DoCoMo Voicemail PINs Anyone's Guess

Back to Contents of Issue: February 2000

by Kyoko Fujimoto

Ever imagine what would happen if the PIN you use to access your voicemail system were stolen? One NTT DoCoMo subscriber doesn't have to imagine. Recently he received a cell phone bill for around ¥220,000 ($2,136). A bit dumbfounded after receiving his statement, he checked the details and discovered that most of the charges came from voicemail access fees.

DoCoMo's voicemail system provides two methods of access: You either dial a four-digit number from your cell phone and receive messages directly, or dial the number for the messaging center from an outside line, enter your cell phone number and PIN, and then listen to your messages. DoCoMo assumes that anyone accessing an account from an outside line is the owner of that account and dutifully charges the account holder for each minute of messaging service use. In other words, if anyone else happens to check your messages, you have to pay for it. Moreover, DoCoMo allows callers to enter the wrong PIN forever -- no automatic safety feature here. The service simply cuts the line off after three wrong PINs are entered and then lets you try again. And again. And again.

Our surprised subscriber discovered that his number had been accessed more than 25 times in one day, at times lasting up to five hours. Since he used the last four digits of his home phone number as the PIN, anyone who knew him well enough could easily have figured it out. And anyone with sinister motives and plenty of free time could easily play around with random cell phone numbers and PINs all day, without ever being charged for their evil deeds.-

Who would bother? That's anyone's guess. Maybe some extremely bored person dialed numbers randomly until they picked the victim's phone number. Or maybe it was a jealous suitor, trying to find out whether the victim had a secret lover. Or maybe this is yet another form of Japan-style stalking. At any rate, with DoCoMo requiring exactly four digits for a PIN, it doesn't take a mathematical genius to figure out that with only 10,000 number combinations available (or less, if certain combinations are prohibited) and more than 27 million DoCoMo subscribers, at least 2,700 users have the same PIN.

Note: The function "email this page" is currently not supported for this page.