Vodacom and MTN’s dirty money-making scheme

Fraudulent wireless application service providers (WASPs) are taking money from Vodacom and MTN subscribers without their permission.

What makes the situation worse is that Vodacom and MTN are well aware of this problem but refuse to block these services by default.

MyBroadband’s latest disappearing airtime investigation showed that money was disappearing from our MTN test account.

A fraudulent WASP transaction was to blame for the disappearing airtime, where the SIM was subscribed to an MTN service without our knowledge or permission.

No double opt-in SMS was received by us, either.

The same thing happens to thousands of Vodacom and MTN subscribers, with most of them unaware that their airtime is being stolen.

Money-making scheme

The scale of this problem has never been fully disclosed by the mobile operators, but one can assume that it is a multi-million-rand scheme.

In MyBroadband’s case, R4 per day was taken from our account, which depleted R10 airtime in 3 days.

With fraudulent WASPs targeting millions of Vodacom and MTN subscribers, losses are therefore in the millions.

This raises the question: Why don’t Vodacom and MTN block all WASP services by default, with the option of enabling them if needed?

The reason is money, and lots of it.

The mobile operators are making a tidy profit from these services and are not willing to lose out on this revenue – even if it means tolerating fraudulent activity on their networks.

Blocking all WASPs by default

The truth is that most Vodacom and MTN subscribers are not interested in WASP services and would prefer to have their accounts safeguarded against fraudulent activity.

It therefore makes perfect sense for the mobile operators to protect their subscribers and block all WASP billing by default.

A subscriber can then request WASP billing to be enabled if they are interested in subscribing to one of these services.

This will prevent fraudulent WASPs stealing money from subscribers, and still give them the freedom to use these services if they want to.

The operators have known for a decade that a large portion of all WASP subscription services are fraudulent, but have been making good money from this practice.

Despite numerous media reports and thousands of customer complaints over the years, the two mobile giants have not resolved this problem.

Vodacom comments

Vodacom confirmed that it is well aware of the illegal activity on its network, adding that it has taken a number of measures to block this activity.

This includes the suspension and termination of service providers and their affiliate content aggregators.

“Vodacom has subsequently installed a double opt-in option via USSD to confirm subscription to WASP content services,” it said.

“We also regularly upgrade our anti-fraud detection software to curb potential fraud.”

These measures, Vodacom said, have proven to be highly successful, as evidenced by the significant decline in WASP-related queries from Vodacom customers in recent months.

On the question of blocking all WASP billing by default, it said that “similar services around the world, such as Apple iStore and Google Play, are active by default”.

It added that for customers that prefer not to use credit cards, they can access and subscribe to services that they might otherwise not have access to.

MTN comments

Jacqui O’Sullivan, executive for corporate affairs at MTN SA, said they believe a balance needs to be struck between offering customers ease of access, while still providing the necessary security protocols.

She highlighted that MTN SA has implemented numerous measures to fight fraudulent WASP subscriptions.

This includes double opt-in, blocking fraudulent website URLs, fraud detection, alerts for charges, and the ability to view and block all premium-rated services.

MTN said these measures have been successful, and it has seen a 38.6% drop in calls relating to WASP and digital content subscriptions this year.

The company has also suspended all programmatic media buying activities until all fraud prevention measures have been implemented.