Fraud Within a VoIP Environment

Since the introduction of VoIP, the service or underlying technology (based on the SIP protocol) has been susceptible to multiple fraud scenarios. In particular, by exploiting some of the features of VoIP, such as three way call and call transfer, hackers can inject call signals into the network and effectively hijack calls. The result is significant non-billable revenue for the Service Provider. Since commands associated with VoIP technology are often sent un-encrypted and without authorization for each command, this is an easy technique to carry out.

An obvious solution is for Service Providers to encrypt the commands and signaling across their networks. However, such encryption can introduce additional cost. Moreover, it can result in a performance burden on the Service Provider, as well as the associated end user equipment.

A Better Solution

A less intrusive method is to introduce active VoIP policy controls in front of the Call Session Control Function (CSCF). This gateway solution can block or challenge call control messages for authenticity before passing them along to the CSCF.

For this second option to be successful, service policy gateways must be able to adapt their methods to constantly changing techniques and security threats. The type of information required to adapt or reconfigure the policy gateway can be provided by Service Assurance vendors using analytical reporting tools.

Read: Dear Network: Don’t Drown Me in Data; Inform Me with Intelligence

By processing VoIP-related call records extracted directly from the network, such analytical tools can be used to look for specific patterns or traffic “spikes” within the records, such as call volumes and call durations, both to/from specific numbers. The early detection of such events or behavior will then enable Service Providers to configure their gateways accordingly. Thus, they can effectively minimize the impact of such scenarios, as well as the related revenue loss.

Want to learn more about how Empirix can provide Analytics to help you better hone your customers’ experiences? Read Minimizing Subscriber Impacting Issues with Predictive Analytics.

Contact Empirix today to discover how you can preempt technology issues,
ensure peak level performance, and predict the smartest actions to take
in order to improve your business and delight your customers.

Written by Graham Kunz – Graham on Twitter | Posts by Graham
Graham is Empirix’s European Service Assurance Expert and he’s worked in the tech industry for nearly twenty years. More than 14 years of that time has been in Service Assurance, working with wireless customers and internal teams to understand and capture product requirements, as well as develop and introduce products. His global outlook, wireless technology knowledge and technical know-how provide him with an excellent perspective on the current and future direction of mobility and the wireless industry.

One thought on “Fraud Within a VoIP Environment

Leave a Reply

Your email address will not be published. Required fields are marked *