Subscribe

Advertise your job ad
    Search jobs

    Cellusys African odyssey uncovers Spotify data fraud along the way

    When team of telecoms firewall experts from Cellusys hit the long road from Barcelona on a five-month journey across Africa, they could never have imagined the challenges they would face – or the scam they’d uncover where people were tunnelling through free Spotify data to access the internet. The 18,000km odyssey, which began on 1 October 2023 and culminated at Maiden’s Cove in Cape Town on 28 February 2024, wasn't just a sightseeing trip.
    The Cellusys team: (from left) Dan Fletcher, Scott Fairnington, Chris Daly, Iyad Al-Shihabi, Rebecca Parkin, Luanna Sena and Nick Redmayne
    The Cellusys team: (from left) Dan Fletcher, Scott Fairnington, Chris Daly, Iyad Al-Shihabi, Rebecca Parkin, Luanna Sena and Nick Redmayne

    “We had a really nasty case of diesel poisoning in Nigeria, which knocked down one of the cars for quite some time,” explained travel consultant Nick Redmayne who was the overseer of the trip.

    “In Nigeria, the economics of the taxation system there means that there are very few diesel cars. So, everything's running on petrol and to get spare parts for diesel cars, or a mechanic who has knowledge of how to set up a new set of injectors on diesel cars, is impossible.”

    Aside from the contaminated fuel mishap, their adventure served to highlight the remarkable advancements in mobile connectivity across rural Africa.

    The team's impact extended beyond pure observation. In Ghana, they launched a coding bootcamp for 75 youth, and fundraising efforts supported Télécoms Sans Frontières (TSF) and Moroccan women's micro-enterprises.

    Post Covid

    Originally planned for 2019, the road trip was delayed by the COVID-19 pandemic. Cellusys team members participated in segments along the way, ensuring a company-wide experience.

    "Understanding the diverse and challenging environments our customers operate in is crucial," said Dawood Ghalaieny, chairman of Cellusys.

    "Success factors vary greatly, even between neighbouring countries. This trip allowed us to see how we can best support our customers navigate these unique challenges and opportunities."

    Cellusys African odyssey uncovers Spotify data fraud along the way

    Cellusys develops technology that empowers telecom operators with insights and control over network signaling, focusing on security, Internet of Things (IoT), roaming, and analytics.

    The MoMo impact

    A key takeaway from the journey was the widespread use of mobile money in remote and rural areas. Expanded connectivity by Africa Mobile Networks (AMN) has brought cell service to these regions, enabling secure and convenient financial transactions.

    "In 2023, our customer MTN launched a new international remittance platform for mobile money (MoMo) users across 12 African countries," Ghalaieny noted.

    "Having just visited these regions, we can personally vouch for the speed and security of these mobile networks, especially in rural communities."

    Without this connectivity, platforms like MoMo would struggle to achieve financial inclusion

    Cellusys' African odyssey adventurers witnessed the transformative power of mobile connectivity first hand and experienced the increasing importance of mobile technology in bridging the digital divide across the continent.

    Exotic fraud

    “In some areas the 4G connectivity on the highways was better than what we have in Europe,” said Luanna Luna Sena, a solutions engineer at Cellusys who joined the team in Nigeria.

    The Brazilian native works out of the London office and has a broad experience of the varying quality of mobile connectivity across the globe. But nothing could prepare her for what the team discovered in Angola.

    “We check in with one of our network partners who alerted us to unusual network traffic on the Spotify service in the country."

    Where they were expecting to see megabits of data per stream, they were seeing gigabytes of data!

    Angolan mobile operator Unitel partnered with Spotify in 2022 to zero rate the app for network subscribers – meaning that Spotify streaming wouldn’t consume data.

    Spotify remained responsible for managing the application, creating playlists, highlights as well as remunerating artists, authors and composers, while Unitel promoted the service to its clients.

    “So they needed to talk to Spotify like, “I'm sorry, it's not your traffic, but it's on your account” and it took them 2-3 months to figure out what was happening,” she explained.

    White lies

    Sena and the Cellusys team discovered how users were tunnelling through and utilising that free Spotify data to watch YouTube and access other sites.

    They were trying to export the exploit to their neighbour (Namibia) to see if it could work there

    "You could also pay for access to a video link that teaches you how to do it – so they were selling a course on network fraud.”

    Sena’s team managed to patch up the loophole and had to present the case study to the international telecoms community. She explained that the challenge now is to dupe the fraudsters into thinking that the exploits work or else they just keep trying.

    Cellusys African odyssey uncovers Spotify data fraud along the way

    Cellusys visited its African partners five years ago and the expedition team says that the advancements they’ve seen from then to now are incredible. They’re planning a return in 2029, but maybe by plane.

    About Lindsey Schutters

    Lindsey is the editor for ICT, Construction&Engineering and Energy&Mining at Bizcommunity
    Let's do Biz