2600Hz Blog

Read about cutting edge telephony thought leadership, 2600Hz product updates, customer use cases and more!

Featured Posts

Subscribe to Email Updates

Protecting Your Business By Controlling Telecom Fraud: Carrier Management

iStock-1051594028

"Protecting Your Business by Controlling Telecom Fraud " Is an educational blog that covers several best practices to help you protect your business from fraudulent activity. Over a series of blogs and webinars, we’ll dive into the fundamentals of VoIP fraud, identify typical fraud activities, and discuss essential prevention methodologies you can use to protect your platform, your customers, and your business.

PART 2: Carrier Management:

Ensuring that your configuration and permissions are as restrictive as possible while allowing normal operation is the first step in minimizing exposure to fraudulent activity. Since good security involves multiple layers, having server-side controls in the case of device compromise will similarly reduce exposure to unwanted traffic. Using a multi-tenant system like KAZOO allows you to have full control. With full system control at your fingertips you can set carrier limitations, limit access to carriers, monitor carrier utilization and set flags on a per-account, per-device and per-reseller basis.

In the case that fraud does occur, having a great carrier becomes important. The best carriers provide analytics monitoring, alerts and logging. Since you are ultimately responsible for the traffic generated by your system, delegating fraud detection and mitigation to your upstream is not the wisest course of action. It’s important to know how to set limitations and access to carriers and know how to monitor carrier utilization.  

Set Limitations and Access to Carriers

Set and create limitations on a per-account, per-device and per-reseller basis.

Examples of explicit inbound/outbound rules:

  • Block inbound network traffic you do not want
  • Route high-rate calls via alternate more fraud-enhanced routes
    • KAZOO blocks high rate areas by default
  • Limit number of simultaneous calls
  • Select backup routes which come into effect when other routes fail
  • Choose carrier priorities for all outbound services or by service individually
  • Select different set of routes, depending on the type of number being dialed
  • Limit the types of call the account can make
    • Example: US Toll Free, US Toll, Emergency Dispatcher, International, US DID, Carribean

Monitoring Carrier Utilization

Prepay can be effective in preventing you from the horrors of unlimited network access. When your credit runs out, your account shuts down in real-time. Once the money has been exhausted entirely from the account and a call needs to be made, it will require a top-up or recharge.

    • top-up is a way to replenish an account
    • recharge is a way to replenish an account with the extension of the validity period

Rate decks are constantly changing and keeping them updated prevents you from being caught off guard when rates increase significantly. There have been several incidences where a region updates from $0.15 to $0.90 unexpectedly. As traffic volume increases, it’s important to update the rate decks.

Add arbitrary flags to the account, user, device and also on the carrier side, to match that you are selecting the right carriers to the right calls. Flags are a list of features a carrier supports. This list is matched against a user’s device option; if all of the features exist in the carrier’s flags, the carrier is kept in the available routes; otherwise it is removed from contention. An example is a fax machine; it would have a “fax” flag that would match any carriers with the “fax” flag.

Security is often overlooked until a breach occurs. Stop yourself and your customers from being affected before it happens.  A single fraud event can cost a customer anywhere from $3,000 to $50,000, and more often than not, occurs more than once. To learn more about simple preventative methods to protect yourself and your customers view our  “Protecting the Customer Experience by Controlling Telecom Fraud” webinar by simply registering here.

 

Related Articles:

https://www.nytimes.com/2014/10/20/technology/dial-and-redial-phone-hackers-stealing-billions-.html

https://www.theregister.co.uk/2006/06/08/voip_fraudsters_nabbed/

https://www.komando.com/tips/454982/stop-annoying-robocalls-on-your-iphone-and-android

Tagged: KAZOO, security, UCaaS, 2600hz, cloud communications, CPaaS, Unified Communications Security, voip security, Voip Fraud, uc, telecom security, telecom fraud