Real-time Fraud Prevention

Driving Functionality

Interconnect fraud can be extremely dynamic and difficult to control using standard procedures agreed between interconnected operators. The hexRT Real-time Fraud Prevention Module was designed to eliminate or significantly reduce that gap. Broad functionality allows operators to actively block or deteriorate fraudulent traffic. And it creates additional pressure on carriers to use primarily partners offering legitimate routing termination.

Active Screening

Hexagon’s Real-time Fraud Prevention Module uses a real-time interface to actively screen and manage fraudulent calls.

During the call setup phase the module monitors available call parameters for either VoIP (using SIP) or TDM (using INAP or CAP) sessions before the call is set-up. In the case a pattern previously flagged as fraudulent is detected the system provides the following options:

  • call termination;
  • call re-routing to a specific route branch or product (typically to a lower quality carrier group);
  • call degradation.

Verification and Numeration Check

Users can define filter in online fraud module enabling differential handling of calls corresponding to detected scenario.

Upon receiving a service request the system verifies the following scenarios:

1. Pattern matching for black/whitelist rules

Verification of a combination of patterns in A and B numbers using a normal expression, including:

  • fixed numbers
  • prefixes or parts of numbers
  • number length
  • matching of prefix between A and B numbers
  • patterns for certain locations within the calling or called number


2. Numeration check

The system can track numeration for selected carriers and decline the call when the numeration is not of the expected type.

Numeration is checked as:

  • an indication received in a service request (national, international); or
  • by matching a number with information on reported own numeration or regulatory assigned numeration (FAS).

Own numeration is processed according to information contained in origination price lists, and regulatory numeration is processed as additional information. An FAS numeration check indicates whether the numeration belongs to a specific carrier and whether it lies outside any defined FAS ranges.


3. Follow-up on confirmed problematic scenarios

The hexFraud (offline interconnect fraud module) module processes all call information and identifies potential fraud cases for different specified scenarios. The system includes a scenario editor; the most typically configured scenarios include:

  • multiple simultaneous calls from single A-number;
  • external loop with one external operator originating the same call that was terminated to the other;
  • disproportional rate of short calls;
  • rapid variation in traffic volumes to/from carrier to any destination.

 Users can define filters that handle any calls corresponding to the detected problem scenario.