Safeguarding mobile networks, customers and revenue
by JF Sullivan, CMO with Acision
A recent article here by the BBC highlighted the vulnerability of mobile device SIM cards and the ease by which fraudsters can infiltrate them to gain access to the personal and private information they store. Karsten Nohl, founder of Security Research Labs in Berlin, said he had discovered a flaw in the encryption technology used in some SIM cards – allowing hackers to eavesdrop on calls; make purchases through mobile payment system;s and even impersonate the owner. Around 750 million devices could be vulnerable to attacks as a result of this flaw.
These types of threats to consumers and operators’ networks alike are not new.
With today’s ubiquity in mobile device usage, SMS marketing efforts have exploded from both a consumer and enterprise application perspective.
“Closing fraudulent access allows operators to minimise direct revenue leakage”
This is due to the fact text messages are read and responded to far faster that mediums such as email.
Legitimate businesses are bursting onto the mobile marketing scene attempting to carve out a unique position, niche or vertical, but unfortunately spammers, scammers and fraudsters are doing the same, giving rise to a constant flood of spam and fraud traffic.
Acision findings show that on average 5 per cent of all messages are spam or fraud related, the GSMA reports that this number may be as high as 20 per cent.
For mobile network operators, this illegitimate traffic has a range of undesirable outcomes.
First on the list is revenue loss or leakages as a result of unexpected costs and imbalances in interconnect agreements.
The additional traffic also squanders network resources and pushes staffing and support costs upwards.
For subscribers who are targets of these attacks, unsolicited messages don’t exactly promote customer satisfaction leading to customer care complaints and increases in churn.
In the worst cases, excessive fraudulent activity has even resulted in regulatory intervention from governmental organisations.
The boom in SMS related marketing across the consumer landscape has affected what consumers see as acceptable and unacceptable spam, with some marketing seen to ‘cross the line’ of legitimacy.
This is especially true in regards to low-cost, bulk SMS delivery.
Such delivery providers are known as SMS aggregators whose primary business model is to send message traffic at lower costs than MNOs.
Typically, these companies partner with existing MNOs to purchase wholesale SMS services at a reduced price which they then offer to their customers.
Operators get incremental revenue by selling bandwidth on their SS7 (SMS) network to aggregators and aggregators re-sell that bandwidth to their customers.
The quality of service is not always guaranteed, as these companies offer different levels of price and performance, depending on operator and connection agreements.
This puts tremendous pricing pressure on the aggregators to ‘optimise’ at every possible opportunity.
While not always resulting in illegitimate activities, the pressure often results in the extension of lawful boundaries.
Illegitimate messaging traffic originates from a range of sources, including peer-to-peer traffic, application traffic and traffic from black market SIM boxes (or SIM farms) and other (foreign) networks.
Some traffic or message content also contravenes operator agreements or violates content provider regulations, local laws.
Gaining control of these threats requires a solution with multiple levels of control.
So how can today’s operators ensure their network, service and revenues are protected, and their customers remain happy?
Closing fraudulent access allows operators to minimise direct revenue leakage and encourages legitimate channels, improving revenue potential and ensuring that market pricing is enforced and maintained.
Understanding the complexity of the mobile marketing ecosystem is challenging.
A holistic approach is needed to deliver a comprehensive solution that detects and controls all fraud and spamming techniques.
Intelligent analytical tools based on traffic pattern can be used to help operators detect issues and minimise their revenue leakage.
Thus allowing them to quickly respond to the continuous exploitation of weakness in the mobile network and mobile devices and actively put protection methods in place.
Operators must look for a solution that assures they are in control of their revenue stream, by avoiding revenue leaks from unauthorised services usage, guarantees the correct service charging and prevents abuse of the inter-operator agreements.
A viable solution must also protect the network as well as subscribers to minimise dissatisfaction and enable regulatory enforcement as needed.
Finally, it must work agnostically across technology (SMS, MMS, IM, email, SIP), core networks, messaging platforms and handset types.
These multi-layered solutions can be delivered at a network level with filtering from anti-spoof; through to SIM box detection and volumetric control for interconnect traffic.
In addition, protection can be extended to content analysis and control to detect phishing attacks and malicious content.
JF Sullivan is Chief Marketing Officer (CMO) with Acision. Having worked in marketing roles across the IT and telecoms industries for over 20 years, JF has a proven track record in managing marketing teams to deliver ‘go to market’ programmes, creative collateral, lead generation initiatives, channel marketing, as well as web development and enablement. Prior to Acision, JF held senior marketing roles at a number of mobile and digital-media focused companies, including Cloudmark, Lotus Communications and Netscape Communications.