The explosion of mobile VoIP applications has helped to introduce a new type of Interconnect Bypass fraud, which exploits SS7 interconnect agreements and is often referred to as OTT Voice Bypass fraud. OTT Voice Bypass fraud is on the rise thanks to the exploitation of an “In Calling” feature available on some VoIP apps. “In Calling” allows a subscriber to receive circuit switched calls, often unknowingly, as VoIP calls because these apps leverage the interconnect logic of choosing lowest cost routes.
Back in March, we issued a Global Internet Phenomena Spotlight on this topic, and since then we have worked with several customers to collect more data on this topic.
In one of those networks in EMEA, the operator observed that there were over one million minutes of “In Calling” occurring on their mobile network each month. The image below shows some additional highlights. With termination rates in that country typically over $0.10 a minute, this “In Calling” phenomenon could be costing the operator hundreds of thousands of dollars in lost revenue each month.
The “In Calling” feature isn’t only a risk to operators: subscribers making and receiving calls are at risk too. Because, “In Calling” features are often turned on by default in smartphone VoIP apps, both the person making the call and the person receiving the call is potentially not aware that their call is being intercepted. This lack of transparency represents a significant security and privacy risk to subscribers.