1 / 26

Toll Fraud Prevention and STIR/SHAKEN

Toll Fraud Prevention and STIR/SHAKEN. Agenda. About TransNexus Toll fraud prevention A brief history of robocall legislation STIR/SHAKEN overview Robocall prevention Questions and answers. Software for the telecommunications industry since 1997 Solutions for Toll fraud prevention

box
Download Presentation

Toll Fraud Prevention and STIR/SHAKEN

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Toll Fraud Prevention and STIR/SHAKEN

  2. Agenda • About TransNexus • Toll fraud prevention • A brief history of robocall legislation • STIR/SHAKEN overview • Robocall prevention • Questions and answers

  3. Software for the telecommunications industry since 1997 • Solutions for • Toll fraud prevention • Robocall prevention • TDoS protection • STIR/SHAKEN • Jurisdictional least cost routing • Analytics and reporting

  4. Toll fraud prevention

  5. What does it cost you?Data: CFCA 2017 Fraud Loss Survey 23.3% Proprietary and Confidential

  6. How does it happen?Data: CFCA 2017 Fraud Loss Survey • Top Fraud Methods: • $2.03 B – Subscription Fraud (Identity) • $1.94 B – PBX Hacking • $1.94 B – IP PBX Hacking • $1.93 B – Subscription Fraud (Application) • $1.75 B – Subscription Fraud (Credit Muling/Proxy) • $1.66 B – Abuse of Service Terms & Conditions • $1.66 B – Account Take Over • $1.47 B – Internal Fraud / Employee Theft • $1.38 B – Phishing / Pharming Fraud Method – is how they access the network or service to enable revenue gain from the attack • Top Fraud Types*: • $6.10 B – International Revenue Share Fraud (IRSF) • $4.27 B – Interconnect Bypass (e.g. SIM Box) • $3.26 B – Arbitrage • $3.02 B – Theft / Stolen Goods • $2.39 B – Premium Rate Service • $2.10 B – Device / Hardware Reselling • $1.35 B – Domestic Revenue Share (DRSF) • $1.30 B – Wholesale Fraud Fraud Type – is how they use the service or network to generate revenue from the attack Proprietary and Confidential

  7. Where is the risk?Data: CFCA 2017 Fraud Loss Survey Top 10 Countries where Fraud Terminates Proprietary and Confidential

  8. Too Close to Home?Data: NANP Destinations Largest Risk Proprietary and Confidential

  9. The Layers of Fraud Management Proprietary and Confidential

  10. A brief history of robocall legislation

  11. A brief history of robocall legislation Do-Not-Call Act FCC authorizes limited blocking Canadian CRTC 2018-32 PA selected in U.S. FCC allows blocking by default 2010 2000 2005 2015 2020 Robocall Strike Force Truth In Caller ID Act FCC chairman Pai calls for SHAKEN/STIR without delay

  12. “I’ve been clear that I expect major voice service providers to implement SHAKEN/STIR by the end of 2019… I’ve also made clear that if this deadline is not met, the FCC will act to ensure that SHAKEN/STIR is implemented.” -- Ajit Pai, FCC Chairman (June 11, 2019)

  13. STIR/SHAKEN overview

  14. STIR/SHAKEN doesn’t prevent robocalls. It prevents caller ID spoofing so you can answer more calls you want while avoiding spam robocalls. STIR/SHAKEN call flow Certificate repository Authentication service Verification service Originatingtelephone service provider Terminating telephone service provider SIP network Calling party Called party

  15. Certificate infrastructure Certificate Authority Certificate repository Key management service Originatingtelephone service provider

  16. Triangle of trust Governance Authority Policies Policy Administrator iconectiv Certificate Authorities Telephone Service Providers

  17. SIP INVITE with Identity header INVITE sip:18001234567@example.com:5060 SIP/2.0 Via: SIP/2.0/UDP example.com:5060 From: "Alice" <sip:14045266060@5.6.7.8:5060>;tag=123456789 To: "Bob" <sip:18001234567@1.2.3.4:5060> Call-ID: 1-12345@5.6.7.8 CSeq: 1 INVITE Max-Forwards: 70 Identity: eyJhbGciOiAiRVMyNTYiLCJwcHQiOiAic2hha2VuIiwidHlwIjogInBhc3Nwb3J0IiwieDV1IjogImh0dHBzOi8vY2VydGlmaWNhdGVzLmNsZWFyaXAuY29tL2IxNWQ3Y2M5LTBmMjYtNDZjMi04M2VhLWEzZTYzYTgyZWMzYS83Y2M0ZGI2OTVkMTNlZGFkYTRkMWY5ODYxYjliODBmZS5jcnQifQ.eyJhdHRlc3QiOiAiQSIsImRlc3QiOiB7InRuIjogWyIxNDA0NTI2NjA2MCJdfSwiaWF0IjogMTU0ODg1OTk4Miwib3JpZyI6IHsidG4iOiAiMTgwMDEyMzQ1NjcifSwib3JpZ2lkIjogIjNhNDdjYTIzLWQ3YWItNDQ2Yi04MjFkLTMzZDVkZWVkYmVkNCJ9.S_vqkgCk88ee9rtk89P6a6ru0ncDfSrdb1GyK_mJj-10hsLW-dMF7eCjDYARLR7EZSZwiu0fd4H_QD_9Z5U2bg;info=<https://certificates.clearip.com/b15d7cc9-0f26-46c2-83ea-a3e63a82ec3a/7cc4db695d13edada4d1f9861b9b80fe.crt>alg=ES256;ppt=shaken

  18. Decoded Identity token "header": "alg": "ES256" "typ": "passport" "ppt": "shaken" "x5u": https://certificates.clearip.com/4a8eb5-461b.crt "payload": "attest": "A" "dest": { "tn": [ "14695858065" ] } "iat": 1529071382 "orig": { "tn": "12013776051" } "origid": "4aec94e2-508c-4c1c-907b-3737bac0a80e" Attestation level Called number Timestamp Calling number Origination identifier

  19. Out-of-Band STIR/SHAKEN Certificate repository • Call Placement Service Authentication service Verification service Originatingtelephone service provider Terminating telephone service provider Network Calling party Called party

  20. Rich Call Data • Additional information about the caller that can be displayed to the called party, such as: • Display name • Hyperlinks to related info, e.g., image of the caller or company logo • Flexible set of caller information, e.g., address, email, birthday, etc. • Similar to enhanced CNAM • Except done at origination instead of termination • Cryptographically secure • Gives source party greater control over info presented

  21. Robocallprevention

  22. Robocall prevention methods work well with SHAKEN

  23. Nuisance call detection methods • Manual blacklisting • On-net calls from external networks • By OCN (correctly handles number porting) • By DID • Invalid calling numbers • High risk calling numbers • Calling numbers with poor reputation • Real time traffic analysis • STIR/SHAKEN verification

  24. Nuisance call treatment options per subscriber • Report only • Block • Send to voicemail • Send to CAPTCHA gateway • Send to a honeypot • Modify caller display name (CNAM) Can be configured for each subscriber

  25. Questions and answers • Get started now! • Contact us • transnexus.com • info@transnexus.com • 1-404-526-6060

More Related