Screenshots

Unknowingly, the November 20 Forum jointly held by MCMC and MMCP (Nalaysia Multimedia Content Providers Association) has effectively dealt Maxis COO Jon Eddy Abdullah (picture below) a lethal blow.

He has a big task ahead of him:

It was implied at the Forum that his senior staff had made several indefensible decisions concerning technical auditing of the outsource Maxis Preventive Gateway (MPG), and data integrity of the SMS content providers. He now has to kick arses to protect his company... and himself.

Secondly, the MCMC-MMCP Forum also exposed four critical issues that beleaguered the SMS content industry, and key players themselves are complaining:

1 ) Macro Kiosk, a repeat offender of industry Guidelines, has been despised by its peers and the authority that regulates the industry;

2 ) The MPG is effectively operated by Macro Kiosk, a repeat offender by MCMC's published records;

3 ) The MPG is not functioning the way it was intended;

4 ) By taking no effective action, MCMC and Halim Shafie are condoning all the evils that contaminated the entire industry, where unassuming mobile users were fleeced and scammed.

You have to read the Nov 19 blog entry in Screenshots -- and the whole series of exposé on SMS Scams -- to understand the background to the issues at hand.

1 ) Nov 20: The Amarjit Singh Magic Show

In true blood bureaucrat's demeanour, Amarjit Singh a/l Kartha Singh (picture left), the head of the Content, Consumer and Network Security Division at MCMC, opened up the forum to listen to nothing that he has not heard of during his older days as the Under Secretary at the Licensing & Regulatory Division, Ministry of Energy, Water and Communications (KTAK) and the present job.

He let the content providers take their turns to speak on the problems they faced reacting to the disruptive performance of the MPG and how the industry may suffer further if nothing gets done at the root.

Predictably, being a career bureaucrat, Amarjit Singh gave the bureaucratic mantra whenever there was specific demand from the floor: "We will look into it."

Most of the attendees among some 40 present spoke like frightened meeks. However, they made one point loud and clear before the Forum was convened, that they did not want Macro Kiosk, or Toprole Network Sdn Bhd, to be invited to the meeting.

They cited Macro Kiosk as an interested party and the common target of industry grouses for being the vendor and operator of preventive gateway solutions for Maxis and Celcom

MCMC obliged and the Goh Brothers from Macro Kiosk were no where to be seen at the Forum. What does this tell you, Jon Eddy?

2 ) Highlights of the Nov 20 MCMC-MMCP Forum

As if reading from prepared script, representatives of the the CPs who took to the floor voiced their grievances and reservation pertaining to the Maxis version of Preventive System. (MPG)

They were poignant enough not to mention Macro Kiosk by name (using innuendos like 'we all know who they are' etc) but the audience was educated in no uncertain terms that Macro Kiosk had deployed a staff strength of 4 persons to operate the so-called 'preventive gateway' at two major celcos -- 2 support staff handling Maxis MPG and 2 support staff handling Celcom (PCM)

Among other things, the grousing CPs have highlighted the following:

1. That the same 'preventive' system provided by the particular vendor to the two celcos, has actually been used by their clients.

   The difference is: Previously before the celcos 'commissioned' their preventive gateways, Macro Kiosk has already been found in violation of the Guidelines and breached its ASP(C) licensing conditions. At the material time, frauds only affected Macro Kiosk' clients.

   However, now with Macro Kiosk providing and manning the preventive celcos, the same system is affecting
   the entire industry as all transactions of SMS services via the 3xxxx shortcode are made mandatory to pass through it.

2. That Maxis and Celcom are incapable of handling the system and administrative support, and staff from Macro Kiosk are the ones who actually manage all support service which include, alarmingly, modifications of the system.
3. That it is professionally inappropriate for security-critical corporations like Maxis in rushing into implementing the system without adequate and proper trial, including processes that involving staging server to meet due diligence requirementr.

   As a result, the Forum was told, almost all CPs had suffered revenue loss of no less than 30% over average records due to such imcompetencies.

4. That almost all CPs faced the same type of problems with the preventive system.

   One CP even mentioned that the MPG, which is supposed to protect the consumers, has ended up double charging the consumers.

5. That the Forum illustrated one undeniable fact on data integrity, that Macro Kiosk has the access to all the subscribers data of all the CPs in the country.

   In other words, Macro Kiosk is, by default, enabled to do two things at their disposal: ( 1 ) to analyse all competitors information and ( 2 ) at the same time to sabotage any CPs who are viewed as unfavourable to them ina competitive environment -- if it wanted to.

   In short, Data integrity is in no doubt being compromised.

6. That Maxis currently implements the barring of Masking Number, and it is now causing havoc to the CPs.

   According to what was told to the audience, Maxis is not addressing the issue as the root cause is Spoof MO, a capability which the operator of the preventive gateway is privy to. Relatively, the Forum was told, Spoofed MT is less like the cause of consumer fleecing.

   It was also highlighted that, to date, Maxis has not come forward to categorically proclaim that it has stopped the Spoofed MO completely.

7. Most significantly, from the feedback provided by the CPs at the Forum, it indicated that both Maxis and Celcom had not been forthright and truthful to the Ministry of Energy, Water and Communication and the MCMC. Both celcos have told the authorities that the preventive gateway had come from Toperole Network Sdn Bhd aut concealed the fact that it is effectively Macro Kiosk, a repeat offender by MCMC records.

   Besides, the CPs had also expressed their greatest fear that the real party which has full access to the system is none other than Macro Kiosk's staff.

   One CP even went to the extent of saying that, quote, "MK is behind the whole things, and all CPs in the industry know it."

3 ) Time for Domestic Inquiry at Maxis, then Celcom?

So, the next question is, tracing the chronology, had Maxis senior staff in charge of the SMS external content providers, comprising Nikolai Dobberstein (picture below) and Abigail Wong, been misleading the MCMC and KTAK on the issues surrounding the SMS Scams and the vendor/operator of the Maxis Preventive Gateway?

Why did Maxis, and for that matter Celcom too, have to go back and inform MCMC and KTAK of their subsequent undertaking and further assurance they will take over the operation of the preventive gateway in due course?

Willing witnesses are ready to testify that even Amarjit had been made aware of a Maxis undertaking and assurance to MCMC and KTAK that the celco, now delisted from Bursa Malaysia, will take over the maintenance role for the MPG.

Once done, the Little Birds said, an audit will be carry out by technical auditors appointed by the MCMC.

However, feedback gathered during the Nov 20 Forum indicated that none of the CPs were convinced such audit did take place to allay their fears.

According to documents and correspondence sighted by Screenshots in August 2007, that the then Deputy Secretary-General I at KTAK was already informed of the identity of the appointed vendor of the preventive system (Toprole Network Sdn Bhd) as being a subsidiary of Goldis Bhd (formerly Tan and Tan Group).

It was revealed then that all hardware would be located in data centre in Kepong, linked via VPN, and monitored by Maxis.

Maxis also gave the assurance that the information is "water tight and controlled", sighted documents indicated.

Subsequently, MCMC issued imperatives requiring compliance on the side of Maxis, which include:

1. Maxis is to take stiffer action on the non compliant ECPs and to expose the offender to the public


2. KTAK suggested that for “crucial” business customers, such as banks, separate shortcodes must be used to separate from consumer services like ringtones, wall paper, etc.


3. Maxis is to implement awareness campaign and press releases on SMS spam and spoof starting from the month of August 2007.

Based on those evidence, dear Jon Eddy, let's re-visit what your senior staff Nikolai had said in a press statement in June, that if any of the "they (the 18 members of the Maxis Elite external Content Provider (ECP) Partners Programme) are found to be violating the Guidelines, he will suspend them (The Star, June 7, 2007).

Has he, Jon Eddy?

Set up Domestic Inquiry, start probing internally

We remember you were appointed as the Maxis Chief Operating Officer for the Malaysian operations on June 1, 2007, ain't it so, Eddy?

Nikolai had made the corporate promise during your present tenure as his reigning supervisor. Consciously, you should know all that.

Though you didn't make it to Egypt after resigning as CTO for DiGi, we respect you know what it entails in technical audit for the Maxis Preventive Gateway by global benchmarking.

Will you not do the Amarjit Singh bureaucratic swing by singing: "We will look into it"?

Do take note that, during the Lim Kim Seng Hari Raya party, a representative of Sybase 365, a company parented in the US, had proposed that in line with the implementatiion of the 'preventive measures', the industry Guidelines must now be adjusted accordingly to offload some burden to the celcos.

Institute a Domestic Inquiry, Eddy. When we reveal more documents, hopefully we will see less eggs on your face.