Prepaid in Mobile

Telecommunications

(Deliverable D0.1c)
Colophon

Date : January 23, 2002

Version : 1.0
Project reference : GigaABP/2001/D01.c
TI reference : TI/RS/2001/082
URL : http://gigaabp.telin.nl
Access permissions : Public
Status : Final
Editor : Arjen Bakker
Company : Atos Origin
Author : Arjen Bakker

Synopsis:
In this document, an overview is provided for
different concepts of prepayment in mobile
telecommunications.

COPYRIGHT © 2001 TELEMATICA INSTITUUT

PERSONAL USE OF THIS MATERIAL IS PERMITTED. HOWEVER, PERMISSION TO REPRINT/REPUBLISH THIS MATERIAL FOR ADVERTISING OR
PROMOTIONAL PURPOSES OR FOR CREATING NEW COLLECTIVE WORKS FOR RESALE OR REDISTRIBUTION TO SERVERS OR LISTS, OR TO REUSE ANY
COPYRIGHTED COMPONENT OF THIS WORK IN OTHER WORKS MUST BE OBTAINED FROM OR VIA TELEMATICA INSTITUUT (HTTP://WWW.TELIN.NL).
Preface

After a brief introduction on mobile telecommunications, this document describes different

concepts for prepayment. Two recharging concepts are described, and different fraud
scenario’s have been recognised. The description of concepts in this document were obtained
from documentation and practice, and deal with current situations in second generation
mobile networks.

The presentation in this report is the result of, and input to the research performed within the
GigaPort Applications project Giga Accounting, Billing and Payment (GigaABP,
http://gigaabp.telin.nl) that has been performed within the Telematica Instituut in Enschede,
the Netherlands. As partners in the Telematica Instituut consortium TNO FEL (e-Business)
and Atos Origin contributed to the GigaABP project.

More information with regard to the content of this report or on the GigaABP project can be
obtained from the project manager, Sander Hille (email: sander.hille@telin.nl, or by phone:
+31-(0)53 4850485). Other reports that resulted from the project are available at
http://gigaabp.telin.nl (‘Publications’), or through the GigaPort web site: http://www.gigaport.nl.

We would like to kindly thank the reviewer Paul Porskamp for the effort that he has put in
reviewing this document and providing feedback and additional comments.

Sander C. Hille
Project manager GigaABP.

G I G A A B P / 2 0 0 1 / D 0 . 1 C V
Table of Contents

1 Introduction 9

2 Mobile Telecommunication Architectures 11

2.1 Introduction 11
2.2 Components explained 11
2.3 GPRS extensions towards third generation mobile networks 13

3 Prepaid Concepts 15
3.1 Handset based concept 15
3.2 Hot billing concept 16
3.3 Service Node Concept 17
3.4 Mobile Intelligent Network concept 18

4 Recharging concepts 21
4.1 Recharging vouchers 21
4.2 Recharching from a bank account 22

5 Fraud & abuse scenarios 23

6 Conclusions 25
The Classical IN Architecture 27
The IN evolution towards an open service-enabling architecture 28

G I G A A B P VII
1 Introduction

A prepaid service is a service for which the customer pays in advance. The ability to pay in
advance for services has become a global, multi-billion dollar business, used for fixed and
mobile telecommunications, Internet, pay TV and across other industries. Currently prepaid
telecommunication services are offered by over 90 % of European mobile operators, and
consist of approximately 60 % of all mobile communications in the year 2000. In the next
three years, a shift from prepaid voice to prepaid data services can be expected, driven by the
new and improved enabling technologies for mobile communications.

Two different perceptions can be distinguished:

1. The service provider perception:

The post-paid principle is based on a strong relationship between provider and customer. The
relationship must be able to provide the service provider with the assurance that all debts will
be paid. No matter how strong the relationship, there is always a large risk of bad debt. Based
on international whereabouts, and applicable laws, these debts can be issued, but there is
always a considerate amount of money involved in retrieving them.

Prepaid services not only prevent the provider from handling bad debt situations, but in the
current situation, they also lower the incremental strain on resources. Today, around 50 % of
customer enquiries relate to the billing process alone.

Besides the claimed advantages, there is a downside. Prepaid service offering requires real-
time or almost real-time accounting, to prevent unauthorised use. This puts some serious
constraints on the system and the infrastructure used by the operator. Also the overall risk
profile is larger than with post-paid subscription based services, because of the variability in
revenues, and the unpredictability of these revenues.

2. The customer perception:

Customers typically associate prepaid with simplicity and transparency. Especially for
customers using new services, prepaid services offer the big advantage of predictability, and
prevent the customer from any surprises, when new services are being billed, and the bills are
presented.

Disadvantages for the customer are the additional effort for upgrading his account, and the
loss of interest because of the early payment.

This document will evaluate the four different prepaid concepts that are currently adopted in
the Telecommunications Industry. In practice, it appears that around 60% of the European
Telecom operators use some sort of hybrid form, instead of total devotion to one pure
concept.

G I G A A B P 9
2 Mobile Telecommunication Architectures

2.1 Introduction

In order to gain a good understanding of the practical and conceptual implementations of

prepaid services in mobile telecommunication networks, a limited but basic knowledge of the
current second generation mobile networks is needed. Second generation refers to current
GSM networks in Europe and different implementations with roughly the same functional
characteristics elsewhere. The upcoming UMTS and comparable standards are considered to
be the third generation mobile networks (3G). GPRS is an intermediate solution, commonly
referred to as a 2.5G mobile network.

Figure 1 shows a network architecture, in which the most common elements are shown. The
faded components illustrate the presence of multiple interconnected instances. For example,
it shows that multiple Mobile Switching Centres (MSC’s) are interconnected, and that one
MSC is connected to multiple Base Station Controllers (BSC’s), which in turn, are connected
to multiple Base Transceivers Stations (BTS’s).

VAS
Platform
HLR
AuC

SSP
VLR

BSC MSC SSP

Phone
PSTN SSP
BTS
BSC
MSC
Solid Lines: Voice Trunk MSC AuC: Authentication Center
Dashed Lines: Signaling HLR: Home Location Register
BTS: Base Transceiver Station SSP: Service Switching Point
BSC: Base Station Controller VAS: Value added Service
MSC: Mobile Switching Centre VLR: Visitor Location Register

Figure 1: Network architecture of second-generation mobile networks

2.2 Components explained

BTS: The Base Transceiver Station consists of all radio transmission equipment (transceiver,
antenna, etc.) and a link to the Base Station Controller (BSC). This link can be either a fixed
trunk, or a wireless link type of connection.

BSC: The Base Station Controller is the brain of the radio part of the network. It controls a
group of BTS’s and controls the mobility of the Mobile Stations (MS) or handsets. This

G I G A A B P 11
includes location detection and handovers (from one BTS to an other). During call set-up, the
BSC assigns a channel to the MS.

MSC: The Mobile Switching Centre plays a central role in the service part of the network. It
handles call set-up and termination, it routes traffic to the desired destination, and it provides
billing detail information in the form of Call Detail Records (CDR’s). The MSC registers
unknown MS’s that are visiting the network in the Visitor Location Register (VLR), and
provides necessary information to the home network to keep track of the MS. In the home
network, a Home Location Register (HLR) is the primary point of information for the related
MS’s. Each MS is assigned to one HLR. The MSC interfaces with both other MSC’s, and with
the fixed or wire line network. Value Added Services (VAS), like 0800 services, call-back
service, automatic redial etc, are provided on a VAS platform, that is most likely based on an
Intelligent Network (IN) platform.

HLR: The Home Location Register contains valuable information about permanently assigned
home users, and their handsets. Examples of the information that is stored here are: Which
services does the customer use (voice, data, prepaid), present location of the customer as
derived from other ‘foreign’ MSC’s, the International Mobile Subscriber Identification (IMSI)
number assignment, which is an internationally unique identifier for mobile communications.

AuC: The Authentication Centre is used for the verification of the identity of the users. It uses
information from the Subscriber Identity Module (SIM) located in the MS. The AuC is often
combined with the HLR.

VLR: The Visitor Location Register is co-located with each MSC. It stores information about
the present location of the visiting users. It also contains information about the current status
of the MS (power on/off, active/idle mode). To protect the IMSI number from fraudulent use,
the VLR assigns a Temporary Mobile Subscriber Id (TMSI) based on the IMSI, for use during
the session. (Reason for this is that the frequently changing TMSI is harder to catch for
misuse).

SSP: The Service Switching Point illustrates the interconnection point with the fixed switching
network or Public Switched Telephone Network (PSTN). Present switching networks are
based on Intelligent Networks (IN), where the traffic part of the network is separated from the
1
signalling part of the network . The SSP is actually part of the IN architecture, and represents
the signalling application on the switch. Strictly speaking, the interconnection from the mobile
network infrastructure with the PSTN will take place via an interconnection device that
supports not only signalling, but is also capable of realising actual traffic throughput.

1
The signalling network takes care of call set-up and routing issues. A traffic connection will be realised after a
connection has been set-up by the signalling network. For a more detailed explanation, see Appendix A

12 G I G A P O R T
2.3 GPRS extensions towards third generation mobile networks

This section deals with some extensions that are currently made to the second-generation
mobile networks to support efficient data transport over the current circuit switched mobile
2
infrastructure. The General Packet Radio Service (GPRS) is an ETSI standard that is
targeted at reuse of the current mobile infrastructures by offering packet switched (always-on)
data connections. The concept is based on two basic ideas: first, assign some ‘voice’
channels to be used by the GPRS service; second, split the voice part and the data part in the
fixed network. The voice traffic will be handled by a “typical” voice network infrastructure
(optimised for point to point circuits), the data traffic will be handled by a “typical” data network
infrastructure (optimised for bursty packetised traffic).

The radio channels assigned to the typically bursty non-continuous communication will be
shared amongst many different handsets demanding this service. Contrary to the situation
with ‘plain old’ GSM, with GPRS there is no dedicated channel usage. Different users can use
this ‘packet-channel’ for mutual concurrent use as long as this use is packet based.

VAS
HLR Platform
AuC

VLR

BSC MSC SSP

Phone
PSTN

BTS Voice link

Data link ISP

SGSN GGSN IP
GTP
backbone
SGSN: Serving GPRS Support Node
GGSN: Gateway GPRS Support Node Corp.

Figure 2: Network architecture for GPRS extensions on second-generation mobile networks

The conceptual difference between GSM and GPRS data services is the “always-on” data
support. This is an important enabler for low bandwidth continuous data services like
messaging, buddy lists and small information services like address lookups and calendar
functionality. The former statement may seem paradoxical because of the use of the word
‘continuous’. In the first case, continuous referred to the dedicated traffic link, while in the
second case, continuous referred to the service.

2
European Telecommunications Standards Institute

G I G A A B P 13
GPRS-based services - and especially the network use involved - demand a revolutionary
change in the way telecommunications are charged. It is obvious that with the use of an
“always-on” network service, the time based billing concept does not apply. Different billing
strategies have to be explored to determine the most suitable billing concept, or a
combination of complementary concepts best suited for the situation. The concept that is
currently deployed by most of the telecom operators is volume based billing. The deployment
of volume based billing fits in with the strategy to correlate the usage costs with the most
restricted network aspect, capacity.

14 G I G A P O R T
3 Prepaid Concepts

In this section the four most important prepaid billing services used in the mobile
telecommunications service will be discussed.

3.1 Handset based concept

Handset based systems are also called Advise of Charge (AoC) systems or SIM based
systems. In contrast to the other types of prepaid systems, the credit information is stored and
accounted on the mobile device (handset + SIM) itself. All other architectures register usage
in the network instead.

When the caller wishes to make a connection to a recipient, he dials the desired number, and
a request will be placed at the Mobile Switching Centre (MSC). The MSC checks the kind of
call at the Home Location Register (HLR), and detects that it involves a pre-paid caller. The
MSC uses the call details to determine the call rate, and sends "Advise of Charge" (AoC)
parameters back to the mobile device. Based on these parameters, the handset itself will
determine the maximum allowed call duration. After acknowledgement of the receipt of the
AoC, the MSC will realise the connection with the call recipient. The session is terminated
when either the call is manually ended by one of the parties, or the call duration reaches the
3
predetermined level from the AoC. In Figure 3, the process of call origination is illustrated.

1 3 3
2
MSC SSP
3
4.
Solid Lines: Voice Trunk Dashed Lines: Signaling
MSC: Mobile Switching Center SSP: Service Switching Point

Figure 3: Prepaid Call origination in handset based approach

Steps involved in Prepaid Call Origination of a handset based system:

1. Prepaid customer initiates a Call (dials number)

2. MSC sends AoC to handset. AoC is based on rate plan and various parameters (such
as time and destination)

3. If the handset supports AoC, then the handset will acknowledge the receipt of the
AoC parameters. If no acknowledgement is received by the MSC the connection is
denied, otherwise the call is connected.

3
See terminology

G I G A A B P 15
 4. During the call, the handset uses the AoC parameters for tariff information. It
decrements the credit on the SIM card by incrementing the used units in the SIM
4
cards Accumulated call meter (ACM) . If the SIM card determines that the ACM has
reached the maximum allowed ACM threshold value, the handset disconnects the
call. This AoC disconnection mechanism works automatically in the handset, without
any involvement from the network.

3.2 Hot billing concept

In case of the hot billing approach, like in the case of post-paid telephony, accounting will take
place based on Call Detail Records (CDR's). The credit adjustment will be done afterwards.
Although this concept is sometimes referred to as real-time billing, it isn’t real-time. It can only
be considered as ‘near-real-time’ compared to the bulk processing in Telecom's traditional
billing systems. Because of the concept of using CDR's, the accounting takes place after the
call has been ended, and the CDR has been created. Directly after the termination of a call,
the CDR is created at the MSC, and sent to the prepaid billing platform. The prepaid Service
Centre (PSC) guards the status of the user "account". When the status of a prepaid account
has changed, most likely because exhaustion of credits, the PSC informs the HLR of the
changed status. The HLR, as the single source of status information for the mobile accounts,
guards the access to the network. Every time a MN (mobile node) sets up a call, the HLR is
consulted. If the prepaid account has been exhausted, no access will be allowed (except for
special numbers of course).

1 3 3

MSC SSP

Solid Lines: Voice Trunk 4

2/3

Dashed Lines: Signaling

AuC: Authentication Center
HLR: Home Location Register
MSC: Mobile Switching Centre
HLR 5 PSC
AuC
PSC: Prepaid Service Center
SSP: Service Switching Point
Figure 4: Prepaid call origination in Hot Billing approach

Steps involved in the call origination for the Hot Billing approach:

1. The customer dials the desired number, and its IMSI number (ID) is sent to the MSC.

2. The MSC instructs the HLR to determine the validity of the service request based on
the IMSI number.

4
ACM stands for accumulated call meter. It is a specific data field on the SIM card that is used together with a
predetermined maximum value (ACM*) determine the “current credit level” at any time.

16 G I G A P O R T
 3. If the verification is successful, the HLR downloads the customer data and a prepaid
tag to the MSC. The call is connected.

4. When the call terminates, a CDR is created and sent to the prepaid service centre.

5. The prepaid service centre decrements the prepaid credit based on the received
billing record. If the balance is negative, the prepaid service centre instructs the HLR
to suspend the prepaid service or to delete the customer’s record.

It is obvious that because of the delay involved in the processing of the CDR, there is always
the possibility that the user calls again directly after call termination, before the CDR is
processed. In this case the credit balance is not updated, and the connection can be granted
even if the user exceeds its credit limit. This “one call exposure” cannot be totally banned out,
but the risk can be limited by taking some measures. An example is the closure of CDR’s
before the end of the session if the amount of used credits exceeds some predetermined
value. This can result in multiple CDR’s per session, and because of performance reasons,
the operator must define a well-considered rule to keep the balance between processing
costs and possible risks.

3.3 Service Node Concept

The Service Node concept uses distributed Service Nodes (SN) that are co-located with the
MSC's for call handling and charging. This concept is the most widely deployed prepaid
service solution in the initial stage of prepaid service provisioning. It is relatively easy to install
because a phased approach can be used to add externally controlled prepaid services to the
existing post-paid service infrastructure. The SN is typically co-located with the MSC, and is
connected to the MSC using standard T1/E1 trunks. Service nodes are typically implemented
by using Computer Telephony Integration (CTI) techniques or PC-controlled private branch
exchange (PBX) techniques. The former is the most flexible because of the support of
standard API's, while the latter is better suited for large and cost effective solutions.

1 4 4

MSC SSP
2
4

MSC: Mobile Switching Centre

SSP: Service Switching Point
PBP: Prepaid Billing Platform Service
3 PBP
Node

Figure 5. Prepaid call origination in Service Node concept

Steps involved in the call origination for the Service Node approach:

1. The prepaid customer initiates a call.

G I G A A B P 17
 2. The MSC identifies that the caller is a prepaid customer. The MSC sets up the trunk
to the service node.

3. The service node authorises the call request by consulting the prepaid billing platform.

4. If the call request is granted, the service node sets up a trunk back to the MSC, and
the trunk is eventually connected to the called party. The service node starts credit
decrement.

3.4 Mobile Intelligent Network concept

The Mobile Intelligent Network (Mobile-IN) solution is considered to be the most complete
solution to prepaid service for mobile communications today. It is however, a very expensive
solution that can most likely only be afforded by large operators. This concept is based on a
centralised Prepaid Service Control Point (P-SCP), that communicated with the MSC's
5
through an intelligent network protocol (e.g. CAMEL ) over the SS7 signalling network. All
billing information for a prepaid customer is stored in the P-SCP.

1 5 5

MSC SSP

3
3,6,8
2,7

Solid Lines: Voice Trunk

Dashed Lines: Signaling
MSC: Mobile Switching Centre Intelligent
P-SCP: Prepaid Service Control Point P-SCP 4 Peripheral
SSP: Service Switching Point

Figure 5. Prepaid call origination in Mobile-IN approach

Steps involved in the call origination for the Mobile Intelligent Network approach:

1. The prepaid customer initiates a call.

2. The MSC encounters the Mobile-IN call set-up trigger. The call set-up process is
suspended, and a prepaid call request message is sent to the P-SCP. The message
includes the MSISDN (telephone number), location information of the MS, and the
called party telephone number. The P-SCP determines whether or not the customer
can make the call by querying its database. Based upon threshold processing
parameters defined by the prepaid billing system, the P-SCP may deny or accept the
call.

3. Optional (1): The P-SCP instructs the MSC to establish an ISDN (voice) link to the
intelligent peripheral.

5
See Appendix A

18 G I G A P O R T
 4. Optional (2): The P-SCP instructs the intelligent peripheral to provide account status
notification, such as the balance and the charging rate for the call to be made to the
prepaid customer.

5. The P-SCP asks the MSC to resume the call set-up procedure, and the call is
eventually connected. The P-SCP starts a countdown timer. The amount of credit
decrement (from the current balance) is derived from carrier-defined threshold
parameters, the rate plan, the destination, and time/date dependency.

6. The call terminates when either the balance runs out or the call completes. If the
countdown timer ends before the customer terminates the call, the P-SCP instructs
the MSC to terminate the call. For normal call completion, this step does not exist.

7. Once the call is terminated, the MSC encounters a WIN call-release trigger, which
sends a disconnect message to the P-SCP indicating the completion time of the call.

8. The P-SCP rates the completed call and updates the customer’s prepaid balance
accordingly. Then it sends the current balance and cost of the call to the MSC. The
MSC releases the call.

Although the Intelligent Network approach is the most expensive solution, it is the most
promising solution for the future. Current developments in the telecommunications industry
are targeted at functional separation between the technical network routing functionality, and
the intelligent functionality used for service creation, and service exploitation. The idea behind
this movement from expensive and Telco controlled service creation environments to a more
flexible and accessible service provider model is enabling faster and more cost effective value
added services by independent parties, and enabling control over the services to third party
service providers, including external billing providers. Appendix A provides more specific
information about Intelligent Networks, and the current developments.

G I G A A B P 19
4 Recharging concepts

The two main steps involved in recharging prepaid accounts are buying or payment, and
activation. The buying step can be a very basic exchange of money against service credits.
This transaction can be totally anonymous because no personal information is required. In the
next step, the acquired credits will have to be assigned to a prepaid account (phone number)
before the credits can actually be used.

Common implementations for recharging prepaid accounts are:

· Recharging vouchers
· Direct debit from bank account
· Electronic purses
· Credit card

Currently the first two implementations are the most used ones. They will be explained in an
example.

4.1 Recharging vouchers

In case of the use of recharging vouchers, the phone user buys a prepaid voucher that
represents a certain credit value. These vouchers are offered from local retailers, but specific
information has to be delivered by the telecom operator. The voucher contains a unique serial
number identifying the voucher as a unique item, and a hidden record number (HRN),
referring to a record in the prepaid administration system. This record represents a single
amount of payment units. It is very important for the integrity of the prepayment recharging
process, that both the serial number and the HRN number are used only once. If not, users
trying to activate their newly acquired credits can be confronted with “empty records”. The
situation where a user has acquired a voucher, with a HRN from a record that has already be
activated is referred to as a flat voucher situation. In the next chapter we will see how this
situation can be caused by fraud activities. Issuing the vouchers (serial numbers) is registered
in the distribution chain, while the issuing of HRN’s will be centralised at the service provider’s
responsibility.

Now what happens? A user goes to the local retailer, for example a supermarket or gas
station, and buys a voucher. Before he can access the number needed for the activation of
his credits, he has to “break the seal”. This usually means that he has to scratch to make the
number visible. Now that the number is known, he calls a special number from the service
provider and will be in contact with an interactive voice response system (IVR). This IVR will
guide him through the activation process, where the hidden number has to be entered. When
entering the number, the credit amount corresponding to this record number will be assigned
to the prepaid account of the subscriber. At the same time, the HRN in the administration
system will be marked as “empty”.

G I G A A B P 21
4.2 Recharching from a bank account

In the second example, a bank account will be used to transfer value from the bank account
to the prepaid account. It is very important that there is a solid agreement between the
individual banks and the service provider. The user must have an account at one of the banks
that is involved. The concept behind this is that whenever a user is dialling in at the service
providers IVR with the intent of upgrading his account, an option is provided to redirect the
call to another IVR of a bank. This bank IVR offers the functionality to transfer value from the
user’s bank account to the prepaid account. The caller must identify himself to the bank with a
personal secure Personal Identification Number (PIN).

22 G I G A P O R T
5 Fraud & abuse scenarios

Fraud is a major issue in the mobile telecommunication industry. It is an common

misunderstanding that prepaid services are not subject to fraud because the services are paid
for in advance. Fraud can be a serious threat to prepaid services that is even more difficult to
discover that in the case of post paid services. Fraud in prepaid services can appear as credit
rates that are not decreased, or by credit levels that are not legitimately increased or
upgraded.

This section will deal with some different scenarios for fraud in prepaid mobile networks. Its
intention is to create awareness on the possible fraud scenarios without getting involved in too
many details. In the next paragraphs, some known scenarios will be summarised to get some
understanding of the principles. It may be stated that some of these examples seem far-
fetched, but it is a simple illustration of the problems that might arise with prepaid services.

External manipulation of the system: By using certain key combinations in some handsets,
users get access to the prepaid system and manage to stop the prepaid counters. On
Handset- or Account of Charge based systems where the credit information is locally stored,
the counter is on the handset; both the credits and the counter are exposed to hacking. Also
the AoC signal sent by the network can be intercepted.

Internal manipulation of the system: By gaining access to the HLR (where all service
oriented customer data is stored) the prepaid account parameter can be set to post-paid. In
this case, the calls are not handled by the prepaid billing platform, but by the post-paid
platform instead. This results in un-billable calls in the post-paid billing system.

Account adjustments: It is possible for inside personnel, e.g. customer care personnel, to
manually provide credit to an account. It is common use that CC representatives are able to
upgrade accounts without using an HRN. This can be done using a Voucher Administration
Terminal. This situation is normally related to customers who found themselves to have
purchased ‘flat’ vouchers. On Handset based systems where the credit information is locally
stored, the credit information is exposed to illegal modifications by hackers.

Manipulation of the P-SCP: In WIN based systems; the P-SCP is the central storage of all
account information. It is clear that manipulation of this central storage can lead to illegitimate
use. It is important that the IN platform offers good logging capabilities to prevent this kind of
abuse. This is not always the case.

Un-authorised refills: This can be the case when subscribers top up their accounts either by
guessing the Hidden record numbers (HRN’s) of unused prepaid vouchers (trial and error), or
by getting the HRN numbers of un-used vouchers from any person who is involved in the
process of voucher printing, transportation of vouchers to the operator stores, etc. This will
result in flat vouchers. Customers, who legitimately purchase refill vouchers, will find their
vouchers to be ‘empty’. They are unable to refill their account.

G I G A A B P 23
Last Call exposure: Prepaid systems based on Hot Billing are subject to the abuse of last
calls. Because the accounting is not real-time, but instead is done just after termination of the
call, the chance of negative credit levels is huge. This is no big problem for normal situations
where the credit will be topped up again, but intentional fraudsters can exploit this situation by
generating extensive use, for example by call forwarding mechanisms.

Simultaneous charging using same HRN: It has occurred that two mobile phones
connecting to the upload mechanism at the same instance of time, both upgraded their credit
by using the same HRN. Although there is no real confirmation for this at the moment, it
makes clear that this situation must be prevented by the organisation of the upgrading system
and processes.

24 G I G A P O R T
6 Conclusions

Prepaid telecom services differ from post-paid services in numerous ways. This is not
because of the delivered service itself, but because of the way the delivery of the service is
experienced. Prepaid services offer both advantages and disadvantages, for the user as well
as the service provider. For the service provider, a prepaid service clearly decreases the
chance on bad debt. It broadens the market by opening up a new (partly overlapping) target
clientele, and it lowers the overhead on the processing of post-paid services. On the other
hand, it increases the financial risks because the income from prepaid sales is less
6 7
predictable than subscription based services. This is mainly because of the higher churn
rates. Prepaid users, in contrast with subscription-based users, can easily decide to buy
credits from other service providers if they provide a better offer.

From the user perspective, the main advantages are budget control and, depending on the
service, possibly the lack of subscription fees. Considering the use of next generation
services, where pricing schemes probably will be even more complicated than the pricing
schemes of current telecom services, prepaid billing can provide some protection against
unintended high expenses. Downsides on prepaid for the customer can be introduced by
possible unfavourable pricing or recharging fuss.

We have discussed different implementation concepts for prepaid services in mobile

telecommunications. The most important differences are found in the location of the prepaid
balance info and counter mechanism. Concepts using central, network based credit
information and counters, can be better prepared against attacks from skilled hardware
hackers, but fraud and abuse can never be totally expelled.

Service providers should decide on the degree of centralisation of the credit information, and
credit decreasing operations. This decision will be based on the security policy, and the
lifecycle phase of the service delivery. At the start of the service lifecycle, service providers
can easily start with one or more decentralised service delivery units. When the service
matures, and the delivery grows, a more centralised service management architecture is
preferred.

6
Note that for post-paid services, an existing relationship between the user and the service provider (in the form of a
subscription) is required.
7
Churn is used to indicate the number of users that leave a service provider to go to a competitor.

G I G A A B P 25
Appendix A: Intelligent Network Concept

This section will provide a brief overview of Intelligent Network (IN) concept. The IN is more
than a network architecture, it is a complete framework for the creation, provisioning and
management of advanced communication services. The IN is a telecommunications network
service control architecture that is a generic platform for open, distributed, service-
independent communication. The availability of services, and the flexibility of the service layer
are influenced by the implementation choices made by the operator and the IN technology
supplier.

The Classical IN Architecture

Intelligent networks are based upon the principle of separation of the network routing
functionality and service intelligence. Upon service request, the network takes care of the
creations of the connection, based on the information provided by the overlaying intelligence.
Whenever the network has claimed a route from A to B, the actual connection is realised. This
way the “expensive” network circuits are not claimed by the call set-up procedure when there
is still a chance of failure (e.g. B is not available). This is in fact just a sample of what IN can
do. In fact a whole lot of Value Added Service can be realised on IN platforms.

-- - s ig n a llin g
SCE _ __ _ d a ta lin k
_ _ _ v o ic e lin k
D B : D a ta b a s e

SM S VLR S C E : S e rv ic e C re a tio n E n viro rn m e n t

S M S : S e rv ic e M a n a g e m e n t S y ste m
S C P : S e rv ic e C o n tro ll P o in t
S S P : S e rvice S w itc h in g P o in t
SCP VLR
S T P : S e rvice T ra n sfe r P o in t
S S 7 : S ig n a llin g S y ste m 7

SS7

SSP/
SSP SSP
STP
S ign allin g ne tw o rk

Te lep ho ne T ele ph on e

Figure 6: Intelligent network concept and components for wire line network

G I G A A B P 27
 8
For the signalling part of the network, the SS7 protocol standard is used. The SS7 network
sets up and tears down the call, handles all the routing decisions and supports all modern
telephony services such as 0800 numbers, call forwarding, caller ID and Local Number
Portability (LNP). The voice switches, known as Service Switching Points (SSP’s), query
Service Control Point (SCP) databases. Connections are made directly or via packet switches
known as Signal Transfer Points (STP’s). Accessing databases using a separate signalling
network enables the system to more efficiently obtain static information such as the services a
customer has signed up for and dynamic information such as ever-changing traffic conditions
in the network. In addition, a voice circuit is not tied up until a connection is actually made
between both parties. There is an international version of SS7 standardised by the ITU, and
national versions determined by each country. Which services are actually provided by the IN,
is determined by the Capabilities of the Intelligent Network Application Part (INAP), that
operates as a protocol on top of SS7. The service capabilities are organized in Capability sets
CS-1 to CS-3, defined by the International Telecommunications Union (ITU). CS-1 defines
standard single ended, single point of control services, like number portability, call forwarding,
free phone en much more. CS-2 adds enhanced IN services, such as mobility and broadband
services, IN interworking, to provide international service provisioning.

For European mobile networks, two application technologies are used. The first is INAP that is
also used in fixed IN technology on top of the SS7 network. The second is the Customized
Applications for Mobile network Enhanced Logic (CAMEL), specifically for GSM networks.
Both INAP and Camel are based on the Intelligent Network Conceptual Model (INCM), a
conceptual layered framework for design and capabilities for IN design and is represented by
a Service Plane, Global Functional Plane, Distributed Functional Plan and the Physical Plane.

Camel is an important enabler for Value Added Services (VAS) in mobile networks.
Comparable to the INAP capability sets, the capabilities are dependant on the CAMEL phase
(I to III), and include services as automatic voice response, and prepaid services. The future
of CAMEL depends on its ability to adapt to the integrated voice and data services for 2,5+
mobile networks. The IETF is currently working to define capabilities for hybrid IN + IP
networks. These capabilities aim at close integration between advanced telephony and
Internet services. Examples of initiatives on hybrid capabilities are PINT and SPIRIT.

The IN evolution towards an open service-enabling architecture

Classical IN’s are evolving towards more open service delivery platforms. Integration of
telecommunication services and Internet services, and the adoption of new service
provisioning models is gaining momentum. This results in new requirements for intelligence in
telecom networks. Some important initiatives aiming at these needs are:

8
Signalling System 7is the protocol used in the public switched telephone system (the "intelligent network" or
"advanced intelligent network") for setting up calls and providing services. SS7 is a separate signalling network that is
used in Class 4 and Class 5 voice switches.

28 G I G A P O R T
IN Forum (IN-CT and IN-IP groups):
IN Forum (INF) CT-IN Integration WG and IN/IP Integration WG. During 1998, the IN/CT
workgroup has been developing a positioning paper to define the opportunities and the
services enabled by the convergence of IN and Computer Telephony. The mission of the
IN/SS7-Internet Protocol Working Group is to facilitate the broader application of Intelligent
Network (IN) capabilities in the Public Switched Telephone Network (PSTN) to access Internet
functionality and vice-versa for providing synergistic arrangements for existing and new
services. The Working Group will define interoperability requirements, identify any protocol
shortfalls, strive to resolve any such shortfalls through influencing appropriate standards, and
develop implementation agreements that meet industry opportunities for inter-networking IN/
SS7 and Internet capabilities.

3GPP OSA:
rd
3GPP (3 generation partnership project) was conceived some two to three years ago with
the express purpose of accelerating work on mobility. Existing standards organisations such
as the ITU-T and ETSI had been successful in producing a vast array of international
standards for different technologies; however, the speed with which this was attained was
slow, especially when compared to bodies such as the IETF. It therefore remained a target of
the mobile industry to produce coherent specifications in a time frame that was ahead of
those within the standards industry -hence the formation of 3GPP. At the end of 1998 and the
beginning of 1999 3GPP formed a group known as OSA, open service architecture. The
purpose of this group was to focus 3GPP's efforts on defining an architecture in support of the
virtual home environment (VHE) — the need here being to provide mobile users with access
to their service offerings irrespective of their position within or outside the home network
environment.

Parlay Project:
The Parlay project, large players from both telecommunications and IT industries are
combining their strengths to create an open network API for telecommunications networks.
The API will allow secure access to core and advanced capabilities embedded in the networks
of today’s telephone companies while being sufficiently adaptable to address similar
capabilities in future communication technologies. The scope of the activity includes all kinds
of communication capabilities such as telephone technologies (wire line, wireless, and IP
telephony), as well as video and data communications. The API will not directly open up the
networks' signalling for public usage. Rather, network capabilities will be encapsulated and
made visible using object technology in a secure, manageable, and billable manner. Client
access to these capabilities will be realised using object access technologies such as COM or
CORBA.In the industry, Parlay is seen as an important step towards network independent
service provisioning. It is also considered an important enabler for third party Billing providers.
In 2001 the first Billing implementations based on Parlay technology have been launched. The
current members of the Parlay Group are AT&T, BT, Cisco Systems, Ericsson, IBM, Lucent
Technologies, Microsoft, Siemens AG and Ulticom.

Java IN (JAIN):
Organized by Sun in 1998, the JAIN initiative addresses the needs of next-generation telecom

G I G A A B P 29
networks by developing a set of industry-defined APIs for Integrated Networks. JAIN is a Java
Beans based industry framework for the Java-based IN service implementation. Sun joint
forces with the Parlay project and developed a JAIN API specifically for the Parlay 2.1
specification.

30 G I G A P O R T
References

[BiCh01] Yi-Bing Lin, Imrich Chlamtac, Wireless and Mobile Network Architectures,
Wiley Computer Publishing, 2001: ISBN 0-471-39492-0
[MaPo96] T. Magedanz, R. Popescu-Zeletin, Intelligent Networks, Basic Technology,
standards and Evolution, International Thomson Computer Press, London 1996.
ISBN 1-85032-293-7
Available at: http://www.wiley.com/compbooks/
[AMS01] American Management Systems, The Next Generation of Prepaid Services, results
of an industry survey, March 2001.
[Sube01] Subex Systems Limited, Whitepaper on pre-paid fraud, 2001

G I G A A B P 31