VoIP fraud is serious business and rightly worries the finance, security and operations teams at service providers. And so we take it seriously with a collection of tools, safeguards and policies that first aim to prevent fraud from taking place and then, secondly, mitigate the exposure should a bad guy get through. The limits we put into place translate into minimized risk.
Our Cloud Voice Platform is a turnkey VoIP solution for service providers new to voice or looking for their next-generation solution. We provide everything—SBC to app server, softswitch/IMS core to device provisioning—in one easy to manage package. One key piece of that solution is our fraud prevention solution.
When I am talking with service providers, we usually start the conversation discussing all the prevention techniques we use, including:
- Route plans that can be used to prevent calls to the typical fraudulent countries
- Calling plans that can allow specific customers access to a limited set of destinations
- 900/976 blocking
- Encryption on all device configurations (some leading providers out there use configs that are in clear text!)
- Locking out voicemail boxes from external access when the default PIN is still set
- Preventing the forwarding of calls outside the calling plan footprint
There are dozens of lessons we have learned along the way and we constantly enhance the solution as the hacker industry attempts to find and exploit ways around the security and control.
This conversation inevitably leads to “OK, but what happens if they get through? What happens when there is a compromise?”
Our solution: detection, blocking and alerting.
We look at the service provider’s partition as a whole, watching for trends. If there is a large change in call volume we are alerted and have a fraud council. Our fraud council is made up of people from NOC, finance, and account management, that all bring a different perspective. This council analyzes the highest cost AND highest call volume end-user accounts to see if the traffic looks suspicious.
We also set a threshold on each individual end-user account, at a level that the service provider is comfortable with in terms of exposure. This could be 30 or 200 calls, tracked in a trailing window of time (hours, not days). When the subscriber account breaks this threshold, it is disabled, and prevented from making calls (except calls to 911 or customer service). Our fraud council is alerted—via text and email—and we get a human to look at the calls on the account to see if the calls appear to be fraudulent (e.g., several calls to the same number) or if it looks like they are simply planning a trip to Europe.
Based on this information, we can re-enable the account or notify our service provider customer that we have taken action. The total risk per account sums up to $10 or $200 – not $10,000-100,000 per weekend (as some providers are exposed to).
On top of that, we have a complete audit trail of changes to an end-user account providing an easy way to see what has happened to that account over time.
This multi-level protection and reaction substantially reduces the risk of fraud damages. Our experience informs our tool set and it’s why many minds are put at ease at our customers including the CFO!
Looking for a next-gen VoIP solution with built-in fraud prevention? Read more in our Fraud Prevention data sheet, or better yet, contact us!