictions.

ITAR, International Traffic in Arms Regulations, is a US regulation which prevents the export of "strong" cryptography to countries America doesn't trust. The GSM standard defines various levels of encryption to authenticate calls, but the US won't allow ITAR-restricted countries to use encryption, so their authentication systems are trivial to break and SIM-cloning is rife.

But Juniper's report doesn't blame the Americans, instead it reckons the end-to-end visibility of billable activities is the solution. Real-time analysis and trend spotting – or "proactive business intelligence" as Juniper would have it – is what African and Middle Eastern operators need.

Operator billing systems are hideous beasts, involving generations of hardware and software lashed together with little more than cable ties and a few lines of Perl. Over the last 10 years or so, the European and American operators have been slowly replacing those tangled monsters with proper billing platforms, with the occasional hiccup, but in many countries that evolution is still in progress.

If one argues that cheap telecommunications stimulates a developing economy – a view the General Secretary of the ITU espouses – then a little fraud is probably worth tolerating, but when it starts to approach even half what the Greeks owe, then something should probably be done. ®

SANS - Survey on application security programs

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.