Telecommunications fraud is an oft-talked about, but little-understood issue facing communications service providers (CSPs). Telecommunications fraud by its industry definition is the use of voice, data, or other telecommunication services by a subscriber with no intention for payment of that usage. Industry studies have estimated that fraud costs operators billions of dollars each year, with the costs of that usage having to be absorbed by CSP as passed down to both residential and commercial subscribers.
Although many operators have increased measures in recent years, to minimize fraud and reduce their losses, fraudulent actors continue to find new ways abuse communications networks and services.
The information below serves as a means for both subscribers and operators to better understand the different types of telecommunications fraud and the methods used to identify and prevent it.
Zero-Rating Fraud New!
A Global Internet Phenomena Spotlight
Zero-rating is a data offering that enables unlimited usage of one or many applications, services, or websites, for a fixed (or zero) price. This approach is often used by CSPs to differentiate their services and stand out from the competition while providing a valuable benefit to subscribers.
Recently, a small percentage of subscribers have begun to exploit zero-rated websites and applications by using a technique known as HTTP header injection. This fraudulent behavior is accomplished by using smartphone applications that masquerade non-zero-rated traffic as if it is sourced from a zero-rated site, allowing a subscriber to avoid related charges.
Sandvine’s Global Internet Phenomena Spotlight: Zero-Rating Fraud explores this issue in detail and contains a number of revelatory facts, the highlights of which include:
- On a tier-1 operator’s 2G and 3G network, subscribers suspected of using HTTP header injection to commit fraud averaged 805 MB of usage each month. This is more than 300% higher than the 2G and 3G network subscribers’ mean monthly usage.
- While only 1% of subscribers are suspected of committing fraud, they were responsible for 140 TB of total network traffic in a single month. The operator of this network believes zero-rating fraud could be responsible for 10% of total network traffic.
- The traffic composition of the suspected fraudulent traffic was very similar to the traffic composition of the region, with over 30% of the traffic being for the social applications Facebook, WhatsApp, and Instagram.
- Left undetected, the zero-rating fraud could cost the operator examined more than $7M USD each month, based on the average cost of data for their prepaid plans.
OTT Voice Bypass Fraud
A Global Internet Phenomena Spotlight
As the use of Voice over IP (VoIP) grows due to its wide adoption as part of Over-the-Top (OTT) applications, its integration with the many decades old SS7 interconnect agreements are a growing cause of concern for end subscribers, regulators and obviously communication service providers.
This report is based on data collected from a fixed access network in a developing market and highlights how security flaws in the SS7 voice network have created security, privacy, and lost revenue risks that impact both subscribers and operators.
Sandvine’s Global Internet Phenomena Spotlight: OTT Voice Bypass Fraud examines an emerging market network to reveal a number of facts on OTT Voice Bypass fraud, the highlights of which include:
- “In Calling” features are often turned on by default in smartphone VoIP apps, resulting in both the person making the call and the person receiving the call potentially not being aware that their call is being intercepted. This lack of transparency represents a significant security and privacy risk to subscribers.
- Over 60% of the traffic from the leading VoIP app on the network examined was from OTT Voice Bypass calls enabled by an “In Calling” feature
- Based on the bandwidth observed, in a typical month, Sandvine estimates there are over five million minutes of fraudulent OTT Voice Bypass calls terminated on the network
- Based on publicly available figures for international call termination, five million fraudulent “In Calling” minutes each month could result in millions of dollars in lost revenue for the operator examined each year
Whitepaper: Considerations and Best Practices for Zero-Rated Fraud Prevention
By adhering to these principles, CSPs will be able to launch successful zero-rated offerings that prevent fraudulent activities.