I’m receiving unexpected ‘Payforit’ charges – what should I do?

Step 1 – STOP further payforit charges from the same source.

example of the text we want to stop

If you are receiving text messages like those above, you need to stop them to avoid further charges.  Don’t ignore them. Don’t waste time at this stage arguing with your network. Your network will almost certainly tell you to go and negotiate with the third party company who have taken your money. They won’t take responsibility and are unlikely to help you. You need to take action to prevent further unauthorised charges to your account. The best way to do this is by phoning the number given in the received text. If you phone, you can ask for a full refund of the charges at the same time. Tell them you never knowingly subscribed to their service and that you require a full refund.

If you phone, record the conversation so that there can be no subsequent dispute about what was said.

If you prefer, or if you are within a ‘free trial’ period, you can send a STOP  text to the shortcode given in the text. In the example above it is necessary to text STOP or STOP ALL to 83463 to prevent further charges to your account. ‘STOP ALL’  should stop all services on the given shortcode. This can be useful if you have, or think you might have, been signed up to more than one service. There are two problems with stopping the charges by sending a STOP text:

1.  The text is chargeable (usually only 10p)

2. The companies sometimes take your sending of a STOP text as an indication that you accept the charges already made. This makes getting a refund more difficult.

You need to be sure to send the STOP message to the shortcode number in the subscription text. This text should be charged at your standard network rate. You should receive a confirmation text to confirm that you have been unsubscribed. Keep these texts until the whole matter is satisfactorily resolved.

Sending a STOP text and getting confirmation

Ask for confirmation of anything agreed in writing to avoid subsequent disputes. If they refuse to do this, send them an email outlining what you believe was agreed and asking them to contact you if anything in that email is disputed. Obtain delivery and read receipts for emails and retain these until the matter is resolved.

Basically, these companies are operating fraudulently and you should not trust anything they say. Judge them by their deeds and not by their words!

The charge receipt comes from Payforit and looks like this:

It is no use replying to this message, or indeed sending any message to Payforit.

Sometimes, all that is received is the Payforit receipt. In this case you need to identify the five digit number which is originating the charges.

If the Payforit receipt text is received without the accompanying sign up texts, you won’t know who to contact to stop the fraudulent subscription. In this case you have a deduction, but you don’t know what it is for. What to do if you can’t identify the originator of the charges

Try to approach the process in an organised and businesslike manner. Record calls and keep texts. Ask for written confirmation of anything agreed verbally. Most people get a full refund, but you do need to follow the process. You can rant all you like at your network, but the system makes it difficult for them to stop the charges. I agree that they could and should do much more, but if you delay in taking action yourself you will weaken your legal position.

If you’re not clear what Payforit is, look here.

Stopped the texts? Time for Step 2 – try to get a refund.


Barring Third Party Charges

Step 4 – Protecting yourself from further scams

Update 10/04/2018

O2 now claim to be able to apply a ‘charge to bill’ bar which is effective against Payforit.

Update 29/03/18  Three inform me that they are unable to implement a ‘charge to bill’ bar for their customers.

There is a lot of confusion about what is possible to avoid third party charges to your ‘phone account.

Barring premium rate texts is sometimes proposed as a way of stopping these scams. It won’t work. It will prevent you sending premium rate texts, and may prevent you from seeing incoming premium rate texts. It will not stop you from being charged for incoming premium rate texts.

To stop these charges, you need a bar on third party charges to your account. At the time or writing it would appear that Vodafone,O2 and EE can put this bar on your account,  while Three can’t (or won’t?). If you have discovered otherwise, please comment on this post and let us know what your network can or can’t do.

You can test whether you have a charge to account bar in place by using a bus information service as follows – it shouldn’t cost more than about 25p:

Send a text to 87287.  In the body of the text just put 54321

It’ll cost your standard network text charge to send the text.
And another 12p to receive the reply.

Check your balance before you send the text

The test is, do you also get charged another 12p, and will a reply arrive.

Do let us know how you get on if you try this test. If your network has successfully applied a bar, please leave a comment so that this post can be updated.

The problem with Payforit – Why we need an ombudsman

Payforit is not a company, but is the name given to a system of making charges to ‘phone bills. The system is run by the four major networks (O2, Three, Vodafone and EE).

Many consumers are unaware that when they are browsing the internet over a 4G connection,  clicking on a link can result in their phone number being passed to a company to be used for charging purposes. This is fundamentally different to what happens when using a WiFi connection, where the consumer would have to knowingly enter their phone number.

The Payforit system assumes that all the companies making charges through it are reputable and will deal with complaints. In reality many of these companies (especially the scammers) are almost impossible to talk to. The helplines are often automated with no option to get a complaint dealt with by a human being.

When a consumer receives  charge on their bill, their first response is to call their network. The network denies all responsibility saying it is a third party charge. They are told to ask for a refund from the third party which has charged them.

The consumer takes this advice and tries to contact the company on the published helpline number. If they are lucky the helpline will respond with a quick refund. The scammers do this because it enables them to reduce the number of complaints, thereby lengthening the time they are able to operate. If you are unlucky the company will refuse to refund you, or worse still will be impossible to talk to.

At this point the consumer may go back to their network The network will still not accept responsibility and will refer them to PSA.

The problem with PSA is that it is not an ombudsman or a dispute resolution service. It doesn’t deal with individual complaints.

So the consumer is left with no means of resolution other than the courts. He could go the small claims court (which will mean he has to shell out more money!). The claim is unlikely to be disputed and he will probably succeed in getting a judgement. The problem then is in getting the judgement satisfied. Most of these companies have a headquarters address which is nothing more than an a post office box. There are no assets to track down and there is no property to put a charge on.

Given the huge volume of complaints about these services, an ombudsman service is urgently required.

PSA Consultation on Business Plan 2018/19

The regulator is currently consulting on its business plan for 2018/19. The PSA seem to live in  bubble where they are unaware of the scale of consumer dissatisfaction. It is estimated that only about 2% of defrauded consumers take the time to make a complaint. Whilst the regulator lacks effectiveness, they continue to pat themselves on the back for doing a good job!


I am making a submission as an interested consumer and I would urge others to do the same. The regulator needs to understand that there is a serious problem here and that consumers need a reliable method of obtaining a resolution when they dispute a Payforit transaction.

My response to the consultation can be read here.

The closing date for responses is 26th January 2018. Instructions for submitting responses are in section 8 of the consultation document, and are also reproduced below.

8. Consultation Process
8.1. Please structure your consultation response as answers to the following questions:

Q1 – Do our plans for 2018/19 sufficiently deliver our role as a regulator? What else do you think we should be doing or not doing?

Q2 – Do you have any comments on the proposed budget for 2018/19? If you recommend any changes, please clearly identify which areas of activity you expect this to impact upon.

Q3 – Do you have any comments on the proposed levy for 2018/19?

Q4 – What is your view on the estimated size of the market for 2018/19?

Q5 – Do you have any other comments on the Business Plan and Budget 2018/19?

8.2. We plan to publish the outcome of this consultation and to make available all responses received. If you want all, or part, of your submission to remain confidential, please clearly identify where this applies along with your reasons for doing so.

8.3. The closing date for responses is 26 January 2018, which is designed to allow the time necessary to issue notices regarding changes to the levy in good time for the start of the financial year on 1 April 2018.

8.4. Where possible, comments should be submitted in writing and sent by email to: pbarker@psauthority.org.uk
Copies may also be sent by mail to:
Peter Barker
Director of Corporate Services and Operations
Phone-paid Services Authority
25th Floor, 40 Bank Street
Canary Wharf
London E14 5NR
Tel: 020 7940 7405
If you have any queries about this consultation please telephone or email Peter Barker using the above contact details.

My response to the consultation. Feel free to use this as a model if you also wish to make a response.

Been scammed – Here’s how to complain to the Phone-paid Services Authority


Even if you have received a refund, you should still complain. It it contrary to the PSA Code of Conduct to sign people up for these services without their consent and these companies need to be shut down quickly. Your complaint may help others.

You can complain if you feel that the PSA guidance on consent to charge has not been followed.

Before complaining you need to know the following.

  1. The premium rate service the number relates to. This can be retrieved either from your text message confirmation or your phone bill.
  2. The name of the company providing the premium rate service.
  3. Your personal details, such as your name, address and contact details.
  4. The name of your phone or mobile network.

You do not need to attach a copy of your phone bill to make a complaint to PSA.

To make a complaint:

Go to the number checker on the PSA website: https://psauthority.org.uk/about-us/number-checker.

Put in the shortcode you are complaining about and click ‘Check it!’. You may need to complete a Captcha challenge in order to proceed to the next stage.

The next screen shows details of the company(s) responsible for the shortcode. Towards the bottom of the page there is ‘If you are unsatisfied with the outcome from the service provider, please get in touch with us here.’. Click on ‘here’ and you will be taken to the complaint form.

The more information you can include in your complaint, the easier it will be for PSA to take action.

If you find the online process too cumbersome you can complain by ‘phone on 0300 30 300 20 (Monday – Friday, 9.30am – 5pm, excluding bank holidays). This is charged as a normal landline call.

You can also contact them via Facebook messenger to ask questions, although you cannot submit a complaint this way.

If you still have problems making a complaint, contact me through this site for help.

If PSA try to discourage you from complaining, for example by insisting that you ask the company for details of how you signed up, be insistent. It is their job to investigate, not yours! Don’t forget you can message PSA on Facebook or Twitter and these conversations can be seen by the public!

You can also leave a review of PSA at https://www.facebook.com/pg/psauthority/reviews/

Having problems with your complaint to PSA?

Payforit Sucks – Here’ s Why


Welcome to Payforit Sucks. This site is dedicated to highlighting the security issues with the Payforit system implemented by all of the major UK mobile networks.

What is Payforit?

Payforit is a mobile payment scheme which was originally set up by the four “big” UK mobile network operators, EE, O2, Three and Vodafone. The Mobile Virtual Networks like GiffGaff, Virgin and Tesco are not directly involved but are consulted and share in the profits.

It allows subscribers to purchase goods and services, directly from their mobile phone. Purchases made through Payforit are charged depending on whether the subscriber is on a pre-paid (or “Pay as you go”) plan, or whether they are on a pay-monthly plan.

In the case of a subscriber on a pre-paid plan, the charge will be deducted from the subscriber’s credit or airtime. If the subscriber is on a pay-monthly plan, then the charge will be added to their monthly phone bill.

How does Payforit work?

Payforit provides the facilities to bill mobile users directly through their mobile phone. There are two common methods, single-click billing and Wi-Fi billing.(1)

Single-click billing works only when the subscriber is browsing via their mobile data, and cannot work if the subscriber is using Wi-Fi. With single-click billing, all the subscriber needs to do is simply to click or tap a button, and the charge is immediately made. The phone number is automatically detected over mobile data, which is used for the billing of premium-rate services.

With Wi-Fi billing, things become more complicated. It is not currently possible to detect a subscriber’s mobile phone number through a Wi-Fi connection (unless it’s a “personal hotspot”, or mobile broadband connection, in which single-click billing applies instead), so the Payforit system will request the phone number of the subscriber. The subscriber enters their phone number, and a text is sent to that number with a confirmation code. The confirmation code needs to be entered into the Payforit system, in order to authorise the charge.

Stop Payforit helping thieves

So what’s the problem?

Briefly, when browsing or using Apps on a 4G network, this ‘service’  is capable of passing your phone number to a rogue trader and then allowing them to take money directly out of your phone account. Many consumers are unaware that this can happen and are shocked when they become the victim of one of these scams.

Payforit can be abused by scammers, especially in the single-click scenario, mentioned above. The single-click billing method requires no “real” authorization, other than clicking a link or a button in a web page, whereas the Wi-Fi billing method requires the user to receive a text message, and enter information from that message into a website.

Scammers have found various ways of getting consumers to click on these links. A popular one is to create a pop up box. When you click the X to close the box, you are deemed to have signed up to a subscription costing up to £4.50 per week.

It is also very easy to simulate a user clicking or tapping a button using Javascript. Javascript is client-side (meaning that it runs on your device) code used widely on the internet to provide interactivity with websites. Payforit  can’t tell whether a user willingly clicked or tapped a button, or whether it was done with Javascript code, without the user’s consent. In both cases it will pass the consumer’s phone number to the website and allow them to make charges against it. (2)

Some recent scams have used Apps downloaded from Google Play which contain malicious code which performs a sign up on your behalf. It is impossible to tell from the permissions requested by the App that there is a problem, as all that is required to sign you up is internet access through a mobile network. (3)

Let’s be clear about this, Payforit in itself is not a scam, but it does aid and abet scams and over recent years has been proven to be insecure.


  1. Full rules of the Payforit scheme
  2. Adjudication from PSA showing use of Javascript exploits
  3. Article on rogue Apps in Google Play Store