Path: utzoo!telecom-request Date: Thu, 16 May 91 15:56 GMT From: Bob Frankston Newsgroups: comp.dcom.telecom Subject: Re: 900 Number Fraud on My Line Message-ID: Organization: TELECOM Digest Sender: Telecom@eecs.nwu.edu Approved: Telecom@eecs.nwu.edu X-Submissions-To: telecom@eecs.nwu.edu X-Administrivia-To: telecom-request@eecs.nwu.edu X-Telecom-Digest: Volume 11, Issue 364, Message 8 of 11 Lines: 42 If I understand your message, someone stole service by using your line. In order for you to get the charges removed, you must agree to be unable to ever use a 900 number yourself. Doesn't sound right. If telco's are to play the role of verification, authorization and billing agent for various services, they've got to take some responsibility for providing access to the service. After all, there are even some useful 900 services. Rather than blanket call blocking, some capability for password (PIN?) protection would make more sense. On the related topic of pager bombs (the problem of people leaving 540 numbers on pagers), one writer suggested that one should never dial a number without first calling the operator to ask the rate. I guess in a totally paranoid world, one should never take any action without proper precautions. Who knows which package contains a bomb, which diskette contains a virus (passively inserting it into a Mac will cause it to run so you can't even examine it with normal means) or even which car will suddenly start from a red light and run you down?. There must be a tradeoff between normal precautions and paranoia. I should be able to make the presumption of safety for normal activities. I do lock my doors as a matter of course, but having to verify the billing for each phone number on my pager seems to be going too far. Back to 900 numbers. They are very, very convenient (which is the whole point) and rely on the heuristic of using physical possession of a phone (line) to establish identify and authorization. This is a good first cut but rather crude. Some services do have 800 number counterparts which allow for credit cards as an alternative form of payment (at a surcharge and I'll pretend that credit cards over the telephone are safe). It would be nice if 900 numbers were viewed as a macro for a service selection, authorization and billing mechanism so that the components can be provided independently. For example, a dialing prefix to allow for credit card payments for 900 numbers (0-900??) and the option to increase the authorization/verification requirements. Yes, I know that trying to do this "right" would have probably resulted in the services not being offered at all, but that doesn't mean that one should omit the later design refinement cycles.