Speak Freely

The theft of wireless phone service, which only a year ago was costing the industry hundreds of millions of dollars annually and consuming the resources of law enforcement agencies from the Secret Service to the Los Angeles Police Department, has all but disappeared in many large cities, thanks to new technology.

Officials in the fast-growing industry downplay the turnaround out of fear of encouraging thieves. But the ability of wireless carriers to use electronic authentication and digital encryption to recognize legitimate phone users and block unauthorized ones is now saving providers tens of millions of dollars--and their customers lots of hassle.

Last month, for example, Bell Atlantic Nynex Mobile, the nation’s second-largest wireless service provider, announced it had reduced fraud more than 75% since installing authentication and radio frequency identification technology last May.

Similarly, Dave Daniels, director of corporate antifraud management at San Francisco-based AirTouch Communications, said the carrier’s fraud rate has dropped 90% compared with a year ago--a decline that helped contribute to the $2-million jump in net income the company reported for the quarter ended in December.

The percentage of financial loss in the industry due to wireless fraud dropped last year for the first time, and it’s expected to continue to decline through 2000, according to the Yankee Group, a Boston consulting firm.

“You can see the impact in the streets,” said Daniels. “Cloners who used to get $50 to $100 for [a pirated cellular phone] can’t even sell them for $5 or $10 on the [black] market today.”

The new technology has dramatically cut fraud in the Southland, according to the Secret Service, which has federal authority to investigate wireless phone fraud and which two years ago conducted a major sting operation targeting thieves in Southern California.

“The technology is making a significant difference,” said James Bauer, special agent in charge of the Los Angeles field office of the Secret Service. He said the number of cases referred to the office has dropped so dramatically in the last year that he has been able to free agents from the unit’s special wireless phone investigative division to investigate other types of financial fraud.

Progress in the war against phone fraud has come at a critical juncture for the wireless industry. Companies such as Sprint and AT&T; are spending billions of dollars to launch wireless networks over the next few months to compete with traditional analog cellular phone service, and they can ill afford the costs--in dollars and damaged customer relations--that fraud brings.

The battle centers on securing the data that mobile phones must transmit to identify themselves to the wireless network. An electronic device at each cellular site captures and matches the electronic serial number and mobile identification number broadcast by a mobile phone each time it is turned on.

With analog phones, which make up about 43 million of the 44 million wireless phones in use (the rest are newer digital models), the data travel over the air unprotected and can be captured with ordinary electronic scanners sold in stores. Cloners make an electronic copy of the data and then transfer it to a microchip that is used to create an unauthorized clone phone.

But a number of firms now say they have high-tech solutions to the cloning problem in the form of digital encryption, voice and radio frequency authentication, as well as elaborate computer programs that track phone use to uncover unlikely calling patterns.

Cellular Technical Service, which sells devices that can recognize the radio frequency “fingerprint” of wireless phones, saw its revenue for the fourth quarter jump 114% to $6.91 million.

Meanwhile, AT&T; Wireless Services in Kirkland, Wash., said it is seeing strong demand for its encryption technology for enhancing wireless security on digital networks.

The use of radio frequency fingerprinting means that even if a thief intercepts the electronic identification code transmitted during a wireless call by an authorized user, he or she can no longer use that code to make another phone. That’s because the cloned phone will broadcast a pattern different from the legitimate phone, and there’s no way to reliably duplicate the pattern.

In many cases, however, carriers don’t know the frequency characteristics of particular phones, especially older ones. Thus they must analyze phone usage to make sure they block the cloner and not the legitimate user.

On digital networks, carriers use encryption and special identification codes to combat fraud. So far it’s all but impossible to clone the digital phones, and conversations are far more secure than with older analog cell phones.

“As of today, a casual or inadvertent eavesdropper is not going to get into your conversation, and cloning [most new phones] is a thing of the past,” said Mark Golden, senior vice president of industry affairs at the Personal Communications Industry Assn. in Alexandria, Va. “That is not to say we can sit on our hands. . . . The bad guys are not resting.”

Indeed, experts say the victory over thieves may be fleeting.

Last month, for example, Berkeley researchers announced they had uncovered a flaw in technology designed to ensure a caller’s privacy over digital cell phones. Determined thieves might thus be able to steal credit card numbers and other sensitive data sent digitally.

Many encryption experts remain concerned that U.S. export laws compromise the wireless industry’s ability to craft bulletproof phone security solutions.

What’s more, the use of anti-fraud technology is spotty outside big cities, encouraging many criminals to attack smaller cellular carriers. The radio frequency fingerprinting, for example, costs about $15,000 per cell site, and there are often dozens of sites in a given service area. While the costs are comparatively modest for a big-city system, it gets expensive for rural areas.

“This [new] technology has only really come into play in the last 12 to 24 months, and the vast majority of people out there still have . . . phones that don’t have authentication technology built into them,” said Leslie Owen, director of logical and cross-technology security for AT&T; Wireless Services.

In fact, some outfits that sell equipment to the telephone hacker underground, such as Yuma, Ariz.-based Telecode, say there is still plenty of money to be made illegally cloning cellular phones. Make “$100 per hour cloning cellular telephones,” the firm declares on its Web page. The company did not return phone calls inquiring about its products.

Chicago-based 360 Communications, a wireless spinoff of Sprint that specializes in small regional markets, is certainly still feeling the sting of cloners. In an unusually candid disclosure, the company warned last month that despite a record number of new customers, investors should brace for lower-than-expected revenue this spring because of fraud losses totaling $3 million a month in the fourth quarter.

“We saw higher-than-projected fraud losses in late December in a number of our markets,” said Sal Cinquegrani, a spokesman for 360 Communications. “Cellular companies in larger cities have been successful in pushing away from their communities some of the fraudsters, who took their activities into the smaller communities and wreaked havoc there.”

Given the inventiveness of crooks, some industry officials think the best way to quell fraud is to outlaw the tools criminals use to intercept wireless transmissions.

In a letter to the chairman of the House Subcommittee on Telecommunications, the Cellular Telecommunications Industry Assn. implored Congress to make it “clearly illegal to manufacture, import, distribute, modify, sell or own a device that can intercept and/or decrypt wireless communications.”

The association’s president, Thomas E. Wheeler, said the law is necessary because “any encryption methodology devised by the mind of man could, in time, be defeated.”

*

Jube Shiver can be reached via e-mail at jube.shiver@latimes.com