The Wireless Application Service Providers’ Association (WASPA) has been accused of serving its members’ interests instead of protecting consumers against rogue WASPs and airtime theft.
These accusations came from two industry players who asked not to be named because of their relationship with WASPA and the mobile operators.
WASPA was formed in 2004 as a self-regulatory body with a mandate to represent and regulate its voluntary members.
The organisation has a code of conduct and advertising rules which member WASPs must adhere to.
These rules form the foundation of protecting South African mobile users against fraudulent activity and airtime theft.
Vodacom, MTN, Cell C, and Telkom Mobile make it compulsory for WASPs to be members of WASPA to offer WASP services.
This may sound like a great initiative to protect consumers against airtime theft, but the reality looks very different.
Fraudulent content subscriptions and airtime theft remain rife in South Africa despite years of complaints by consumers.
WASPA further served as a way for mobile operators to wash their hands of airtime theft and refer complaints to WASPA instead of addressing the problem themselves.
It is, therefore, no surprise that one industry player described WASPA as “an industry body PR stunt to pretend that there is some sort of ethical conduct”.
He said WASPA is not an independent body or regulator. “They receive many complaints, but they cannot handle most of them. It makes them sort of irrelevant,” he said.
Another industry player said some of the WASPA office bearers are involved with WASPs which are accused of airtime theft.
He supplied MyBroadband with the names of these office bearers, and it can be confirmed that some of the companies they represent have been accused of airtime theft.
Fraudulent subscriptions and airtime theft are rife
MyBroadband’s recent reports on fraudulent subscriptions and airtime theft show that this crime remains rife.
In many cases, the fraudulent WASP subscriptions occurred on machine-to-machine (M2M) and Internet-of-things (IoT) SIMs.
It is impossible for these SIMs to pro-actively subscribe to WASPs services, which conclusively prove fraudulent activity.
One industry player said this shows that WASPA and the mobile operators’ strict double-opt-in promise either never materialised or is flawed.
“That is why literally any random SIM can still be subscribed to WASP services,” he told MyBroadband.
Another industry player accused WASPA of pro-actively avoiding the formal process of handling complaints to protect its members.
He said of the 1,601 complaints lodged with WASPA between January and June 2020, only 3 were handled through the formal process. This equates to less than 0.2%.
He said avoiding the formal process mean there are no complaint reports published on the WASPA website. This, in turn, means rogue WASPs are not exposed publicly.
He added that sidestepping the formal process also avoid penalties like fines for serious infringements or repeat offences.
The table below provides an overview of the number of complaints lodged through the WASPA website and the number which was handled through the formal process.
WASPA provided a comprehensive response to the allegations, which is published in full below.
The Wireless Application Service Providers’ Association (WASPA) condemns recent allegations implying that the organisation does not operate independently and that we are aiding and abetting data or mobile-service related fraud. These allegations are unfounded and misrepresented.
As an independent self-regulatory body, we are 100% committed and transparent in serving the best interests of the consumer – which, together with representing mobile application and service providers in South Africa is the sole purpose of our organisation.
We take a strong stance towards proactively monitoring mobile application services to review advertising and test services on a daily basis, ensuring compliance with our Code of Conduct and in fulfilling our consumer protection mandate. In fact, more than 70% of our organisation’s financial and human resources are dedicated towards regulation, monitoring and consumer protection.
We have a dedicated compliance department that monitors member services for compliance checks using different platforms guided by the WASPA Code of Conduct (version 16.9) – a Code that all members are required to adhere to. This year alone, we have monitored over 800 000 mobile WASP application services to ensure that consumers can use these services with confidence.
It is through this active monitoring that we are able to identify any issues and address these immediately through our well-established complaints process, monitored by a team of full-time employees that handle all complaints lodged by members of the public.
This team are highly capable of managing and resolving the large amount of issues brought to our attention/identified through our proactive monitoring. It is important to note that, depending on the nature of the query or complaint, and the severity of any alleged breach of the WASPA Code of Conduct, WASPA uses a number of different processes to deal with each matter as outlined below.
- Heads Up: If there is a problem with a member’s service for which it seems feasible for the member to provide a prompt remedy, then a “Heads Up” notification is sent to the member. If the member resolves the issue within the prescribed time period (usually two days) and to the satisfaction of the Compliance Department, then the matter is closed. If not, it proceeds to the next step of the complaints process.
- Informal: The member involved has an opportunity to resolve the complaint to the satisfaction of the complainant. Such a complaint is usually one for which it is possible for the member to promptly remedy, and where there is not a material breach of the WASPA Code.
- Formal: This is a more rigorous process giving each party to the complaint an opportunity to provide information for the independent adjudicator to review, and to respond to the other party’s submissions. Once the submissions process is concluded, an independent adjudicator is provided with a full casefile for the complaint, which he or she reviews in depth before providing WASPA with a report on the matter. This adjudication determines whether or not a member breached the Code of Conduct, and if so, what sanctions must be applied to that member.
This year, only three complaints required formal adjudication, with 80 Heads-up complaints lodged and resolved within 48 hours, as well as over 1800 resolved through the informal processes.
It must be noted that, both our compliance and complaints department function totally independently from the WASPA Board and is managed by designated managers and therefore no Board member has input into, or decision making authority over, the complaints or compliance procedures. Certainly, our Board is made up of numerous industry representatives elected annually during a democratic voting procedure, including WASPS – to ensure a balanced and broad view and approach to regulation and decision making. As a self-regulatory body with a mandate to regulate its voluntary members, any member found in contravention of our Code of Conduct – regardless of their contribution to the organisation – will face the appropriate sanctions.
It is very unfortunate that the global mobile value-added service industry is a target for third parties facilitating unauthorised transactions – with the digital world a breeding ground for fraudulent activity. This phenomenon is affecting stakeholders across the board, as well as negatively impacting consumers who are the victims of such illegal actions.
Thieves are constantly developing new ways to beat the system and while WASPA’s Code has gone through numerous iterations to close off the evolving methods used to get through our detection software and monitoring teams, and has largely been successful, we don’t have jurisdiction over all services being offered to the consumer via the mobile phone.
As an independent regulatory body, we are doing everything in our power to protect consumers from such incidents and will continue to evolve our monitoring and protection methods to ensure we stay ahead of this as best as possible.
- All WASPA members are required to implement certain security measures to secure their systems and platforms
- Blocklists – Our members subscribe to a list that contains the URLs of applications (apps) that have been linked to potential fraudulent or unauthorised activity by downloading malware onto handsets when the apps are installed
- All members are required to implement an anti-fraud solution on their platforms across all networks. The results, successes and failures are shared at technical workshops to determine which solutions provide the best protection, whilst still allowing legitimate traffic
- Monitoring and enforcement via the Code of Conduct
- External monitoring services – WASPA procured the services of an external monitoring company to conduct 24/7 monitoring of services to identify and escalate any potential services that have been exposed to fraudulent activity.
- WASPA has formed a Fraud Prevention Task Team (FPTT), consisting of representatives from telecommunications, financial, technical, legal and other backgrounds, to continuously review the current situation and work towards solutions to address the problem.
While the industry at large is being impacted by such fraud, we assure both our members and South African consumers that we are not only well equipped to deal with these matters, but are taking proactive steps to mitigate and manage such fraud and will continue to evolve our monitoring to try address the ever growing need for regulatory compliance in the country. As with any industry – this cannot be done in isolation, it is an industry-wide concern and so we implore mobile relevant business to work alongside us in the fight against such fraud.
Any consumer looking for more information on WASPA, our services, code of conduct and members or to report a scam, unwanted billing or lodge a complaint can do so on our website – https://waspa.org.za/consumer-support/