Making a difference when it comes to fraud prevention

Where Communication Professionals Go to Know

The Key to Stopping Call Stretching Fraud – A real-time handshake between operators

by | Feb 21, 2022 | News | 0 comments

by AB Handshake

Telecom voice fraud has been a persistent problem for businesses and telecommunications companies for decades.

According to the CFCA, losses to telecom fraud amounted to $39 billion in 2021. And this is excluding the losses enterprises faced that year. In 2019, the same measurement amounted to $28 billion.

Of course, the methods fraudsters use to commit these crimes are in a state of constant innovation. As soon as telecom operators achieve the ability to stop one scheme, the fraudsters develop new schemes and new ways to steal money and avoid detection.

One clever fraud scheme that’s now tricking even the most skilled fraud management systems is something called Call Stretching. This is enabled when a normal international phone call is “hijacked” by a transit carrier. 

Often, a fraudster records a portion of a phone conversation. As soon as the terminating network receives a disconnect message, the fraudster plays a recording to the calling subscriber. The caller is often unaware of what’s happening, so they try to interact with the voice they hear on the other end for several seconds, or minutes, before realizing it’s a recording and hanging up. 

Vasily Birulin, Managing Director of AB Handshake Corp., has shared some of his thoughts on Call Stretching fraud and what service providers can do to mitigate this problem.

Q. Why are operators struggling to detect Call Stretching fraud? Can’t they use their Fraud Management Systems (FMS) to find and block it?

Vasily Birulin: The challenge in detecting Call Stretching is that the fraud is embedded inside legitimate international phone calls.

Most FMS’s are designed to analyze call patterns in International Revenue Share Fraud (IRSF). They detect calls involving illegal routing, call generation and other common patterns that are prevalent in many fraud schemes.

FMS’s rely on detecting common call patterns such as unusual destinations, low ASR and ACD, large amounts of simultaneous calls to and from a specific range, and more.

An FMS uses analytics, volume thresholds, and AI/historical data to pinpoint the fraudulent calls sent to, for example, “premium rate” countries like Cuba, where termination per-minute rates are very high. It’s detection from a bird’s-eye view, so to speak.

Call Stretching doesn’t fit in these detection models because the fraud hides in legitimate phone calls. The connection and the initial conversation are legitimate, but the ending of the call is hijacked. So, traditional FMSs are simply not equipped to detect this kind of fraud at all. It’s a bit like trying to find a “needle-in-a-haystack”. 

The fraudsters can implement this fraud scheme across millions of phone calls and maintain a low per-call profit to stay off the radar of traditional fraud detection systems.

Q. How does the Call Stretching fraud scheme work?

Vasily Birulin: Call Stretching fraud actually starts with a phone call from one party to another. This is often an international call that connects via many carriers.

For example, a call may originate in Spain and terminate in Cuba, a premium rate country charging $0.70 (70 cents) per minute.

Here is the process of connecting and charging for a legitimate phone call like this:

In the legitimate call example, three wholesale transit carriers each collect, let’s say, one cent per minute to connect, and the Cuban operator (B operator) eventually charges $7.00 for a 10-minute call. Each carrier in the routing chain bills the next until you get to the A operator, who pays the total cost of connecting the call.

Now let’s consider the same call under Call Stretching fraud, which also begins as a legitimate call from Party A to Party B. The call lasts five minutes and the Cuban operator earns $3.50.

At the five-minute mark, transit Carrier 2 (the fraudster) disconnects the call to Party B in Cuba while simultaneously keeping Party A connected on the call. The Fraudster substitutes the real voice of Party B with either a pre-recorded voice of Party B’s conversation, or some other recorded content. 

It’s important to note that playing back the recorded voices of a caller is a serious privacy violation, by nature. This is a major part of the damage caused by Call Stretching.

The fraudster’s goal is to fool the calling parties into believing they are still talking to the B Party. For example, the fraudster’s recording may ask the caller to remain on hold while the called party takes another call. A wide variety of recordings can be used and are often successful.

So, from the five-minute point of the call onward, Carrier 2 will bill for the extra seconds or minutes that Party A remains connected before hanging up. The bill Carrier 2 sends for the remainder of the call is billed at the rate the Cuban operator is charging – $0.70 (70 cents) per minute.

Operator A isn’t aware that the call was disconnected to operator B. Both operators remain unaware of the fraud taking place.

As you can see, Call Stretching is a sneaky and highly profitable fraud scheme that traditional FMS’s and databases aren’t equipped to detect and block in real-time.

Q. So what can be done to block Call Stretching?

Vasily Birulin: The answer to this fraud scheme is a recently developed technology proposed by AB Handshake that establishes a quick, private and secure network link between the originating and terminating operators. 

This enables the A and B operators to communicate with each other in real-time via a direct, secure, out-of-band connection. They instantly cross validate the call details from the A and B call registries to confirm the call integrity.

The system needn’t reveal the connection status. To detect fraud, it only needs to detect a change in the status.

How Call Stretching is Stopped via Cross Validation of A and B Call Details

Vasily Birulin: In the Call Stretching fraud scheme, a call is made to any active phone number, the A and B Parties are legitimately connected and have a normal conversation.

But shortly thereafter, a fraudulent transit carrier breaks the call to operator B while keeping Party A connected by playing a pre-recorded conversation or some other content to make Party A believe they’re still connected to Party B.

If operators A and B are both connected to the out-of-band system mentioned above, the B Registry can automatically alert the A Registry when the fraudster terminates the call to operator B. 

Operator B then immediately knows to inform operator A that it must end the Party A call to prevent a possible call-hijacking, or Call Stretching.

In both cases, a real-time out-of-band exchange of call details between A and B operators enables full visibility and control over any call stretching attack, and all other forms of voice fraud, without any intervention from an FMS. 

Since the call registries of the A and B operators communicate directly over a secure encrypted channel, no intermediaries can infiltrate the call validation process. The call validation procedure becomes a genuine, reliable source of information about the call status.

For Retailers And Wholesalers Alike

Vasily Birulin: Stopping telecom fraud is of interest to both retailers and wholesalers. Trustworthy wholesalers know how much damage fraud causes. It’s a major industry headache that leads to customer frustration, churn, revenue losses, costly disputes and damaging business relationships. 

Therefore, both retailers and wholesalers share a strong commercial stake in seeing a cost-effective solution to stopping telecom fraud. 

As I’ve explained, the rise in Call Stretching presents a problem that can’t be solved by a traditional FMS. 

The community-based paradigm of combating fraud via a lean, out-of-band communication channel for real-time cross-validation of call registry details has many advantages. It entails very low investment on the operator side and has the potential to bring a serious gain on the revenue side.

Of course, such an initiative first needs industry-wide acceptance by the community of anti-fraud professionals. 


Vasily Birulin: While mobile carriers may initially love the concept and simultaneously implement it into their organization, transit operators are skeptical of how they can benefit from this.

The answer is simple yet prominent – once the system is installed, there will be no fraud at all. So wholesalers will certainly benefit too.

Now, it takes time from idea inception to real system implementation. But so far, major operators are beginning to implement this technology. 

Of course, the real power of call validation comes from the sheer number of operators that use it. Call validation becomes more beneficial for every participating operator as more and more traffic around the world is validated and freed from fraud.

So, this brings us to the consistent message behind this technology – the most important factor isn’t who exactly is using the system, but how many operators are on board, how much traffic is being validated, and what destinations are being covered.

The concept of AB Handshake’s proposed call validation technology is very simple. Eliminating fraud with this technology is basically about getting the A and B operators to share intelligence with each other.

Today, call validation technology is the only system in the world that can stop Call Stretching fraud, and I’m glad that such a solution has arrived at the right time to help operators around the globe counter this emerging threat.

ABHandshake Logo


Submit a Comment


Contact Us

If you are interested in knowing more about membership, are a possible strategic partner wishing to collaborate, are looking at possible sponsorship opportunities or wanting to attend one of our events.  Please use a legitimate business email address when enquiring. Thank you.

Contact Us

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.