Garner, Philip and Mullins, Ian and Edwards, Reuben and Coulton, Paul (2005) Mobile Terminated SMS Billing — Exploits and Security Analysis. In: Third International Conference on Information Technology: New Generations (ITNG'06). IEEE, pp. 294-299. ISBN 0-7695-2497-4Full text not available from this repository.
This paper analyses mobile terminated (MT) SMS billing, an area of mobile commerce which has undergone massive growth with the maturation of mobile content delivery on 2.5G mobile networks. Although the short message service for GSM devices was never designed to be a facilitator for micropayments, premium SMS services have been embraced by many network operators worldwide. We investigate its inherent insecurity as a payment solution and show how existing systems can be used for fraud or to deceive users. From a UK perspective, we see how the standardisation of mobile platforms with J2ME combined with WAP delivery have enabled the rise of the mobile content industry, with premium SMS as the most method common of billing. Threats to the established business models are addressed, with particular attention paid to the potential for severe disruption from mobile (SMS) spam. Furthermore, we present attacks on MT SMS systems, showing how a malicious attacker could damage the mobile content industry by undermining consumer confidence in premium rate SMS payment solutions.
|Item Type:||Contribution in Book/Report/Proceedings|
|Subjects:||Q Science > QA Mathematics > QA76 Computer software|
|Departments:||Faculty of Science and Technology > School of Computing & Communications|
Faculty of Science and Technology > Engineering
Faculty of Arts & Social Sciences > Lancaster Institute for the Contemporary Arts
|Deposited On:||10 Aug 2012 14:30|
|Last Modified:||14 Aug 2012 15:10|
Actions (login required)