Hello,
I fear that such a case can't be avoided with allowing only
a single registration. If I steal your phone away from your
desk, you will not register with it anymore, but I will and
we will have exactly one valid registration. Leaving SIP
phones with hard-wired passwords on your desk has simply the
same potential as leaving your credit-card or cell-phone there.
What can be done about fraud?
User education -- don't leave your money and phone unattended.
Hotline -- report stolen phones to lock the account.
PIN Lock -- use phones which can log-off and log-on (I'm not aware
of any now -- only 3com used to do that)
-Jiri
ps -- ability to move is a feature. I know people who are very glad
to use Vonage's US phone number and move with their ATAs and the
US phone number around in Europe.
At 11:37 PM 3/5/2003, Ng, Soo Sim wrote:
Jiri,
Scenario is providing IP Telephony to the household.
I am more concern about the security of the Hardphone. I am thinking of auto-provisioned
the hardphone (eg C7960, ATA186) without subsriber intervention. What the subscriber know
is their phone # (Just like legacy phone system).
Since the Hardphone is 'hard-coded', the phone can move round the vicinity of the
redisential area and still able to make a call. Potentially this will lead to abuse, as
someone may take the phone to a different location when owner is not around and make a
'free' call, return back the phone and the billing still charge the original
subsriber.
Any other suggestion to counter this issue is much appreacited.
SSng
-----Original Message-----
From: Jiri Kuthan [mailto:jiri@iptel.org]
Sent: Wednesday, March 05, 2003 12:18 AM
To: Ng, Soo Sim; serusers(a)lists.iptel.org
Subject: Re: [Serusers] multiple registration on one user login
At 03:08 PM 3/4/2003, Ng, Soo Sim wrote:
I have such requirements. In providing sip-based
residential ip telephony, I would like to restrict each home subsriber is only allowed to
register one UA per account. This would make easy for billing purposes and for security
reasons.
Is there a way to achieve this requirement with SER?
If that is your desparate wish, it is little overhead to make you happy.
I'm still not sure though, it is a useful thing.
Maybe an operator can make more revennues if my wife can accept calls at
any phone in my building and initiate calls in parallel with my doughter.
What are exactly the billing/security reasons here?
-Jiri