The reason payforit scams are so prevalent at the moment is that the regulations in place are much to weak.
Dishonest fraudsters will always be out there, but generally people only ever commit fraud or theft if they think they can get away with it. The answer to stop pay for it scams is so simple. Make it as difficult as possible for fraud to occur but still allow merchants (Level 2 providers) who do provide a valued service to continue to grow and expand their businesses.
The easiest way to achieve this objective is to make the Mobile Network Operators (MNOs) responsible for any fraudulent activity on a customers account, as long as the customer has not been negligent in any way. If this was implemented, as the industry grows and develops, the MNO’s would have ultimate responsibility to adapt their required security features to protect their customers, much like every other other payment mechanism for goods or services that exists today.
OFCOM acknowledges on their website that Rogue software can be embedded in such a way as to circumvent anyverifiable method of consumer consent to charges. 
MNOs claim that with payforit they are simply providing a service, in much the same way that they provide with phone calls or a text messages. MNOs would argue that it is the responsibility of the phone user and Level 2 providers to ensure that there are agreements in place for digital content purchased on a mobile phone, and that the agreements are consensual and legitimate. On the face of it this is not an unreasonable position to hold because MNO’s should not be held responsible for the text messages, phone calls and subsequent charges that their customers incur. After all, even if a phone is stolen, until the MNOs are notified of the stolen phone the MNO’s are legitimately providing a service in good faith. why should not liable for the calls or text any thief makes?
There is an important difference though, call and text billing security is generally reliable, it is very rarely the MNO’s responsibility if fraudulent calls or text messages occur on a customers bill. (There have been cases where MNOs have been notified of a theft of a phone and failed to act accordingly, but generally security is very good and it is rare the MNO is at fault.) However, imagine a hypothetical scenario whereby MNO’s security measures in place were so poor that they routinely allowed fraudulent cloning of their customers SIM card details through no fault of their customers. In this hypothetical situation, it would be the inherent weakness of the MNO security systems that facilitated this hypothetical fraud. Because it would have been the MNOs weak security they would have to compensate customers costs and it would be entirely unreasonable to expect the phone user to foot the bill.
Going back to the issue with payforit, when rogue software can be embedded in a mobile phone utilising “clickjacking” “iframing” “sticky pop ups” and other nasty tricks, because the MNOs do not have any security features whatsoever before offering third parties access to their customers money, they are negligent. It has become unreasonable for the the MNO’s to offer such an inherently unpredictable service without providing any protection for their customers, the reason so many have been caught with payforit scams is not down to the customers negligence, it is the MNOs themselves who have been entirely negligent by not having security requirements.
Given it is the weakness of the system that fraudsters are exploiting, and that phone users are generally not being negligent this puts MNOs back squarely into the frame for ultimate responsibility, and they need to be held to account. My objective is a big court case to put this argument forward that forces the greedy MNO’s to refund ALL disputed purchases made on a mobile with no security requirement to be refunded without question.
OFCOM have given responsibility for regulating this shady industry to the Phone Paid Services Authority (PSA.) The PSA are funded by the MNOs, and have no powers to investigate individual cases and the system keeps penalising consumers and needs to change. I am not a lawyer, but I think individuals taking their own cases to the courts are unlikely to succeed for a number of reasons. Firstly any victories at the County Courts are not binding so each case will be looked at on a case by case basis and would be difficult to orchestrate a collective strategy. Secondly in my case the Level 2 Provider who scammed me had offered a refund and effectively accepted liability.
My personal opinion is that a Judicial Review against OFCOM or the PSA is the best way to move forward. A Judicial Review on the Grounds that the PSA Code of Practice or Communications Act 2003 are unlawful, because they wrongly absolve MNO’s of their collective responsibility, and provide no stipulation that MNOs are required to be able to refund back using the same method as was used to take payment. This is a clear breach of s.45(4) of the Consumer Rights Act 2015
This will not be easy or cheap, and will require legal advice, Court Fees etc but I welcome any suggestions on crowdfunding, or pro-bono legal advice etc that can be offered to get this Court action started.
