Pardoes Cellnet Pages

Letter from BT Cellnet to a victim of their third-party fraud

Cellnet Index page

Logotype of Telecom Securicor Cellular Radio Limited used here for the purposes of illustration and fair comment only

This is BT Cellnet's response to a lady from whom they took 150, even though she hadn't got a Cellnet phone. She asked for an explanation and very reasonable compensation for her expense and inconvenience.

Cellnet don't even apologise, won't admit that their theft of her money is their fault, and say they "will not have any other liability to [her] for inconvenience or otherwise".

Below is the content of Cellnet's letter to this lady, who kindly sent me a copy, and my commentary.

I'll leave it to the reader to decide whether this letter represents a contrite response from an apologetic company, or a cynical and indifferent PR exercise.

Cellnet's responses are in this font. Steve Pardoe's Comments on Cellnet's letter are in small bold type.

Click for the Cellnet Fraud index page, or the main Cellnet story page.

Apologies for the poor quality digital image, reproduced from a fax and edited to preserve the lady's anonymity.

"Dear Mrs [deleted],

"I am sorry to learn of the erroneous transactions that have been debited from your account."

Not "we apologise for", by the way. An expression of sorrow is not an apology.

"BT Cellnet is very sympathetic to anyone who has been the victim of credit or debit card fraud".

But not sympathetic enough to do anything about it, apparently.

"As unfortunate as it is, card fraud is a reality across all industries".

This is precisely why "all industries" require some backup to credit card numbers at the transaction time: signature, PIN, card present (mag stripe), etc. Only in Cellnet's model is the knowledge of the card number and expiry date, even in the absence of the card, sufficient to validate a Cardholder Not Present transaction where the user can remain anonymous. This information is not secret: it is printed on every credit/debit card transaction slip, and shop/garage till drawers are full of them.

"BT Cellnet is constantly reviewing its security systems for both its pre and post pay services and periodically enhances its security measures as technology and circumstances change".

Not good enough. Despite repeated promises in the media over the last six months that their system would be changed, it is still possible to top up any "easylife" or "U" pre-pay Cellnet phone using absolutely any credit or debit card, without registration of either the phone or the card, and there are over a million such phones out there.

"However, we unfortunately were not in a position to have been able to prevent this incident from occurring".

Only because Cellnet deliberately chose not to protect the innocent card holder against third party fraud, preferring instead to make life easy (hence "easylife") for their customers, so that Cellnet could maximise market share at the expense of the defrauded parties, whom they then refuse to compensate.

"As with any transaction involving a credit card, the card is checked through normal banking validation procedures once the customer has typed the information into the phone. It is the banking system which determines whether or not the card is to be accepted for each transaction".

This is another disgracefully disingenuous answer. Of course the card will be validated by the banking system, which is purely to protect BT Cellnet themselves against the likelihood of cards being used which the banks won't honour, such as cards reported stolen or where the credit limit has been reached. This procedure does nothing to check that the card is being used legitimately, which a registration procedure linking phones to card numbers would ensure.

Cellnet rely on this confusion to deflect critics of their system from the fact that it is not the card itself which is invalid, but the user of it. The whole reason that Cellnet's third party fraud problem arises is that while perfectly valid card numbers are being used, they are not being used legitimately, which is what Cellnet fail to check. Cellnet have deliberately introduced a pre-pay system which does not require registration of either the phone or the credit card, and Cellnet compound this by not bothering to correlate these, so that not only can they not prevent fraud in the first place, but (arguably even more seriously) they are not in a position to trace fraudulent top-ups. This (as is well known to the unscrupulous users) prevents the fraudster from being identified, and also means that the phone can't be identified and turned off. The Police say they are powerless to act, so the innocent victim has no redress against the criminal. Indeed, the victim may easily be victimised again, even after changing card accounts, as the identity and location of the fraudster remain unknown.

"BT Cellnet do not have the authority to investigate matters concerning your private account".

However, they seem happy enough to charge amounts to it, without your authorisation. This answer is completely specious. If Cellnet can debit you, there is absolutely no reason why they can't credit you. It's just a lame cop-out, passing responsibility for clearing up Cellnet's mess onto the banks.

"Therefore once this issue has been brought to the attention of your card issuer, the card issuer should refund the amount fraudulently charged to your account. BT Cellnet will then refund your card issuer, but will not have any other liability to you for inconvenience or otherwise".

So they say! I'm not a lawyer, but I can't see that simply making such a statement in a letter to you absolves BT Cellnet of a common law duty of restitution. You are entitled to recompense, in the same way as you are from anyone who damages you, deliberately or otherwise, whether it's a con-man who cheats you, or someone who crashes into your car (from whom you can recover uninsured losses, for example).

Cellnet have no contract with you (until you complained, they had no idea you existed) so there can be no exclusion clause which might allow them to escape liability for consequential losses.

I remain convinced that Cellnet owe you compensation, and I think your original proposal of 50 was entirely reasonable.

"For security it is also advisable to change the credit card from which the unauthorised payments were deducted".

So, Cellnet are clearly admitting that there will be some consequential inconvenience and expense. They can't have it both ways.

Behind the flannel, what Cellnet are really trying to say is that they will not take any responsibility for the fact that they have deliberately installed a pre-pay top-up system which they have always known to be wide open to third-party fraud. Even though they are well aware that thousands of people have been defrauded as a direct result of their policy, they have refused to admit their culpability, and indeed have made public statements and promises about their security procedures which are deliberately misleading and in some cases plainly false.

Cellnet should do the honourable thing and compensate you and all their other third-party fraud victims for the expense and inconvenience they have caused, over and above the simple refund which the banks will eventually provide (in some cases, as we know, not without a fight). Cellnet's persistent refusal to honour this fundamental common law obligation shows, in my view, that they are a company which is fundamentally dishonourable and should be put out of business.

Cellnet's responses are in this font. Steve Pardoe's Comments on Cellnet's letter are in small bold type.

Click for top of page, the Cellnet Fraud index page, or the main Cellnet story page.

Cellnet Home page E-mail to us if you have something to say about this!
[Cellnet fraud index page] [Site directory] [Home page] [E-mail us]