Gabriele Lieser

CUSTOMER SUCCESS MANAGER

Summary

SMS enjoys the reputation of being a safe channel for communication. But as any system, it is prone to abuse. The key weapon in the fight against Grey Routes is correct data. Knowing exactly which source numbers are associated with which countries, networks, hubs and businesses is essential so that operators will not have to pay dearly for ineffective SMS firewalls.

“Short Message Service.” Do you remember your first SMS? I bet you sent it with a thrill of anticipation to communicate with people in a short, quick and fun way. Originally created for phones using GSM (Global System for Mobile) communication, nowadays, all cell phone systems support it. Did you know, the first SMS message was sent in December 1992 from a personal computer to a mobile phone over the Vodafone GSM network. The text of the message: “Merry Christmas.” Sweet.

RoamsysNext Insights

In RoamsysNext Insights our experts share their views on extensive industry topics and possible solutions we can offer.

Sending SMS from person to person became possible in 1993, and although subscribers used it reluctantly first, it soon became a growing market. Person-to-Person (P2P) SMS has declined somewhat since its peak due to Over-the-Top (OTT) messaging apps, such as WhatsApp, however, the volumes of SMS continue to remain high and growing due to Application-to-Person (A2P) messaging for all types of uses, from two factor authentication to delivery notifications. This has led to a multitude of attack vectors using SMS.

Grey Routes

SMS fraud profits from the fact that international text messages can be routed in several different ways to reach their destination so that each route is charged differently. The term Grey Route defines a route that is not authorized by the mobile operator for delivery of SMS to their subscribers. Usually, these methods cannot be charged for and may circumvent lawful interception requirements in the local country – let alone allow the operator to scan the message for spam or fraudulent attacks on their subscribers.

Grey Routes are prevalent where the mobile operator has an imbalance between international termination and local termination rates for SMS, coupled with an ineffective SMS firewall. A key weapon in the fight against Grey Routes is correct data regarding sources of messaging to ensure the SMS firewall and other nodes are applying the correct policies and the real source can be traced.

Broken Glass Security

Subscriber Targeting

“Spam” is the unsolicited messaging of a subscriber that can be anything from a mild irritant to a dangerous privacy attack through “smishing” (SMS Phishing). Apart from the cost of handling complaints from subscribers, this can cause a large amount of churn as they move operator to attempt to escape the deluge.

A key weapon in this fight is correct data

Spam advertisements usually include a call-to-action, such as a phone number or web address to click on. Driven by click-through rates, the spammers engage in a multitude of techniques to bypass an operator’s systems to reach the subscribers for as low a cost as possible.

The use of SMS as a two factor authentication medium is commonplace as all handsets globally support this method, thus providing a cheap and universal method to secure accounts. Unfortunately, the attackers may masquerade as the business (bank, social media, etc.) or government agency and attempt to retrieve subscriber private information to defraud them.

Lifeguard on the watch

There is a silver bullet to success

Controlling the SMS messaging arriving into an operator’s network from international, national and business (e.g. local bank) links is essential to preventing the above attacks. Knowing exactly which source numbers are associated with which countries, networks, hubs and businesses is essential.

As we have observed, the list of incidents is long, and as usual, it exposes the crucial factor of time and reliable data. SMS still has the reputation of being a safe channel for communication. But as any system, it is prone to abuse. Verifying numbers has never been more important, both for subscribers and MNOs. Screening the origin of incoming messages is the only safe way to prevent fraudulent attacks and to prevent revenue loss. Verifying that the message is of trustworthy origin and, if necessary, blocking suspicious SMS is the silver bullet of handling security breaches.

Verifying numbers has never been more important

What can we do for you? Already today, our tools simplify to an extraordinary extend the initial and ongoing correct configuration of every roaming relevant network element. This helps MNOs to block any unwanted or unauthorized traffic with very little effort. It certainly is an easy-to-use application to increase efficiency, transparency, and enhance resource management, and we continuously optimize our applications to serve our customers even better. Likewise, we are increasingly keeping an eye on upgrading security aspects. That’s how MNOs can leave analysts/ investigators with the most relevant cases to review. Since we are experienced in developing the InfoCentre RAEX Tools application on behalf of the GSMA, our tools are fully compliant and can be most easily implemented and aligned to your specific requirements. Talk to us, we will listen to you.

Gabriele Lieser joined RoamsysNext in 2020 as Customer Success Manager to strengthen the bonds with our increasing number of customers and to support the marketing team. Gabriele has a strong background in corporate sales. She studied at the Universities of Trier (Germany) and Manitoba (Canada) and is incorporated in the RoamsysNext Client Service team.

  • RoamsysNext Insights

Let’s talk about data quality

Most fraud and security issues are caused by misconfigured network nodes. This article shows, how RoamsysNext treats this problem on their quest for data quality.