The Mitto You Know: Inside Our Telcom ServicesHere at Mitto we’ve made it pretty clear that our mission is quite literally in our name – “to send.” We make communications happen. What some might not know, however, […]
Here at Mitto we’ve made it pretty clear that our mission is quite literally in our name – “to send.” We make communications happen. What some might not know, however, is that our work isn’t limited to just helping businesses of all sizes connect with their users through omni-channel, real-time messaging. Nope! The reality is that we’re embedded in the entire A2P messaging ecosystem, from an end-user receiving a WhatsApp message from a brand all the way to ensuring revenue optimizations for mobile network operators (MNO) around the word. This includes offering firewall management services and end-to-end monitoring and analysis of A2P delivery.
To learn more about our efforts in this area we recently checked in with our Head of Carrier Relations, Luca Sacanna. Luca spends his days helping MNOs optimize their SMS business with tailor made solutions based on a complete understanding of their local market. Here, he answers a few questions — specifically around the impacts of fraud, and how to prevent it.
Q: Mobile operator threats are becoming increasingly sophisticated. Could you explain the basic market dynamics driving these?
Sure, we can consider these threats “sophisticated” in the large-scale architecture of them but essentially they are driven by a very basic commercial principle: the more you buy, the less you pay. Most of the MNOs worldwide are offering very attractive SMS bundles with many SMS (sometimes unlimited!) for a small fee. This of course would work with a common mobile subscriber, using this service with a fair usage policy. This means sending a reasonable amount of P2P SMS, many of which will be followed by a reply via SMS (netting off interconnection costs). National SMS interworkings are usually regulated and cheap… all together making the cost of these subscriptions coverable by the MNO.
The problem comes when these bundles are activated by voluntary “abusers” — P2P becomes A2P, traffic changes from to 2 to 1 direction; transited traffic should be charged international, while it becomes domestic. This can already represent a revenue loss if the abuse is related to on-net termination. If all this is used for off-net, the loss becomes a live cost.
In the past few years, some European MNOs also started to offer SMS bundles that were including SMS to other EU countries (not to be confused with roaming SMS, hence not regulated yet). You can imagine how quickly an abuse can damage the mobile operator.
Q: We all are seeing that there is an app for practically anything in our daily lives but now apps have entered the world of MNO fraud. What’s happening?
Don’t ask me to name some… but these providers have been more and more inventive. The idea again is simple: MNOs started identifying and blocking SIM cards used for A2P traffic exploiting the bundles we were talking about before. But what if instead of a dedicated bunch of SIM cards to send A2P only, we exploit the SMS bundle of a regular mobile user? We could squeeze A2P traffic among his P2P messages. This can be done just by installing a messaging app, and the mobile user will be paid a few cents for every A2P SMS re-originated out of his mobile phone, as a reward.
As you can imagine, this is also not compliant with fair usage policies, but it’s extremely hard for an MNO to detect. Therefore, these apps are spreading.
Q: How does Mitto approach disrupting and eliminating these newer types of fraud?
Many mobile operators are increasing their A2P termination rates to exploit this business as a new source of revenue. As you can imagine, the higher the rates are, the more lucrative it would be for fraudsters to use this technology against a particular network.
The master tool Mitto proposes is always the same: an SMS firewall . However, the way this technology is used has to be fine-tuned to cope with new challenges. It’s not just about checking GTs or sender ID anymore: the focus is much more on the content now. Content analysis is crucial to understand if an SMS could carry A2P information, even if it were manipulated i.e., removing brand names. But also, things like how many SMS a single SIM card is originating, to how many different numbers they are sent, the percentage of SMS containing just PIN codes coming from a GT range…
In other words, MNOs need to widely apply business intelligence tools on their firewall data, always supervised by human experts that can spot old and new fraud patterns. This is where we come in.