The key to thwarting and preventing Telecom Toll Fraud is to proactively block these fraudsters before they steal the credentials of their targets and cause monetary losses. RedShift’s UCTM solution proactively detects these fraudsters before enterprises and service providers experience loss. This is far more proactive and closed loop approach versus reactive CDR (Call Data Record) based fraud solutions in the market.
Redshift’s User and Toll Fraud tracker offers a combination of:
- advanced state machines that track and correlate user behaviors
- track normal and abnormal application state transitions
- track anomalies in call and session flows
- correlation and conformance detection
- application transitions or User properties
- monitor Blacklists/Whitelists information
- validate policy controls with real time call analytic information such as CDR records
- complete visibility of call profiles, call zones, Block lists, Time of the day tracker.
The Toll Fraud tracker uses complete UC-stateful Back to Back Use Agent (B2BUA) technology. B2BUA allows RedShift Networks customers to track and correlate malicious attempts in real time. The authorization codes are tracked to ensure no foul play is detected – e.g. same authorization code being used at multiple geo locations or by different users.
RedShift Networks helps users spot toll fraud, tracks, and learns all local, long, international, toll and do-not-call numbers for each user per time of hour, day, month, and year buckets. All results are normalized and kept in the Fraud detection database. Any sudden surge in anomalies in real time are matched with the policy profiles – either the user is asked to retry after an allotted time, or the call is simply rejected. Refer-To’s or redirects are strictly monitored and through the UCTM patent pending learning process, the engines automatically generate a dynamic circle of trust. Activity outside the circle of trust is considered malicious and depending on the predefined policy, any attempt to use the Refer-To feature to initiate long distance or international calls is rejected.
IT departments also decide to provide Policy Zones to gain more specific controls on the usage of long distance and international calls. These zones create different security policies and attach it to a group of users. This optional feature along with configuration ensure policies are enforced by the Toll fraud detector. The Fraud database is constantly updated and provides a list of all known and/or learned Fraudster locations, Botnets, War dialers, spamsters or scanners that should be blocked.