Three Ways to Reduce Exposure to Bypass Fraud The Risk Management Group



Similar documents
International Carriers

Bypass Fraud- Are you getting it right?

Battling illegal call operations with Fraud Management Systems

How To Deal With A Converged Threat From A Cloud And Mobile Device To A Business Or A Customer'S Computer Or Network To A Cloud Device

Business Solutions with MTN.

TELECOM FRAUD CALL SCENARIOS

VoIP in the Enterprise

UK Standard for CDRs. November 12. Version 1.5. Copyright: UK Billing Vendors Forum

Mobile Gateway usage clarification of the regulatory environment

NeoGate VoIP GSM Gateway Applications and Solutions 1

Anti Fraud Services. Associate Member of..

Extending Constant Connectivity to Any Location. How leading companies meet challenges with satellite communication technology

CONSULTATION. National Numbering Plan Review. A short Consultation issued by the Telecommunications Regulatory Authority 28 August 2007

TORNADO Solution for Telecom Vertical

Managed Services Billing Platform For MVNOs

International Dialing and Roaming: Preventing Fraud and Revenue Leakage

Advanced LCR (Least Cost Router) With SIP Proxy Server

Short-Duration Dialler Traffic: on Kamailio and the Postal Service

Founded in 2003, Worldwebnet Telecom is a fast growing Canadian owned and operated carrier that specializes in providing voice services to the

Toll Free

for VoIP Service Providers highly secured and reliable VoIP solutions from SipCo Systems

Cost-based LCR for OpenSIPS using CGRateS

List of Figures Analysis Executive Summary 1. International Call Volumes and Growth Rates, Compounded Annual Traffic Growth Rate by

Management Summary for Unified Communications IP PBX

NATIONAL COST OF VoIP BYPASS

VoIP Traffic Analysis. Break through your data

Parlay i60 - Application

Contact Info. Canadian office: IPsmarx Technology Inc. Toronto, Ontario M5C 1Y2 USA. Canada Tel:

every cloud has a golden lining How to make money from the convergence of voice and data with cloud (or hosted) telephony SIP trunks and mobile VoIP

Hosted Telephony. An Introduction to Our Hosted Services. Managing your Customers. IPW Products. IPW Hosted Telephony

AWITEL solution and services for PTTs:

Intuitive UI for advanced search and easy navigation. Bundle of features on a single platform for quick action initiation

An Introduction to SIP

Telecommunications Statistical Review

Fighting Future Fraud A Strategy for Using Big Data, Machine Learning, and Data Lakes to Fight Mobile Communications Fraud

Concept Note. powering the ROC. PBX Hacking.

SIP TRUNKING THE COST EFFECTIVE AND FLEXIBLE ALTERNATIVE TO ISDN

Access Mediation: Preserving Network Security and Integrity

Adore Infotech. PC 2 Phone System

Automatic Monitoring & Detection System (AMDS) for Grey Traffic

Optimizing the Avaya Communications Architecture: Calculating SIP Bandwidth With Infortel Select 9.0 Reporting

Executive Summary. August Technology Research Institute (TRI) 1245 N. Rocky Mountain Drive Effort of the Poconos, PA 18330

The cost effective and flexible alternative to ISDN

Speedflow presents exceptional range of software solutions Single Point of Control solutions from Speedflow include:

Hosted vs On-Site IP-PBX A Guide for SMEs

Impact Telecom Commercial Services

WHAT THE FRAUD? A Look at Telecommunications Fraud and Its Impacts

Contents. Specialty Answering Service. All rights reserved.

Cost Comparison of a Hosted PBX Versus a Traditional PBX

How To Optimize Your Wholesale Business

Content Extraction Enhancements For Target Analytics:

An Oracle White Paper November Typical Key Performance Indicator Reports for Performance Intelligence Centers

ADDITIONAL TERMS FOR VIRTUAL VOICE NETWORK SERVICES SCHEDULE 2L

White Paper. SIP Trunking. Abstract

With 360 Cloud VoIP, your company will benefit from more advanced features:

ORACLE FUSION SERVICE DESCRIPTIONS

Buyers Guide to Cloud Phone Systems

Enterprise Performance Management:

VOXOX 5BENEFITS OF A. HOSTED VoIP SOLUTION FOR MULTI-OFFICE BUSINESSES. a VOXOX ebook. Communications to the Cloud:

Parlay i60 - Application

ANNEX 2. Active SIM Cards refers to the number of SIM cards with one or more billing events in the past three months.

Barbados Voice over Internet Protocol (VoIP) Policy

Worldwide attacks on SS7 network

VoIP: Enterprise Adoption Trends in India and Grey Market Traction in India. Shubham Jaiswal

Tapping into New Markets with Satellite Services. How service providers deliver constant connectivity to leading global companies

Global System for Mobile Communication Technology

Company Profile. Business Proposal

Benefits. Around-the-clock data collection and CDR warehousing ensures data is there when needed

Internet Protocol (IP) Telephony Clearinghouses

The Sunny Side of Cloud Communications. Ilian Hafouzov Sales Director, BroadSoft 12 November 2014

OpenSIPS networking the VoIP

MVNO Solution for Highly Profitable Global Roaming Services

4net Technologies. Cloud Services V

Solving the SMS Revenue Leakage Challenge

Global Voice Solutions

Agilent OSS access7 Signaling Meter

Integration of GSM Module with PC Mother Board (GSM Trunking) WHITE/Technical PAPER. Author: Srinivasa Rao Bommana

TOP 5 CRM SOFTWARE SUPPLIERS GUIDE 2012

ACD: Average Call Duration is the average duration of the calls routed bya a VoIP provider. It is a quality parameter given by the VoIP providers.

Effective Revenue Management

hubbing international wholesale solutions our solution in brief TDM / IP voice Orange, a major player in the wholesale market

Taxing Telecommunications

NEWT Managed PBX A Secure VoIP Architecture Providing Carrier Grade Service

SIP Trunks. The cost-effective and flexible alternative to ISDN

Leveraging Asterisk to Deliver Large Scale VoIP Services in a Carrier Environment. JR Richardson

ivoice Networks Pte Ltd

Sprint s Partner Interexchange Network (PIN) A New Approach to Scalable Voice Peering

How the ETM (Enterprise Telephony Management) System Relates to Session Border Controllers (SBCs) A Corporate Whitepaper by SecureLogix Corporation

Transcription:

Three Ways to Reduce Exposure to Bypass Fraud The Risk Management Group May 2012 Sponsored by: Lavastorm Analytics is a global business performance analytics company that enables companies to analyze, optimize, and control the performance of complex business processes, including financial, operational, and customer experience processes. The company s Lavastorm Analytics Platform offers a new, agile approach to fraud management and revenue assurance and is used by thousands of business and IT professionals at more than 50 CSPs worldwide. The platform s discovery-based, audit analytic capabilities provide users with selfservice analytics, visualizations of process/performance issues, continuous monitoring and auditing, and case management capabilities for issue resolution. 1 Page Extracted from TRMG's Fraud and Revenue Assurance Guideline www.trmg.biz For more information please visit: www.lavastorm.com

INTRODUCTION Bypass fraud, SIM Boxing or Leaky PABX, has become one of the most widespread and widely talked about telecom risks in recent years. It particularly affects operators in developing markets where termination costs are higher, underscoring the fact that bypass is a response to existing charging and interconnect settlement models. The simplest way to explain this market is by way of an example. Here we consider a scenario where calls are routed from the UK to a developing market using a grey route. The bypass route utilizes a VoIP Gateway and an attached GSM Gateway ( SIM Box ) in the destination country, thus bypassing the conventional international carrier route and resulting in a loss of settlement revenue by the destination country. This use of a SIM Box or other equipment to bring the traffic back onto a local mobile network is normally the only illegality in the scenario although subscription fraud and other crimes have reportedly been known to accompany some bypass cases. Figure 1 - Basic bypass structure THE MAIN ACTORS The typical supply chain runs from white and grey interconnect providers in destination countries with regulated (or relatively high market determined) termination costs to aggregators of international termination services often called carrier services, and then to providers of telephony and related services in originating countries. All companies mentioned below are fictitious to protect the guilty. 2 Page Extracted from TRMG's Fraud and Revenue Assurance Guideline www.trmg.biz

Example Customer A mid-sized oil company ABC Oil (ABC) is headquartered in the UK and generating a high volume of international traffic to their drilling rig, agents and suppliers in Country B. Source Retailer VOX UK is a supplier of telephony services to UK SME market. This includes mobile voice and data for ABC s UK workforce with managed VoIP PABX installations for multiple offices and leased data. The managed PABXs connect to a wholesaler, Carrier Services UK, to handle international calls. Wholesaler Carrier Services UK has a soft switch set up with a Least Cost Routing (LCR) module. This selects the cheapest route on which to hand-over incoming calls from VOX UK s VoIP PABX trunks in London. These routes have been bought from a variety of international carriers including a grey carrier in Country B Carrier Service Country B. Grey Terminator Carrier Service Country B is running a VoIP gateway connected to a SIM box with SIMs sourced from Operator 1 in Country B. This is known only to them. Destination Operator 1 / Willing Victim Operator 1 in Country B has sold SIMs to Carrier Service Country B (who is operating under a different company name) and is seeing high volumes of traffic on the account which is always paid on time. This operator regards this as a high value business account. Destination Operator 2 / Unwilling Victim Operator 2 in Country B provides the corporate account for all ABC employees in country. They have noted a lot of traffic coming to this account from a relatively small number of Operator 1 MSISDNs, although they can charge Operator 1 for the termination of these. 3 Page Extracted from TRMG's Fraud and Revenue Assurance Guideline www.trmg.biz

Figure 2 Flow of bill payments and settlements OTHER ACTORS Exchange Operators Termination routes are sold in organized exchanges, through telephone deals to previous customers, and by arrangements on blogging sites and bulletin boards. Both white and grey routes are sold openly and the grey routes are sometimes quoted as grey or sometimes as non-cli routes. In both the formal marketplaces and the bulletin boards the QoS on the lines is often quoted, so an example of an actual quote is: INDIA MOBILE WHITE CLI (919) 0.0101 45% ASR ACD 11+ where: CLI = Calling Line Identity ASR = Answer Seizure Ration (quality statistic) ACD = Average Call Duration (quality statistic) So the above example is quoting the availability of minutes of termination to mobile networks on a white route to a region in India at a rate of 0.101 / minute, with an answer ratio of 45% and average call duration of greater than 11 minutes. 4 Page Extracted from TRMG's Fraud and Revenue Assurance Guideline www.trmg.biz

TECHNICAL ASPECTS Quality of Service QoS is important to the buyer of the termination minutes as it will reflect on them when they sell it on to their customers. The 2 most frequently quoted metrics are: Answer-Seizure Ratio (ASR = call attempts answered / call attempts) a quality metric of the congestion on the line. Average Call Duration (ACD) an indicator of the voice quality on the line as the A and B parties will not continue if conversation is difficult and the ACD will be relatively low. Most CSPs will monitor these metrics to ensure good QoS is provided to their retail customers. Equipment required The following diagram illustrates the main equipment requirements to provide a gray routing service. Figure 3 Equipment and Infrastructure Requirements A Linux PC running open source PABX software with a SIM Box inserted as a card on the PC motherboard can be put together for circa USD 1,000 so the setup and operating cost for gray routing providers are very low. This is a primary reason why this problem has not yet been effectively addressed; the costs are very low while the rewards are very high. WHO LOSES? In the above scenario where calls made on a VOX UK line and terminated on Operator 2 s network in Country B (via a SIM Box on Operator 1 s network) there are few actors with a real incentive to stamp out the practice: ABC in the UK is happy as it saves a considerable amount over the basic BT rate to Country B. VOX UK is happy because it charges the customer the retail rate for the call (33.2p / min). 5 Page Extracted from TRMG's Fraud and Revenue Assurance Guideline www.trmg.biz

Operator 1 in Country B is happy because it charges the local SIM Box owner for calls made on their device and the delta between these revenues and the lost settlement revenues is generally marginal. Operator 2 in Country B is happy that they have incoming traffic from Operator 1 but disgruntled that they can only charge local and not international termination rates. However they may suspect that the alternative would for international calls to go via Skype. The national government in Country B (i.e. the telecoms regulator) is the most unhappy as they can see a steady decrease in international termination minutes and the associated revenue to their exchequer. According to the Communications Fraud Control Association (CFCA) USD2.8bn was lost to bypass fraud in 2011 although they do point out that this amount is lost revenue rather than the true cash cost. However, this represents only 0.0014% of the USD2.1 trillion of reported telecoms revenue over the same period. THE TOP THREE COUNTERMEASURES The most common approaches to Bypass fraud are: 1. Bypass route detection via call generation; third party service providers generate traffic to operator networks from remote points and then analyse the traffic actually received to identify instances where what should be showing as inbound international traffic as actually showing as on-net traffic or traffic from another local network. There are reports of bypass operators using data analysis techniques to detect these test activities in order to avoid detection themselves. 2. SIM Box detection using FMS analytics; operators make use of their fraud management systems ( FMS ) to identify suspect devices on the network. Examples of some of the markers monitored include: a. Unusual traffic flows and volumes b. Unusual called number spreads c. A-typical traffic peaks for on-net traffic d. Many SIM card identities (IMSIs) to a single equipment identity (IMEI) e. Use of only one cell site f. An absence of SMS, data or roaming service use 3. Hybrid analysis; call generation providers and FMS tools providers collaborate to pool their alerts in order to more efficiently detect the characteristics described above. WHAT MIGHT THE FUTURE HOLD? Our view is that Bypass and its related practices are products of a conflict between deregulation and the Internet on the one hand, and overly complex and possibly outdated charging and settlement regimes on the other. In the era of Skype and ubiquitous Internet access, we wonder for how much longer operators will be able to justify high charges for international voice traffic when subscribers can already send much larger numbers of bytes around the globe in the form of email attachments or gigabytes of files delivered via the Cloud for a small monthly fee? Might there not come a day when all voice and data services are charged at the same low rate per byte, or offered in all you can eat monthly bundles regardless of location and call destination? In such a 6 Page Extracted from TRMG's Fraud and Revenue Assurance Guideline www.trmg.biz

scenario the business case for bypass operators appears to dry up and the corresponding fraud management challenges also dissipate. ABOUT TRMG The Risk Management Group has specialised in the delivery of training and consultancy on high tech fraud for leading firms worldwide for over a decade. For more information on TRMG, visit www.trmg.biz. 7 Page Extracted from TRMG's Fraud and Revenue Assurance Guideline www.trmg.biz

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information