telco fraud prevention in real-time - squire technologies · 2019-05-10 · telecoms network fraud...

1

PCI DSS Solution Paper – Securing card payments made by phone

the signalling specialists to the telecoms industry

www.squire-technologies.co.uk

Telco Fraud Preventionin Real-Time


2

Telecom Fraud Prevention in Real-Time

The global annual loss to the Telecoms industry from fraud is currently estimatedby the CFCA (Communications FraudControl Association) to be $29.2 billion

Telecoms network fraud is constantly evolving as criminals develop and optimise increasingly more sophisticated techniques to defraud operators and evade detection.

Interconnect agreements, international trading agreements and to some extent regulatory bodies make it difficult to prevent criminal elements from receiving the proceeds of their fraudulent activities.

International Revenue Share Fraud Domestic Revenue Share Fraud Bypass Fraud Theft

Premium Rate Fraud Wholesale Fraud Arbitrage Other


3


Since the first telephony services were introduced criminal elements have sort to manipulate them to make money. Starting in the early days with simple caller impersonations the techniques deployed have increased dramatically in number and sophistication.

There are now a dizzying array of fraud types, from the revenue loosing headliners like international and domestic revenue share fraud, PBX hacking and interconnect hijacking to account takeover, Wangiri,

interconnect bypass, man-in-the-middle SMS fraud and more.

Network evolution has increased the ease with which telecoms networks can be attacked and defrauded. Twenty years ago all calls in fixed and mobile networks were carried over TDM networks like SS7 and ISDN. These deployed specialised hardware with E1/T1 interfaces that were inherently hard to attack. As these networks have evolved into the all IP SIGTRAN, SIP and DIAMETER networks of today so the ubiquity of IP has increased the number and range of attacks.

What was once a fairly limited avenue for fraudsters is now big business. With industry bodies like the GSMA operating their own workgroups that liaise directly with intelligence agencies like Interpol shows just how seriously the industry is taking this problem.

The Rise of Telecom Fraud


4


The way this rising level of fraud has been combatted in the first instance is to deploy sophisticated large scale monitoring platforms that capture and record the signalling traffic across a Telcoms network. This data can then be analysed in detail to spot fraudulent activity. The huge volume of data involved makes this a daunting task, but with the exponential growth in big data and the improved sophistication of AI we’re now seeing a combination of technologies being leveraged to provide faster, more accurate results.

Once the fraudulent behaviour has been identified the next obvious step is to insure it is brought to a halt.

In the real world that can mean a number of steps. In some regulatory environments there are checks and balances that have to be observed as operators are

not in a position to unilaterally bar subscribers from the network without regulatory consent.

Having cleared any regulatory hurdles a technical solution in the network will then need to be devised. Solutions can take many different forms, and many networks deploy sophisticated signalling firewalls that can be configured to block fraudulent behaviour. It may be that specific configuration or policy adjustments need to be applied to one or more network components, which in turn needs to be managed in conjunction with the network operations team.

The rollout of changes in a telecoms network is a tightly controlled process with considerable checkpoints and procedures in place.

All this complexity is of little interest to fraudsters, and while regulatory and procedural processes take their time the operator continues to loose revenue.

Traditional Approach to Combating Fraud

Profit

Loss


5


Fight Fraud in Real-TimeThe Squire Technologies Fraud Prevention Gateway, the SVI-FPG, provides operators and security professionals with a flexible real-time method of combatting network fraud.

Designed specifically to sit outside any service effecting critical path the SVI-FPG allows users to interrogate network components and resources to identify potential fraudulent behaviour.

If fraud is detected the gateway can instigate remedial network actions such as session tear-down, forwarding, redirects and transfers etc.


6


Working with a client the SVI-FPG was deployed to combat CLI spoofing. This is where a call has its caller id altered or spoofed to fool the recieving network into identifying it from a different subscriber, for the purpose of appearing to be in a different location. This results in incorrect billing by the operator and is a particular favourite of criminals perpetuating fraud around mobile roaming.

Our signalling experts worked with the client to deploy the gateway in a non-critical path in their network. For incoming calls it checks the network internally to see what state the presented caller id purports to be in. If the network sees the subscriber is in an idle state (ie. the subscriber is not active) then the call is deemed fraudulent and is torn down, otherwise the call proceeds as normal.

The SVI-FPG provides a great deal of flexibility and any number of lookup’s and triggers can be performed, with subsequent actions like teardown, transfer, redirects and more able to be easily configured.

CLI Spoofing


7


Here at Squire Technologies we are working with a number of global vendors, operators and security agencies who have deployed the SVI-FPG. It works alongside the established platforms discussed in this paper and provides a highly flexible, complimentary tool to combat fraud.

With almost two decades of specialist signalling experience we are well placed to help you combat the evolving threat of network fraud.

For more information about our SVI-FPG Fraud Prevention Gateway, and our complete range of core network products call our team today on +44 1305 757314

ANTIFRAUD

Another tool in your anti-fraud toolkit


8

PCI DSS Solution Paper – Securing card payments made by phone

Squire Technologieswww.squire-technologies.co.uk

64 High West StreetDorchester, Dorset. DT1 1XAUnited Kingdom

Tel: +44 (0)1305 757 314Fax: +44 (0)1305 757 309Email: [email protected]

the signalling specialists to the telecoms industry

Follow us on Twitter

Follow us on LinkedIn

AssociateMember

telco fraud prevention in real-time - squire technologies · 2019-05-10 · telecoms network fraud...

Documents