When patience is stretched to the limit
Written by AB Handshake
The concept behind call stretching is very simple. A fraudulent carrier artificially inflates the duration of a call to be able to charge more money. But how can this be achieved? The duration is measured by the billing systems of several parties involved in the setup and handling of each voice call. It turns out that there are several ways.
The basic scenario is not relaying the disconnect call event to the upstream provider. The carrier simply ignores the fact that the call has already been terminated by the called party and keeps it active for several more seconds. And each second means additional income for the fraudster and additional loss for those not participating in this scheme.
However, there is a more elaborate way to achieve the same goal. First of all, the fraudster records the voice of the B-party during the call. And as soon as the disconnect message is received from the terminating network – the fraudster plays back the record to the calling subscriber. People are normally unaware of this trick, so they try to interact with the voice they hear for some time before realizing that this was just a recording.
At this point the subscriber becomes really annoyed with the situation. The fact that the call was clearly overcharged might even not be so important compared to the fact that a private conversation has been recorded. In times when data privacy is one of the main concerns worldwide this is especially unacceptable. And of course the party that will have to handle this complaint in addition to the financial loss from the fraud itself is the originating operator.
And the financial loss is not insignificant either – it is estimated at several billion dollars annually. Then there is yet another problem – the resulting discrepancy between call durations in the billing systems of the operators participating in routing this calls leads to trouble ticketing and payment disputes. Both procedures take up valuable resources on each side.
But was is the solution? Can there be a single source of truth which will eliminate the necessity to dig deep down into call traces?
Within the AB Handshake community as a part of the out-of-band call validation procedure all call events, including the call end message, are exchanged in real time between the originating and terminating network. And this exchange cannot be manipulated by any intermediaries. As a result – the originating party is immediately notified that the call should be disconnected, even if the corresponding message was deliberately delayed by one of the transit carriers. And this means – no extra charges for artificially inflated durations.
This also means that there is no need to handle endless disputes, as the data in the Call Registries of both the originating and terminating side is consistent and validated from both ends. Such an approach makes it easier to identify the fraudulent carrier. Of course, normally such attacks are designed to affect a comparatively small percentage of calls to increase the chances of remaining undetected. But when you validate each incoming and outgoing call – this will not work either. The simple concept of direct communication between two operators can change the whole approach to fighting fraud in no time.