Anonymity of prepaid phone chip-cards

Bill Stewart bill.stewart at pobox.com
Sat Mar 27 01:24:27 PST 2004 

At 10:51 AM 3/26/2004, Thomas Shaddack wrote:
>Each prepaid "Trick" phone card has its unique serial number. The payphone
>reads it from the card. The busted person (let's call him "target") used
>the same card for multiple phone calls, thus becoming the card's number
>known as the target's temporary identity.

What do you mean by "Trick"?  Is that a local brand name,
or are you implying there's something special about this card?

Normal phone cards let their issuers know in almost-real-time that
they're being used, because they're spending money from a
specific debit account, not digital cash tokens.
It's not like old-fashioned monthly phone bills,
which didn't need to be in real-time because they
knew where you lived (and weren't real money anyway*,
except for international calls requiring settlements.)
Some cards have more information - many brands can be recharged
using a credit card, which might identify the user.

>The interesting part was that the phone company knew in realtime when the
>card was used - enough in real time to dispatch a police patrol car to the
>location.
>...
>I strongly suspect the usage logs exist for individual cards, allowing to
>back-trace the phonecalls done with the given card, thus tracing the
>identity of the card's owner by the call patterns.

Well, of course - databases are much easier these days
now that megabits/second and gigahertz are slow and terabytes are small and 
cheap,
and calling card companies _are_ fundamentally in the business
of doing database queries and updates, not telecommunications.
They're even easier for new competitive phone companies than
for the old monopolies, because they don't have an embedded base
of antique data structures.

An initial call to someone might not be easily traced in near-real-time,
unless the recipient was a "usual suspect" set up for it,
because that's backwards from the normal database structures.
But once you've done the medium or hard work to identify
the source of the call after the fact, and gotten lucky by
finding it was from a phone card company in your country,
setting up a forward trace for future calls from that company
shouldn't be very difficult.   It's the kind of feature that
might only be useful to police and other stalkers,
but maybe the phone company had operational reasons for building it,
and it looks for data in the Simple Matter of Programming direction,
not the Huge Difficult Sieve Through Everything direction.

                 Bill Stewart

More information about the cypherpunks-legacy mailing list