The game of chess has evolved over its 1,500+ year history. The positional style, which became popular in the late 19th century, is a style of strategy, gaining and exploiting small advantages and analyzing the larger position for the win. This style is a good analogy for how we look at telecom voice fraud, which has been around for many, many years, with fraudsters and telecom operators continuously positioning to outsmart the other. Like chess, the goal is to protect the customer and the reputation of the operator (i.e. the king and queen) by strategically utilizing various solutions (other pieces). One solution can’t do it all.
Voice calls are still a critical part of our lives. According to industry group, i3forum, during the initial COVID-19 lockdowns, international voice traffic increased 20% year-on-year in March, while the duration of phone calls was up 30% in March and over 60% in April 2020 compared to 2019. Yet voice continues to be plagued with significant fraud and security issues. According to the Communications Fraud Control Association (CFCA), top fraud types, including International Revenue Share Fraud (IRSF), Arbitrage, Interconnect Bypass, Domestic Premium Rate Service, and Traffic Pumping - all contain voice-related issues. However, certain fraud types are not included in the CFCA analysis, such as robocalls and caller ID spoofing, as it is difficult to quantify what it means in terms of dollars lost.
So, how do you detect, stop, and put measures in place to protect your reputation and your subscribers?
Strategy is the name of the game
Like chess, having an effective strategy in place requires multiple techniques to manage the wider threat, reduce the available attack area, and enable an operator to take quick action and better defend itself.
If an operator has multiple fraud-fighting tools at its disposal, a fraudster may find its way past one, but there will be another barrier around the corner. For example, let’s consider Deny Lists, which are used to block suspicious numbers. While a particular number may be on a Deny List and any call coming from this number should not get through, fraudsters are bypassing this by spoofing legitimate numbers. In the U.S., caller ID spoofing has resulted in the industry coming together to create a set of fraud-fighting technology standards called STIR/SHAKEN. While STIR/SHAKEN may thwart some level of caller ID fraud, unless all operators worldwide implement it, there will be loopholes for fraudsters to exploit.
Look beyond the CDR
Many of the commercially available solutions today only look at call detail records (CDRs) for patterns of fraud. CDRs are important to identify lists of fraudulent numbers to create a deny list. However, relying solely on CDRs has limitations:
- CDRs will not indicate whether a subscriber was calling from home network or another network;
- In the case of caller ID spoofing, operators will need to augment CDRs with additional information, such as from real-time signaling systems and test calls; and
- CDRs are generated at the end of a call, after which the fraud has already occurred.
Because of these reasons, it’s important to also look at different protocols, such as MAP, Diameter, and GTP, to help detect voice-related fraud and security issues.
Understand call context
The route and context of each call can also provide valuable insights to combatting fraud. For example, a fixed-line call coming from outside an operator’s network through an international gateway could be an indicator of call spoofing. It’s important that each call is analyzed to determine if it is legitimate. This is where a voice firewall becomes a fundamental pillar in solving the caller ID spoofing issue.
Voice Firewall’s added security
Because of the growth in VoIP networks, new vulnerabilities have been introduced in the SIP protocol that are now being exploited along with SS7, Diameter, and GTP to perpetrate voice fraud. Facing network attacks from a wide range of threats, including caller ID spoofing, Voice Firewall provides an added layer of security specific to voice services, while allowing voice communications to still take place without disruption. Voice Firewall enables operators to alleviate voice service disruptions, which impact CSPs revenue, customer experience, government regulations, and overall network productivity.
Make sure your voice firewall includes the following capabilities:
- Curated Deny List that automatically scans phone number databases, ranges and destinations, enabling operators to manage exceptions as they see fit
- Fraud Management System which goes beyond CDR only data and includes signaling data in both passive and active mode of operation
- Voice Policy and Call Treatment enforcement in order for operators to define its own policies of how calls are addressed
- Caller ID Spoofing Detection that looks at call parameters, context, the route of a call, subscriber state, Packet-Printing.
- Supports new IP technologies, such as SIP and STIR/SHAKEN, but also supports legacy ISUP and CAMEL roaming
- Detects FAS and CS mechanism as traditional approaches provide lower coverage and can be expensive
- Multi-operator deployment providing elevated support for regulators that want a common experience on all networks in its country
To learn more about how Mobileum supports operators around the world with its multi-pronged Voice Firewall portfolio, please contact us to meet with one of our Fraud and Security experts.