docGrab the opportunity to maintain your revenues and margins
download 
Plainte Transcription
Grab the opportunity to maintain your revenues and margins
Grab the opportunity to maintain your revenues and margins 1 Claire de Selve Pierre Paufique Within the context of an exponential risk of fraud and hacking… in Voice in SMS in Internet Cost the industry over 40$ billion per year “The A2P SMS market is poised for significant adoption in the coming years (+20% by 2017 in volume), if networks are closed to fraudulent routes.” DDoS attacks cost 1 to 1,5M$ / incident Loss sized for 5-25% of each operator’s interconnect revenues (for by-pass) CFCA report 2013 2 OVUM 2015 Victims of DDoS attacks are also victims of blackmail, theft, installed viruses, … Market Research Arbor … control and anti-fraud are key factors to your growth Over 60 anti-fraud customers Over 10 years experience in fraud cases First to launch voice, SMS and IP anti-fraud solutions 3 Protect the volume and the value of your incoming voice and SMS traffic Orange provides the best support and offers a full range of anti-fraud services Fraud qualification with Orange experts, traffic audit if requested And more with TBS-D, a most advanced profiling service now available Qualify Tools Orange Qualify Managed Services Help for defining and monitoring KPIs 4 KPI Action A whole set of tools covers SMS firewall, DDoS protection, test calls generator Joint work with Customer on the actions to be taken across the whole customer organisation Orange keeps on innovating and is launching the 1st profiling solution Complementary solution to eradicate by-pass in highly infected area TBS-P or other solutions list of SIMBOX (confirmed) list of new SIMBOX TBS-D CDR (MSC) IN profiling expertise 5 patents easy to use auto learning flexibility real-time privacy protection web-I Hear what our customers are saying… Orange Cote d’Ivoire Raphaël ADOU Intelligent Network Engineer, Orange Cote d’Ivoire Orange Tunisie Imen ATALLAH LANDOULSI Head of National and International Wholesale, Orange Tunisie 6 SAWAS 2015 ADOU Raphaël OCIT/ PRSI Décembre - 2015 Retour d’expérience TBS-D / DDOS Protection OCIT 7 Orange Restricted OCIT connait depuis 2013, une forte recrudescence des Simbox Des outils de lutte contre les Simbox ont déjà été installés : • Meucci en 2008 • TBS-P en 2013 (suspensions manuelles à ce jour) Efficacité périodique des outils de tests call Pertes estimées à plus de 150 000 minutes/jour sur l’entrant international 8 Orange Restricted Pour redynamiser la lutte contre les Simbox, OCIT a décidé d’installer un outil de profiling : TBS-D TBS-D est fonctionnel depuis le 23/12/2014 • Validations avant coupures manuelles Coupures manuelles par lot: Date coupure Nombre de Simbox % Faux Positifs 29/05/2015 425 2,82% 15/06/2015 500 11,80% 07/07/2015 510 11,76% 03/08/2015 500 6,80% 28/09/2015 1000 2,70% 2935 7,18% Total général Coupures automatiques depuis le 28/10/2015 9 Orange Restricted TBS-D est largement au dessus des autres outils en terme de nombre de détections 10 Orange Restricted TBS-D fonctionne aujourd’hui en mode On-net Nous notons une forte recrudescence des Simbox Off-net depuis peu… Si l’impact de ces coupures massives sur le trafic n’est pas suffisant, des mesures complémentaires seront étudiées/adoptées (test des faisceaux, localisation des Sim box, etc.) Prochaine étape implémentation du mode Off-net 11 Orange Restricted Protection DDOS: Les équipes techniques OCIT sont opérationnelles sur la solution de lutte contre le DDOS depuis le 29/07/2015 une attaque traitée par le biais de l’outil Paramétrage de l’outil à optimiser pour développer la réactivité: o Il peut arriver que les exploitants n’aient pas accès à leurs mails pour traiter les alertes intégration dans le SI à étudier o 12 Etudier l’automatisation des contre-mesures, à paramétrer avec l’aide des experts Orange Orange Restricted point à explorer: o Est-il possible de visualiser le trafic transitant par le tunnel GRE? o Besoin de formation poussée pour explorer toutes les possibilités de l’outil Merci 13 Orange Restricted Annexes 14 Orange Restricted Impact de la coupure de 1000 numéros sur le trafic 15 Orange Restricted Fraud fighting Orange Tunisia Imen Atallah Landoulsi 16 Orange Restricted 8 Décembre 2015 Contents 1. Legal Context 2. Organisation of Anti Fraud Activities 3. Bypass level 4. New Threats 17 Orange Restricted Telecom Fraud legal context in Tunisia 18 Orange Restricted Fraud legal Context in Tunisia Telecom Fraud laws in Tunisia : Orange Tunisia relies on policies : • • • No specific laws against international call Bypass Existing laws enforcement are not applicable to bypass cases (6 months to 5 years jail) Legal foundation based on “fault” principle Cyber criminality law is being prepared 19 Orange Restricted • • • • • customer contracts prohibit fraudulent use of SIM cards Distribution channel : KYC Penalties Customer reactivation control Whitelists monitoring Anti fraud activities Organization 20 Orange Restricted Organization of anti fraud activities Cooperation Internal actions : cooperation actions taken after a fraudulent SIM card is detected : • Fraudulent SIM cards are blocked every 5 min • Legal actions • distributor penalties margin National Cooperation • Regular meetings and coordination with operators • Coordination with authorities IC Cooperation 21 • Tools monitoring and tuning • New Fraud cases investigation and testing (OTT IN) • Experience sharing Orange Restricted Organization of anti fraud activities Bypass tools portfolio • Bypass Tracking Tool TBS-P since 2012 • Profiling tools since 2014 • Call blocker since 2014 • Operators tools via VPN since 2013 • Dashboard since 2014 22 Orange Restricted Organization of anti fraud activities tools tuning and evolution international Voice 5 terminals 20 terminals x 20 Bnum Manual suspension Automatic suspension Routes and Bnums update Automatic 24h analysis/h TBS-P OTT IN tests Automatic suspension (5min) OTN Profiling external tool Automatic suspension (5min) international SMS 2012 23 Orange Restricted reporting 2013 2014 P2P control A2P 2015 SMS Control Organization of anti-fraud activities Dashboard Tools performance evaluation : - False positive Minutes of usage (MoU) Suspension delay Number of detections Distribution channels monitoring - TOP Bypass seller SLA follow-up: • tool SLAs • Suspension performance Financial impact 24 Orange Restricted International Voice new threats 25 Orange Restricted New threats and challenges VoIP and OTT bypass VoIP products : New OTT bypass schemes: - once simbox fraud is controlled, fraud moves to VoIP interconnection - OTT threat on international voice - SMS traffic decrease VoIP customers such as call centers could be terminating international voice traffic - OTTs entering the wholesale market and becoming an international call terminator - 26 Profiling tools should be adapted to detect VoIP/call center bypass scheme Monitoring and Control should be applied on VoIP interconnection SMS A2P monetization Orange Restricted Thank you 27 Orange Restricted 8 décembre 2015
