Fraud Detection Solutions
Orchid Fraud Detection Solution Suite - An Overview
- In the ever-evolving landscape of telecommunication networks, fraud detection has become a critical concern for service providers. The rising instances of fraudulent calls, unauthorized access, and illicit activities pose significant challenges to profitability, customer trust, and the overall reputation of telecom companies. Orchid SBC provides several effective solutions to combat these.
HIGHLIGHTS
Orchid Advanced Analytics
Orchid Link SBC enables and supports fraud detection systems by adopting a real-time data-driven approach. Sitting directly in the call path, Orchid SBC can send call events for real-time analysis for fraud to external systems, enabling the timely detection of fraud.
Number DB validation
Orchid Link SBC integrates with Xconnect, which offers a range of A-Number validation datasets via query or download, including Global Number Range (GNR) data and DNO data. By pre-validating A-Numbers, carriers avoid having to block traffic due to uncertainty of origin and can also enhance customer confidence in their trusted traffic status.
STIR / SHAKEN
Orchid Link SBC supports STIR/SHAKEN, a comprehensive suite of protocols and procedures designed to combat caller ID spoofing, robocalls, and call spam. It consists of two technical aspects: STIR (Secure Telephony Identity Revisited) and SHAKEN (Signature-based Handling of Asserted information using toKENs). STIR addresses the requirements for SIP-based telephony networks, while SHAKEN focuses on the last-mile issues and procedures at SS7-SIP interconnect points.
AB Handshake
Orchid Link SBC is integrated with AB Handshake Call Registry Software, preventing CLI spoofing and working against all major types of voice fraud. Validation happens in real time, ensuring customers don’t receive the fraudulent calls and operators avoid losses.
Orchid Link SBC supports a comprehensive suite of solutions that combine the power of machine learning and real-time data analytics to combat fraud in telecommunication networks. Orchid SBC combines several Fraud Detection methods and solutions, equipping service providers with actionable insights and tools to identify, mitigate, and prevent fraudulent activities.
1. Orchid Call Control Events: Integration With Fraud Engines For Real-Time Call Control
Orchid Link SBC sends call control events to an external event server using the HTTP protocol. This event server can be an external Fraud Detection module that analyzes call events real-time and makes a decision to continue or terminate the call.
Call events like CallReceived, CallAnswer, and CallReleased are sent to the server. It is expected that the event server will respond back to every sent event. If the response sent back to the SBC is to terminate the call, SBC will terminate the call.
2. Xconnect Integration: Number Validation
Orchid Link SBC is integrated with XConnect Number Validation solution to validate both A and B numbers. XConnect has an extensive number database of DNO, Do-not-call numbers and Fraud lists from many countries. Orchid’s customers can leverage these services to pre-validate numbers, thereby preventing fraud and minimizing revenue loss.
3. TransnexusOSPrey Server Integration: STIR/SHAKEN
Cataleya’s Orchid SBC plays a crucial role in delivering an end-to-end STIR/SHAKEN service. It invokes authentication (AS) and verification services (VS) on behalf of the service provider. This page presents a summary of authentication and verification call flows:
- 1. A subscriber with Service Provider A sends a call to their Orchid SBC.
- 2. Orchid forwards the call to OSPrey-A, which is a SIP redirect server.
- 3. OSPrey-A performs LCR, fraud control and SHAKEN AS services, then sends one of the following responses back to Orchid:
- SIP 404 Not Found: Routing information is unavailable.
- SIP 603 Decline: Fraud is detected or SHAKEN AS fails.
- SIP 3xx Redirect: Destination information (Orchid of Service Provider-B) and a SIP Identity header including a digitally signed token that includes the calling number (secure caller ID).
- 4. Orchid processes the response:
- If SIP 404 Not Found, then Orchid tries the next destination configured in its routing policy.
- If SIP 603 Decline, then Orchid proxies the response back to the Source to block the call.
- If SIP 3xx Redirect, then Orchid forwards the call to the terminating service provider’s destination with the Identity header.
- 5. Service Provider B’s Orchid forwards the call to their OSPrey-B
- 6. OSPrey-B performs fraud control and SHAKEN VS logic, then sends one of the following SIP responses back Orchid:
- SIP 404 Not Found: Routing information is unavailable.
- SIP 603 Decline: Fraud is detected, or SHAKEN VS request fails.
- SIP 3xx Redirect: Destination information (Destination of Service Provider-B) is attached.
- 7. Orchid processes the response:
- If SIP 404 Not Found, then Orchid SBC tries the next destination configured in its dial plan.
- If SIP 603 Decline, then Orchid proxies the response back to source to block the call
- If SIP 3xx Redirect, then Orchid forwards the call to the destination
4. Neustar Integration: STIR / SHAKEN
Orchid is pre-integrated and tested with the Neustar STIR/SHAKEN framework. A powerful policy engine framework helps define service flows based on different responses to AS (Authentication Service) and VS (Verification Service) requests.
Authentication Call Flow
- When an invite is received by the Cataleya SBC (SBC + Auth Proxy), it determines if the session requires STIR authentication based on configured policies.
- The SBC sends an authentication request to the SHAKEN Auth service (using HTTP or SIP), which responds with an Identity header
- The SBC receives adds the Auth Identity header to the outgoing invite for caller ID verification at the destination.
Verification Call Flow
- The Cataleya SBC/Service Proxy receives an invite with an Identity header.
- If the incoming zone is configured for Shaken Verification service, the SBC forwards the caller ID and Identity header to the SHAKEN verification service.
- The SHAKEN verification service attempts to verify the caller ID, and if successful, the invite is forwarded to the remote party.
- The user can configure actions to forward or block the call based on the verification status.
5. AB Handshake Solution: Out Of Band Call Validation For A-Number Spoofing
Orchid SBC integrates with AB Handshake Call Validation platform, offering a means to validate Call Details (A/B number, etc.) ‘out of band’ for a terminating service provider to verify if the incoming call from the source service provider is legitimate. This method efficiently prevents A-number spoofing, robocalls, and many other fraudulent call attempts.
AB Handshake Call Registry
- When a call is originated the Service Provider, sends the call event and details to a Call Registry.
- The terminating provider sends the same details to its own AB Handshake Call Registry, and these federated clusters of call registries communicate with each other to verify details of the attempted call in real-time.
Orchid SBC integrates with AB Handshake Call Validation platform, offering a means to validate Call Details (A/B number, etc.) ‘out of band’ for a terminating service provider to verify if the incoming call from the source service provider is legitimate. This method efficiently prevents A-number spoofing, robocalls, and many other fraudulent call attempts.