Cctv newsAccording to the website of the Ministry of Industry and Information Technology, on November 4th, the Ministry of Industry and Information Technology issued the Implementation Opinions on Further Preventing and Combating Communication Information Fraud. The "Implementation Opinions" pointed out that all basic telecommunications enterprises should speed up the registration of old users without real names, and the real name rate will reach 100% by the end of 2016. If the registration is not completed within the specified time, it will be stopped.
Details of the Implementation Opinions are as follows.
First, strictly and quickly implement the telephone user real-name registration system
(a) to speed up the completion of the registration of user identity information without real name telephone stock.All basic telecommunications enterprises should speed up the registration of unnamed old users, and the real-name rate will reach 100% by the end of 2016. All mobile resale enterprises should pay a return visit to all users in paragraphs 170 and 171 and confirm their identity information, and re-register users who have not registered or have incorrect registration information. By the end of 2016, the real-name rate will reach 100%. If the registration is not completed within the specified time, it will be stopped.
(two) strictly do a good job in the real-name registration of new telephone users.All basic telecom enterprises and mobile resale enterprises should take effective management and technical measures to ensure that the registration information of telephone users is true, accurate and traceable. When going through the network access procedures for new users, it is necessary to strictly implement the responsibility of checking the user’s identity documents, take measures such as second-generation ID card identification equipment and online verification to verify the user’s identity information, and take photos of the users on the spot and keep them. When developing new users through network channels, we should adopt online video authentication and other technical methods to verify user identity information.
(3) Strictly limit one card to multiple cards.Before the end of 2016, all basic telecom enterprises and mobile resale enterprises should fully complete the cleaning of users with one card and multiple cards, and re-verify the user identity information of the existing users who have handled more than five mobile phone cards nationwide. If the number of mobile phone cards used by the same user in the same basic telecommunications enterprise or the same mobile resale enterprise nationwide reaches 5, it shall be handled in accordance with the relevant requirements of Article 4 of the Notice on Preventing and Combating Telecommunication Network Fraud Crimes issued by six ministries and commissions.
(4) Strengthen the management of real-name registration of industry cards.First, all basic telecom enterprises and mobile resale enterprises should re-verify the real-name registration of industry cards that have been used online, and re-register users who have not registered or have incorrect registration information. By the end of 2016, the real-name rate will reach 100%. Second, for those who newly handle the use of industry cards, it is necessary to strictly examine the qualifications of industry users, the functions, quantity and business volume of the required industry cards, screen voice and SMS functions according to the principle of "minimum functions", and make full use of technical means to strictly limit and bind the use scope (including accessible IP addresses, ports, call and SMS numbers, etc.) and use scenarios (such as one-to-one correspondence between equipment IMEI and number card IMSI) of the industry cards. Third, in principle, the newly-added industry card must use a 13-digit special number segment and carry related services through a special network. Under special circumstances, if it is necessary to use an 11-digit number segment and enable unlimited voice functions, it must be registered according to the real name of public mobile phone users. Fourth, according to the principle of "who issues the card, who is responsible", all basic telecommunications enterprises and mobile resale enterprises should strengthen the monitoring and control of the use of industry cards, and strictly prohibit secondary sales and illegal use of industry cards. If effective monitoring and control measures are not taken, resulting in the reselling of industry cards or being used by non-industry users, the responsibilities of relevant enterprises and responsible persons shall be strictly investigated.
(5) Strictly implement the requirements for the management of real-name telephone system in agency channels.All basic telecom enterprises and mobile resale enterprises should further strictly enforce the access of agency channels, strengthen the qualification examination of agents, and strictly prohibit the agency channels from entrusting subordinate agents without authorization. Establish an accountability system for violations of telephone access and real-name registration in the entrusted agency channel. All basic telecommunications enterprise groups should sign a letter of commitment on telephone real-name registration system, and all enterprises should establish an internal accountability mechanism. Once the agency channels that violate the rules such as non-registration, false registration, batch card opening and "card maintenance" are found, their agency qualifications will be cancelled immediately, and they will be included in the blacklist of entrusted agency channels, and the responsibilities of relevant departments and responsible persons of provincial companies of related basic telecommunications enterprises will be strictly investigated. All communication administrations should organize telecom enterprises to improve the blacklist system of entrusted agency channels before the end of November 2016. For blacklisted channels and individuals, telecom enterprises shall not entrust them to handle telephone access and real-name registration procedures.
Two, vigorously rectify and standardize key telecommunications services.
(six) to carry out a comprehensive inventory of users to clean up.Before the end of November, 2016, all basic telecommunications enterprises should fully complete the investigation and cleaning of key telecommunications services such as voice lines and "400", "No.1" and "business switchboard". If the subject information is not registered, falsely registered, the registered information is incomplete, the use is not registered, or the actual use is inconsistent with the registered use, the qualifications are inconsistent, or there are other irregularities in business operation and use, and the use is abnormal, users should be urged to rectify within a time limit. If the problem is serious, they refuse to rectify or fail to rectify as required, they will be banned according to law. Before the end of November 2016, all basic telecommunications enterprises should report the above-mentioned key telecommunications services to the Ministry and the local communications administration in writing.
(seven) strictly strengthen the audit and management of new users.First, strictly apply for the subject qualification. The bidding subjects for voice private lines and key telecommunications services such as "400", "No.1" and "business switchboard" must be unit users, and it is strictly forbidden to develop individual users. The second is to strictly handle channels. Users must apply for the above-mentioned key telecommunications services in the basic telecommunications enterprise’s own physical channels, and the basic telecommunications enterprise shall bear the management responsibility, and it is strictly forbidden to handle them through agency channels or network channels. The third is strict qualification verification. The applicant shall provide the valid certificate of the company (business license for enterprise users, organization code certificate for government departments, institutions and social organizations), the valid identity certificate of the legal representative, and the valid identity certificate of the applicant. In case of applying for resources to operate telecommunications business, the corresponding telecommunications business license shall be provided at the same time. Basic telecommunications enterprises should strictly verify, register and retain the above license information and business purposes. The fourth is to strictly apply for the number. The same user applies for key service numbers such as "400", "No.1 communication" and "business switchboard" in the same basic telecommunications enterprise nationwide, and each category shall not exceed 5 in principle. The fifth is strict account management. All basic telecommunications enterprise groups and provincial companies should establish unified accounts of the above-mentioned key telecommunications services before the end of 2016, and dynamically update their management.Ensure that the regulatory authorities can inquire about the registration, use status and business change records of users at any time according to law.
(eight) strictly strengthen the management of outbound business.First, strict outbound approval. Users who apply for outgoing calls of "400" and "business switchboard" and carry out outgoing calls by renting voice private lines with short numbers such as 95 and 96 must be strictly examined and approved by the provincial-level and above companies of basic telecommunications enterprises, and bear the management responsibility. The business contract must clearly indicate the allowed outgoing call number or segment, the purpose, time period and frequency of outgoing calls. The new "No.1 call" is prohibited. The second is to establish a white list system for outgoing calls. The above-mentioned key telecom service numbers allowed by basic telecom enterprises must be the numbers or number segments actually opened by this network and assigned by this enterprise, and be uniformly included in the white list management, and all outgoing numbers outside the white list will be intercepted. When relaying outgoing calls through this network, it is strictly forbidden to use the fixed and mobile user numbers or "400" service numbers of other networks.
(9) Strengthen the responsibility constraint of business contracts.All basic telecommunications enterprises should further strengthen the contract constraints of the above-mentioned key telecommunications services, refine the liability clauses, and clearly stipulate that if they find fraudulent or forged ID cards, illegal use, illegal outgoing calls, abnormal call frequency, use beyond the agreed purpose, sublet and resell, be notified by the public security organs, and users complain a lot about the above issues, they will all terminate their service access after verification and confirmation. Before the end of 2016, all basic telecommunications enterprises should sign relevant liability clauses with existing users.
(ten) to establish and improve the dynamic review mechanism of business use.Before the end of 2016, all basic telecommunications enterprises should take necessary management and technical measures, establish systems such as random dialing, on-site random inspection and annual review of user qualifications, and strengthen the dynamic management of the use of key telecommunications services. If illegal use is found, it shall be severely dealt with according to relevant management norms and business agreements, and the communication management department shall be notified to deal with it according to laws and regulations, and the public security organ shall be notified of suspected illegal crimes.
Third, resolutely rectify the problem of network number change
(eleven) strictly regulate the number transmission and use management.First, strictly guard against international number change calls. All basic telecommunications enterprises should focus on the management and screening of international incoming calls from areas with high incidence of overseas fraudulent telephone calls, and intercept non-standard international incoming calls such as "+86" and false calling numbers of forged domestic public security inspection laws and convenient telephone calls of party and government departments verified and notified by public security organs in the international communication service import and export bureau. For incoming calls with "universal number", the "universal number" information shall be deleted in the international communication service import and export bureau and the domestic inter-network interconnection gateway bureau. The second is to strictly regulate the transmission of calling numbers. Implement the number transmission industry regulations and relevant industry standards. It is forbidden to illegally transmit a call whose calling number is blank or set the calling number to be disabled. All basic telecommunications enterprises will intercept illegal calls and illegal numbers that do not meet the requirements and standards of number management and interconnection between networks at the gateway office. Strictly manage the call forwarding service function of voice private line, and if it is really necessary to open it, it shall be uniformly audited by the basic telecommunications enterprise group company and a ledger shall be established; All basic telecommunications enterprises should fully complete the investigation and cleaning of the call transfer function of the opened voice private line before the end of November 2016. The third is strict number use management. Number users shall strictly abide by the provisions of number management, use numbers in accordance with the regional, use and bit length format norms approved by the communication management department, and transfer is prohibited. The fourth is to improve the ability to find and dispose of network rebranded telephones.All basic telecommunications enterprises shall, in conjunction with the National Computer Network and Information Security Management Center and other units, carry out research on the detection technology of network rebranded telephones, and further enhance the monitoring, discovery, interception and disposal capabilities of network rebranded telephones.
(12) Full implementationCaller authentication mechanism for voice private line.Before the end of 2016, the calling authentication ratio of voice private lines of basic telecommunications enterprises will reach 100% according to the specifications, and all calls that are not authenticated according to the specifications will be intercepted. At the same time, establish mechanisms such as authentication log retention and audit in the calling process, and find that all voice private lines that transmit calling numbers that are not agreed in business contracts will be shut down. For private line users who have serious problems such as transferring international calls without permission, providing voice landing for illegal VoIP and changing numbers, subletting and reselling, they should completely terminate their cooperation and report to the communication management department for handling according to laws and regulations.
(thirteen) the establishment of the network to change the number of calls to check the source and combat mechanism.It is strictly forbidden to operate and operate illegal network number-changing telephones. For users’ reports and network rebranded telephones notified by public security organs, the communication management department organizes basic telecommunications enterprises to jointly check the source of their traffic, and immediately clean up and stop the access of relevant telecommunications lines to units or individuals that provide resources such as telecommunications lines for rebranded calls; Those involved in telecommunications enterprises shall be dealt with according to law, and the management responsibilities of relevant departments and personnel shall be seriously investigated; Notify the public security organ of the suspected illegal crime. All basic telecommunications enterprises should establish and improve the internal quick check mechanism, set up a special person to be responsible for the work docking, and keep signaling data according to the time limit specified by the communication management department. If the basic telecommunications enterprise fails to carry out the backward investigation work due to its own reasons such as the failure to meet the specified signaling retention time limit, it shall be the responsible party for the call source of the number-changed telephone.
(fourteen) resolutely clean up the online number change software.Before the end of November 2016, relevant Internet companies should thoroughly clean up the information of rebranding software on website pages, search engines, mobile application shopping malls, e-commerce platforms and social platforms through keyword screening, software removal, information deletion and account closure, and cut off the channels for downloading, searching, spreading and selling rebranding software.
Fourth, constantly improve the ability of technical prevention and strike.
(fifteen) to complete the construction of enterprise-side technical means.All basic telecommunications enterprises shall, in accordance with the Ministry’s Notice on Further Doing a Good Job in Preventing and Combating Communication Information Fraud (Netan Letter [2015] No.601 of the Ministry of Industry and Information Technology) and the Technical Capacity Requirements for Basic Telecommunications Enterprises to Prevent and Combat Communication Information Fraud Bad Call Numbers (Netan Letter [2016] No.143 of the Ministry of Industry and Information Technology), By the end of 2016, two types of technical means, namely, the business management system for preventing and cracking down on communication information fraud and the security prompt service on the user terminal side, will be fully established, and by the end of March 2017, the monitoring and disposal system for bad calling numbers within and between networks will be fully established, and various technical means will be comprehensively used to continuously improve the technical prevention and cracking capability of the enterprise side.
(16)Further crack down on "pseudo base stations" and "black broadcasting".Local radio regulatory agencies should give full play to their technological advantages, further enhance their technical support capabilities such as monitoring, positioning and approaching search for "pseudo base stations" and "black broadcasts", improve the notification mechanism of major cases with relevant departments such as public security, radio and television, civil aviation, industry and commerce, and actively cooperate with the investigation and crackdown on "pseudo base stations" and "black broadcasts".
V. Strengthening the protection of personal information of industry users
(seventeen) strictly protect the personal information of industry users.Telecommunications and Internet enterprises should strictly implement the Decision of the Standing Committee of the National People’s Congress on Strengthening the Protection of Network Information, the Provisions on the Protection of Personal Information of Telecommunications and Internet Users (Order No.24 of the Ministry of Industry and Information Technology) and other regulations, strictly manage the internal use of users’ personal information, and take necessary technical safeguard measures for network security. Before the end of November 2016, all basic telecom enterprises, mobile resale enterprises and Internet enterprises should fully complete the self-inspection of users’ personal information protection, focusing on the protection and management of users’ personal information in business halls, agents and other links and the security protection of users’ personal information systems, strengthening internal security audits, and seriously dealing with the problem of illegal sale and disclosure of users’ personal information. The Ministry will conduct spot checks on basic telecommunications enterprises, key mobile resale enterprises and Internet enterprises in combination with the network security protection inspection work in 2016, and severely investigate and expose those who still fail to take measures knowing that there are serious security risks.
(eighteen) to strengthen the supervision and management of mobile phone application software.Intensify technical inspection, conduct technical inspection on the collection and use of users’ personal information by mobile phone application software according to the working mechanism of "discovery, evidence collection, disposal and exposure", uniformly remove the found illegal application software and publicly expose it, and investigate and punish illegal enterprises according to law.
Six, strengthen social supervision and publicity and education.
(x)nine)Strengthen supervision, acceptance and disposal of reports.First, all basic telecommunications enterprises and mobile resale enterprises should further improve the channels and methods for users to report, establish and improve the reward system for reporting, and set up special zones to receive and dispose of reports from users suspected of communication information fraud in a timely manner. Internet society of china should give full play to the role of the 12321 reporting platform and establish multi-channel reporting mechanisms such as telephone, SMS, website and mobile APP. Second, all basic telecom enterprises and mobile resale enterprises should carefully check the user complaints reported by the public security organs and accepted by the 12321 Reporting Center, and make timely rectification and serious accountability for the existing problems.
(twenty) to strengthen publicity to enhance the user’s ability to prevent.First, all basic telecom enterprises and mobile resale enterprises should make full use of traditional media, new media and short multimedia messages to promptly publicize and remind users of the types and dangers of communication information fraud. Second, all basic telecommunications companies and Internet companies should provide domestic mobile phone users with free call number labeling reminders and risk prevention and control warnings suspected of communication information fraud. The Ministry supports China Information and Communication Research Institute and other third-party units to integrate all kinds of monitoring and reporting resources and mobile phone users’ marking resources to realize resource sharing within the industry.
Seven, strengthen industry supervision and accountability.
(21)Strengthen the industry supervision responsibility of the territorial communication management department.First, all communication administrations should promptly supervise and inspect the implementation of the responsibility for preventing and cracking down on communication information fraud in basic telecommunications enterprises under their jurisdiction, and incorporate the inspection results into the information security responsibility assessment of provincial companies of basic telecommunications enterprises, strictly deduct points, and at the same time implement administrative punishment and public exposure according to laws and regulations. Second, all communication administrations should make good use of external supervision, and take measures such as interviewing, ordering rectification, notification and public exposure according to the seriousness of the case for the provincial companies of basic telecommunications enterprises that have been ranked in the top five in the country for three consecutive months or have been notified by the public security organs. Third, the communication administrations should, in accordance with the relevant provisions of Several Provisions on Strengthening the Governance of the Telecommunication Market according to Law (No.453 [2003] of the Ministry of Information), timely reflect and inform the provincial-level companies of basic telecommunications enterprises about the implementation of the responsibility for preventing and cracking down on telecommunication information fraud, as an important basis for the relevant basic telecommunications enterprise group companies to carry out assessment and cadre adjustment for the members of the leading bodies of provincial companies.
(22)Establish and improve the accountability mechanism of basic telecommunications enterprises.First, all basic telecommunications enterprise groups should improve the internal accountability system, implement the one-vote veto system for preventing and cracking down on communication information fraud, and report the accountability system for preventing and cracking down on communication information fraud to the Ministry for review before the end of December 2016. Announced to the public. Second, basic telecommunications enterprises should strengthen the implementation of the system and sign letters of responsibility at different levels. For those who have not effectively established and implemented the closed-loop system of the management system for preventing and cracking down on business norms, technical prevention, supervision and inspection, assessment and accountability, education and training, and those whose responsibilities are not implemented in place, especially those that lead to major cases, according to the case notification of the public security organs and the responsibility identification opinions of the regulatory authorities, basic telecommunications enterprise groups should seriously deal with the involved branches. Investigate the responsibilities of its main leaders and relevant responsible personnel, and take investigation measures such as notification, interview, demotion and even dismissal for the leaders of relevant departments of provincial companies and group companies. The situation of accountability shall be reported to the Ministry and the relevant communications administration in a timely manner. Third, the basic telecommunications enterprise group companies’ violations of the subordinate institutions are strictly deducted from the internal management assessment of the company.
(23) Improve mobile resale.Business supervision and illegal exit mechanism.The implementation of real-name registration system’s management requirements in paragraphs 170 and 171, the major cases involved notified by the public security organs, and the outstanding complaints and reports from users are regarded as one-vote veto items for mobile resale enterprises to apply for expanding business scope, increasing code number resources and issuing formal business licenses. For those with serious problems and poor rectification, the acceptance of related applications such as adding code number resources and expanding pilot scope will be suspended, and those with serious problems and repeated education will be disqualified according to law.
(twenty-four) to increase the punishment of illegal acts of value-added telecommunications business operators and agents.First, the telecommunications operators who violate the laws and regulations shall be notified by the communication management department to the industrial and commercial departments, incorporated into the basic database of enterprise credit information according to law, and announced to the public in a timely manner. Second, the verified illegal value-added telecom enterprises shall be ordered to suspend business for rectification until the relevant telecom business licenses are revoked, and new telecom business licenses shall not be approved within three years in accordance with the Measures for the Administration of Telecom Business Licenses and other relevant regulations. Third, the relevant telecom enterprises should cancel the agency qualification of the agents who have been found to have serious violations. The fourth is to increase exposure, and expose illegal business practices to the society regularly or irregularly.
(twenty-five) the establishment of communication industry to prevent and combat communication information fraud."Blacklist" sharing mechanism.The Ministry entrusted China Information and Communication Research Institute to take the lead in establishing a national shared library for preventing and cracking down on communication information fraud in the communication industry. Enterprises and individuals who are found to be in violation of regulations by relevant departments in preventing and cracking down on communication information fraud are blacklisted, and their business licenses, legal person information, violations, etc. are classified and recorded in detail to realize information sharing in the whole industry. All basic telecommunications enterprises refuse to accept blacklisted users when they apply to become business agents and to use key telecommunications services such as voice lines, "400" and "business switchboard".
Eight, strengthen the work guarantee of prevention and control.
(twenty-six) to further strengthen organizational security.All basic telecommunications enterprises, mobile resale enterprises and related internet enterprises should further improve the internal network information security organization system, clarify the responsible departments of the enterprise to prevent and crack down on communication information fraud, and clarify their work organization and implementation and internal supervision and assessment accountability responsibilities. Among them, the basic telecommunications enterprises should further improve the full-time network information security department at the group company level, effectively strengthen organizational leadership, enrich their work force, and strengthen the organizational guarantee of their own work to prevent and crack down on communication information fraud. The National Computer Network and Information Security Management Center, China Information and Communication Research Institute and other units should establish and improve the management support organization system, clarify the corresponding management support departments, fully equip their personnel, further strengthen the technical support and legal policy research capabilities to prevent and combat communication information fraud, and fully support the prevention and management related work.
(twenty-seven) to further improve the safety system.The basic telecommunications enterprises, mobile resale enterprises and related Internet enterprises should establish a security management system to prevent and crack down on communication information fraud, establish relevant business norms, assessment, rewards and punishments, education and training, security incident reporting and other systems, formulate emergency response plans for major emergencies, and strengthen cooperation with communication management departments and information sharing.
(twenty-eight) to further strengthen the communication information fraud risk assessment and prevention.All basic telecom enterprises, mobile resale enterprises and related Internet enterprises should reorganize the whole process and whole link security assessment for the stock services that may lead to the risk of communication information fraud, such as "one card with double numbers", "unified communication" and "SMS business hall", and actively eliminate potential security risks; For the new online business, the risk of communication information fraud should be regarded as the key content of security assessment, and all businesses with high security risk of communication information fraud should be prohibited from going online.
(twenty-nine) to further strengthen the work of information reporting.From the date of the issuance of this opinion, all units shall report the progress, experience, existing problems and relevant suggestions of their own units in preventing and cracking down on communication information fraud to the Office of the Leading Group for Preventing and Cracking down on Communication Information Fraud (Network Security Administration) on the 1st and 15th of each month, and report the major situations in a timely manner.
关于作者