INTRODUCTION

This endorsement was renamed with the 06 22 edition. It was formerly known as “Telephone Toll Fraud.”

Long-distance telephone toll charges can be quite costly. Some hackers have discovered methods to penetrate business and government phone systems, using them to make personal calls. In these cases, the hacker makes free calls, while the business or government entity is required to pay the telephone service provider.

This analysis is of the 06 22 edition with changes in bold print. It does not address changes in format that do not affect coverage.

ELIGIBILITY

This endorsement can be added to the Insurance Services Office (ISO) Commercial or Government Crime Coverage Forms or policies. It is available for any commercial entity, other than financial institutions.

SCHEDULE

The endorsement schedule includes a field for entering the number of days to change a system password.

ANALYSIS

This is an endorsement to the ISO Commercial Crime or Government Crime Coverage Forms and Policies and is subject to their conditions, definitions, and exclusions. The only changes are those within this endorsement.

INSURING AGREEMENT

The following is added to Insuring Agreement A.– Fidelity:

Toll Charge Fraud

Charges for long distance calls caused by fraudulent access to the insured’s phone system are covered. Access must have been obtained using an account code or system password. The code or password must have been acquired fraudulently or through deceptive manipulation.

This coverage applies only if the phone system has protective measures. These measures must include a disconnect feature that terminates access after three failed account code attempts and a system password that is regularly changed. The endorsement schedule specifies the maximum number of days permitted between password changes.

Example: Murphy & Sons’ sales representatives use the telephone system to check and send messages to potential clients. A recent audit revealed a 25% increase in long-distance charges, suggesting a hacker may have accessed the system and placed calls. Murphy denied any claim for those calls. It was revealed through the investigation of the claim that Murphy’s never made changes to their system password. The claim was denied because the protection of regularly changing passwords was not implemented.

LIMIT OF INSURANCE

The Limit of Insurance stated on the Declarations is the maximum amount the insurance company will pay for a loss occurrence.

DEDUCTIBLE

A loss must exceed the deductible shown in the Declarations before any payment will be made, and then only up to the Limit of Insurance.

NOTE: The additional Condition for this endorsement has been removed with the 06 22 edition. It has been moved to the definition of occurrence.

DEFINITIONS

Ø The following is added to the definition of Occurrence with the 06 22 edition:

Occurrence

All toll call charges incurred on telephone lines managed by a single voice computer system within a period of up to 30 days, including the day of the initial toll call.

Ø The following definitions are added to the F. Definitions in the Coverage Form or Policy:

Account code

This is a confidential and protected string of characters that identifies and authenticates a person. It grants access to the insured’s voice computer system for long-distance calls, mailbox messaging, or similar features.

System administration

This refers to any security function that includes, but is not limited to, the following:

· Specifies who has permission to access the system.

· Activities involving account codes or passwords, including adding, deleting, or changing them.

· Telephone call routing options, such as adding or removing phone lines.

· Other manufacturer-installed options that the system purchaser can activate for their own use. The system cannot be intended solely for the manufacturer's or vendor's use.

System maintenance

This is the typical procedure performed by the manufacturer or vendor of a voice computer system to ensure its core operational functionality, including hardware and software diagnostics, repairs, and related activities.

System password

This is similar to an account code. It is a confidential, protected string of characters used to identify or authenticate a person, allowing access to the insured’s voice computer system for tasks like system administration or maintenance.

Voice computer system

This is a computer system that manages and routes telephone calls within a voice communication network. It should be housed in a single location and offer various automated capabilities.