What are the technical features an MNO should implement to combat SMS fraud?
This is the ‘basic’ feature to be able to block unwanted traffic after pre-defined fraud patterns.
Essential to prevent faking and provided by carrier grade SMS FW vendors. Senders receive Firewall associated routing information while real customer’s identity is protected.
Content validation & fingerprinting
Enabling automated checks after content of the message, for example, after regular expressions or after a specific message pattern. Full efficiencies can be gained only if the system is able to capture SMS morphing techniques and obfuscation (when parts of the messages are constantly changed, for example, with Cyrillic signs instead of Latin letters).
IMSI of sending entity and actual customer data are crosschecked. In case the sender IMSI is not the same as the one(s) associated with customer, the probability of SIM Farm and/or identity theft fraud is very high.
Customer’s geo location is compared to suspect sender ID location: If they differ, we’re facing a case of spoofing.
Operators must be able to tailor filtering down to route and each pre-defined rule (for example, for Rule ‘Block all messages containing ‘spam.com’ from Vodafone India to TIM Italy’). Grouping of single rules into policies without limitations should be possible and User Interface should be customer friendly.
Pro-active routes testing
Simulating A2P messages to most routes available on the market and collecting information on how SMS are terminated on own network, thus revealing cost bypass and fraud cases. This service can be provided by vendors that have a network of probes or direct connection to a large number of operators.
Usually MNOs will implement a mix of in-house and 3rd party solutions with different degrees of out-sourcing.
If you have any questions, click the Reply button (below) to reply to this article or click the Contact Us button on the left side of this page.