SMS SPECIAL REPORT: Confronting SMS fraud

26 August 2015 | Guy Matthews


As the industry struggles to combat grey routes, fraud prevention is becoming an increasing necessity. Guy Matthews investigates the new solutions and services helping operators prevent SMS fraud.

The secret of SMS’s success lies in its accessible simplicity. Neither elegant nor trendy, it delivers the goods without frills, whether as a person-to-person (P2P) exchange between friends, or as an application-to-person (A2P) alert from an organisation to a customer. 

This unpretentious universality is also what endears it to fraudsters, piling pressure on carriers and service providers to stem the tide of unwanted and frequently illegal SMS traffic that piggybacks the ecosystem and irritates paying customers.

SMS fraud comes in a number of guises. Mobile users can be unwittingly prompted to call premium rate numbers, or click on links that lead them to malware-drenched websites.  Malware can also be hidden in innocuous-looking apps which, when downloaded, allow the criminal to take control of the device and intercept and send text messages. The victim may not be aware of a problem until they get their next phone bill.  

“A classic kind of fraud is SMS ‘faking’, where the fraudster hacks into the SMS system of the operator and sends messages, usually with an intent to do damage,” says Robert Wiesheu, director of quality of service initiatives with BSS software vendor CSG International. “And there’s spoofing where you simulate a device and someone is charged for usage they didn’t make.”

Not all annoyances are strictly illegal, he points out: “Spam can hurt an operator,” he says. “The subscriber will be annoyed to get dozens of messages from the same restaurant – but is that fraud? And there’s SMS flooding, where a content provider ‘floods’ an SMS centre with numerous messages.”

While activity of this sort of can impact on mobile users and their bank balances, it is a huge problem too for mobile service providers, losing them money as well as goodwill. “While most network providers have tools to try and prevent this kind of fraud, the criminals are getting increasingly sophisticated and know how to get around spam filters and the like.  On top of this, is the sheer amount of data that these tools need to see, with around 20 billion SMS sent every day – which is on top of the rest of the traffic network providers are already grappling with,” says Andy Huckridge, director of service provider solutions with network analytics vendor Gigamon. 

Tackling grey routes

The biggest of all SMS headaches are so-called grey routes, a major drain on operator profitability and a problem that many now feel driven to confront. A grey route starts as a way found into the MNO ecosystem by a third party, perhaps a canny aggregator or a business wanting to use A2P messaging to reach potential customers. Once a way in is established, the perpetrator can leverage a mobile operator’s network to reach subscribers without paying a termination fee. Grey routes have become bigger and bigger business as A2P takes off. Predicted by Juniper Research to be worth $60 billion by 2018, the A2P messaging industry has become a lucrative Wild West for grey routers, taking advantage of the openness of networks.

Closing the loophole and finding a way to shut their networks off to anyone other than paying customers has become a major operator quest. Norwegian carrier Telenor is one of the pioneers here, claiming to have saved over $80m in turnover since introducing an SMS revenue assurance platform in 2007. 

“In our talks with operators, we find that somewhere between five and 15% of SMS revenue is affected by things like grey routes,” says Wieshue of CSG. “If they can plug that hole they can improve revenues – significantly. Firewalls can filter out unwanted traffic. But of course fraudsters are getting creative. You can never really prevent fraud entirely, but you can reduce it.”

An aggregator, he says, can be friend or foe, potentially playing a positive role as middle man: “There are some who work with operators, and there are some black sheep too of course,” he adds. “You can differentiate yourself from other aggregators by taking it seriously, even in cases where you are not the loser from the grey route activity.”

The industry could definitely be working a lot harder to prevent SMS fraud, argues Paul Gardner, operations director with Esendex, a provider of services to carriers in the A2P business messaging market: “Most aggregators or resellers of SMS services push the responsibility around the prevention of SMS fraud onto the carriers and MNOs,” he believes. “When putting in measures to prevent SMS fraud, the MNO faces the additional issue of seeing their handset sales teams ‘giving away’ unlimited SMS bundles while their wholesale teams are trying hard to shut down SMS abuse via SIM farms.”

Gardner says filtering services are now commonly offered by security solution specialists, and are becoming increasingly popular with carriers and MNOs: “Ultimately, operators are exploring fraud prevention services to cut down on lost revenues. For example, both carriers and MNOs are developing interesting solutions around location checks to improve security, particularly around financial transactions where alerts are issued when transactions are taking place from an ‘unusual’ location.”

Commitment to the cause 

One major name in the aggregator sector has made a firm commitment to clean up the grey problem. The Dialogue Group has made it a mission to hand MNOs full network control and monetise all the A2P traffic they are handling. Dialogue CEO Perry Offer wants operators to begin by confronting the issue of just how much grey traffic is using their services. He offers them tools like SMART Sentinel, an A2P SMS market analysis tool, which gives them a 360 degree view of their network giving them visibility of all unauthorised A2P SMS traffic entering it. He is also pressing for an ethical code of conduct to change mindsets on what he feels is an often ignored issue.

“You could call the market disorderly, for various reasons,” says Offer. “You could say there’s often been a lack of thought from operators, and that aggregators have taken advantage of that lack of thought. But we can create an orderly industry – and make a lot of money from that for everybody. We can do that, and keep the customer happy at the same time. That’s what I see as they way forward. But to do that the whole ecosystem needs to come off the fence.”

Offer would dearly love the whole aggregator community to chime in with a new anti-grey mood: “Do they currently share my views? I’d say in the main, no,” he fears. “It’s like any industry really, where 10% are leaders, 80% are just jogging along with everyone else, and the other 10% go about it their own way. We’re having conversations with operators about this. We’ve talked to one in the Far East and we’re pulling together a solution for them. We talking to another in Bangladesh.” 

Offer is encouraged that the GSMA is starting to make noise about grey traffic, but he accepts that they may be conflicted: “It’s hard when one group of your members is doing something that takes business away from another group of members. How do you take sides?”

Slow but sure progress 

The industry has made progress, but there is still work to be done to create a mechanism to allow viable ‘good standing’ traffic on a network and filter out unwanted messaging, argues John Wick, senior vice president and general manager, Mobile Transaction Services with Syniverse: “It’s critical for legitimate aggregators like Syniverse to work closely with local regulatory, MNO and messaging associations to ensure the highest quality and legitimate network routes to benefit enterprises, operators and their customers,” he says.

The wholesale carrier community has its own fraud medicine to protect MNO customers and safeguard their revenues. Bart Vandekerckhove, head of mobile messaging at BICS, says the carrier has been particularly active in helping operators protect A2P revenue with its SMS firewall solution: “It’s a cloud platform that lets MNOs filter and block ‘bypass’ SMS messages, or grey routes. We see the operator gets a termination fee, and we offer them consulting too to see that they are helped to eliminate grey routes. You block one of course and another pops up.”

BICS’s intercontinental span gives it a true global perspective on the fraud issue: “In Africa we’ve helped one operator to increase revenues by around half a million Euro a year on the basis of their 10 million subscribers,” says Vandekerckhove. “We’re doing similar things in Asia. In emerging markets A2P is often a very high proportion of SMS traffic, because that’s the way banks interact with customers. Doctors use it too.”

Helping to tackle the wider problem of fraud is the new BICS FraudGuard platform. Using a crowdsourcing model, FraudGuard is set up to identify around 100 new threats per day from international partner networks. It amounts, says Vandekerskhove, to a cost-effective solution that lets operators share intelligence information in real-time. 

With its new Vodafone Messaging Hub, Vodafone Carrier Services is also endeavouring to protect operators, says Andrew McGrath, SVP commercial with the carrier: “The hub on the one hand is about control and reporting, but it’s also a firewall too hand in hand with that,” he explains. “It prevents messages that are not from legitimate routes. Anything illegal is blocked, and legitimate routes checked. We have algorithms that identify all this. A large number of messages from one source will be checked for spam, and spoofing too.”

The worst region for spam, says McGrath, is Asia: “It’s becoming unacceptable from a customer point of view and we want to protect consumers and enterprises from this. Balance is needed, and we’re experts in that.”

Deutsche Telekom’s International Carrier Sales & Solutions (ICSS) is another anti-fraud market leader, having launched a new service designed to prevent SMS fraud, spams, spoofs, fakes, floods and ghost messaging. The service, called SMS+, provides operators worldwide with protection against wrongful use of their assets.

Vendors too are playing a part, such as Telarix with its fraud management solution delivering enhanced protection for network carriers and OTT providers. The Telarix Fraud Defense suite focuses on early detection and fast follow-up action, says Shoma Chakravarty, senior vice president of technology with vendor Telarix: “We’ve built a capacity for analytics which allows us to see patterns and assess the likelihood of fraud. We can see what looks like unexpected behaviour,” she adds. “The next thing is the action part. We can block where there is a source of lots of fraudulent activity. We do this not on our own but with an ecosystem of partners who have particular fraud detection and management solutions. We have a broad range of customers across geographies. You get different patterns of fraud in different parts of the world – but it’s never static.”

There are, as Chakravarty points out, always new patterns emerging that make continual monitoring a necessity. Grey routes may be manageable and illegal activity can be minimised, but it seems inevitable that some level of revenue loss through SMS networks is going to be a fact of life for a number of years yet.