The statistics on fraud in the international telecommunications industry are scary. A recent survey of 175 professionals by the Risk & Assurance Group (RAG) showed that fraud is costing communications providers and their customers $92 billion annually. The GLF Fraud Report 2020 said 45 percent of carriers had seen an increase in fraud last year. Like other customers, my personal experience of robocalls and wangiri confirms the industry statistics. However, what is truly frightening is that our industry thinks these levels of fraud are normal. It is hard to ignore the nuisance calls we receive on our handsets, but we ignore industry reports and surveys because they always tell us fraud is high and will never be defeated. We have convinced ourselves that fraudsters will win because the true source or eventual destination of a call cannot be determined if it is not on our own network. Please allow me to challenge this assumption by asking you a question: when was the last time you made or received a bank transfer only to find the money went to the wrong place?
There is a lot of similarity between an international bank transfer and an international phone call.
- They both involve an A party that instigates the transaction, and a B party that receives it.
- They both involve two separate companies, in different countries, following common protocols even though neither controls the other.
- They both have an active A party and a passive B party, but the B party still retains the power to reject the transaction.
- They both involve forms of messaging: signaling is a core component of telecom operations, whilst banks and other financial service providers use methods of communication that also work at the speed of light.
The big difference between international telecoms and international banking is that vital communications between banks only occurs through secure channels. Even if something went wrong, it would not be possible to pretend a message sent from Bank A is different to the message received by Bank B. Telecoms is different because signaling is not secure, and is routinely corrupted to create inconsistencies between A and B. These inconsistencies are how fraudsters make money from calls, whether it involves manipulating the apparent origin of a call, short-stopping before the stated destination, or stretching the duration. So the next question we should ask ourselves is: what stops carriers from being more like banks?
A lot of good work is being done to improve signaling security. Diameter is definitely an improvement on SS7, and many telcos have invested money in firewalls and other technologies that protect their signaling infrastructure. Perhaps there is a future where signaling will become secure worldwide, but changing signaling for every network provider is not going to be quick, and will definitely be expensive. Whilst improving the security of signaling would be a great aid in the fight against fraud, I believe it is wrong to wait for these enhancements because they will take too long to implement, leaving everybody at risk in the meantime.
Advanced technology may sometimes seem like the only way forward but the solution to telecommunications fraud was identified by the banking sector in the 1970’s. Instead of altering the networks themselves, two communications providers can simply use the internet and secure messaging protocols to inform each other about the traffic that is meant to be passing between them. This communication should be separate and parallel to the call itself because avoiding the need for a network upgrade will greatly reduce the time and cost of implementing the solution. If the A and B party operators have agreed on this secure communication channel to validate every call, then no calls can be manipulated as they transit across intermediaries. This is because the inconsistency will be obvious to the operators at the source and destination. They will reject the call like a bank rejects a suspicious transfer.
There is no need for secure communications to rely upon fancy new technologies like blockchains. Bankers worked out how to do it in the 1970’s. They had to; sending money from one country to another country was taking too long and none of them wanted to work in an industry where two banks might end up arguing about who sent how much to where. They devised a secure method to communicate with each other. Bank A knew how much they were sending to Bank B, and whose account the money was destined for. Bank B knew how much money they received from Bank A, and which account it came from. Agreeing upon the details of the method led to the formation of the Society for Worldwide Interbank Financial Telecommunication (SWIFT) in 1973, and its messaging systems were adopted in practice in 1977. Now SWIFT is used to convey over a billion messages about financial transactions each month.
If I, as a consumer, can send a secure message to a friend in parallel to calling them, so my friend knows the call is from me when it rings on their handset, then the telecommunications industry is able to do the same. That is effectively the technology that my business, the AB Handshake Corporation, has developed, and is putting into use with communications providers dotted around the world. Imagine a scenario where every network operator knows the real origin of every call it receives, and verifies that every call it instigates arrives at the intended destination. This would be like the world of banking. That is the surest way to rapidly reduce the billions of dollars being lost to telecoms fraud each year.
The AB Handshake is a method that networks can implement now, giving real-time validation of every call between any two providers that have both implemented the handshake. The widespread adoption of AB Handshake will do to the international telecoms industry what SWIFT did for international banking over 40 years ago. I believe this wholeheartedly, and this is why our business is giving free extended trials to early adopters of our technology. Our company’s mission is to make the AB Handshake user community global and eliminate fraud in telecoms the same way it has been eliminated in international banking transactions.