Phone App Buys P2P SMS Allowances from Consumers to Reuse for A2P SMS

A service called Simcash promises you can “make profits with your unused SMS”. The service, which only works on Android phones and requires the installation of an app not available from reputable app stores, pays users a small amount in Euros, US Dollars or cryptocurrency for each SMS that the app sends from their phone. The potential for abuse is obvious, with the secretive business behind Simcash evidently seeking to avoid payment of standard A2P SMS fees by paying a lower amount to consumers so the same messages can be sent like P2P SMS instead. Users of the app are putting themselves at risk by allowing their phone number to become associated with messages where they do not know the content and do not know where it has been sent.

The FAQ on the Simcash website makes it clear just how dodgy their business is.

SimCash.io send mostly OTP (One-Time-Password) and A2P (Application-To-Person) SMS to other SIM cards in your country.

Why would any respectable business want to use a service that sends a password via an unknown intermediary’s phone, only for that person’s number to be shown as the source of the password to the intended recipient?

The FAQ further illustrates the extent to which consumers are putting themselves at risk.

In order to avoid unwanted call back or SIM cards blockage, it is strongly suggested to have a SIM card only for SimCash.io usage.

So instead of just selling the ‘unused’ portion of an SMS allowance, consumers are told they should really have a separate number dedicated to only making money from Simcash!? Then Simcash goes even further in telling users about the legal risks they are taking.

SimCash.io liability is over the SMS content, not on the usage of your SIM card(s)… You shall observe all relevant legislation and regulations applicable in your jurisdiction… It shall be your sole responsibility to familiarise with all applicable laws, regulations and codes of conduct to which you may be subject and to ensure compliance therewith… SimCash.io shall not be liable for any damage, loss or liability of whatsoever nature arising from the use or inability to use the website or the services or any content provided from and through the website…

In summary, Simcash are attempting to construct a legal defense that says they cannot be held responsible if a customer violates a country’s laws or breaks a legal contract because of the Simcash SMS messages sent from the user’s phone. I doubt this would stand up in court if a telco tried to sue Simcash for inducing customers into behaving unlawfully but the people behind Simcash are likely assuming that telcos will be content to disconnect SIMs instead of going to the cost and trouble of identifying who is behind Simcash and pursuing direct legal action against them.

Thankfully, many consumers are aware of the risks of using a service like Simcash. These are just a few of the 1-star reviews of Simcash that consumers have left on Trustpilot:

  • Are you guys stupid? by doing this, mean you share your contacts to them, and they can pretend to be you, or contacting your friends or family to misleading investment.
  • Simcash doesnt send only one time passwords and codes. Thats a lie. I recieved a replie that my sim has send advertiser sms like this: invest in a tesla I deinstalled it as quickly as i can!
  • send fraudulent messages from your number ..a lady called me to ask what a pakage arived it ..with a link ..when the lady accesed the link she ask a bank kard number to stole the money
  • Needs access to the whole phone. Even that it’s an sms app but needs access to storage, camera, microphone, position and the whole device and if you deny access to one of those the app won’t work.

This week is International Fraud Awareness Week, a regular campaign by the Association of Certified Fraud Examiners to make consumers aware of fraud risks. The goal of raising awareness is laudable, but if the people who encourage fraud are allowed to run operations like this without any legal challenge then we will never raise enough awareness to compensate for the rising number of abusive criminal schemes. Awareness of fraud is good, but preventing fraud by stopping the criminals is even better.

If you want to visit the Simcash website to learn about the service for yourself then you will find it here.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.