Bypass fraud, also known as toll bypass fraud or international bypass fraud, poses a significant threat to telecom operators. This sophisticated fraud scheme exploits devices known as Bypasses or GSM gateways to reroute international calls from VoIP networks to mobile networks, causing significant losses for legitimate market players. Combatting Bypass fraud has become a top priority for telecom operators to protect their networks and revenues. In this article, we explore the specifics of interconnect bypass fraud and examine key strategies for preventing, detecting, protecting, and mitigating this form of telecom fraud.
Interconnect bypass fraud is a type of telecommunications fraud that involves manipulating traffic routes to profit from the difference between low and high termination rates. It exploits the interconnection agreements between operators in a call chain, where each carrier charges the previous one for passing traffic through their network. Corrupt carriers manipulate traffic routes to bypass these agreements and profit from termination rate discrepancies.
In a typical interconnect bypass fraud scheme, a corrupt carrier diverts incoming traffic, often using a Bypass, another dishonest operator (refilling fraud), or other low-rate methods like rerouting traffic to an OTT app (OTT Bypass Fraud).
The carrier then collects a high-rate fee for incoming traffic and pays a low-rate fee to the next carrier in the chain, increasing its profit margin. This type of fraud can be challenging to detect with traditional anti-fraud systems, resulting in significant revenue losses for terminating carriers every year.
Interconnect bypass fraud takes various forms, including but not limited to Bypass fraud, refilling fraud, and OTT bypass, all of which are explained in detail below.
Bypass fraud, or GSM gateway fraud, is a type of telecommunications fraud that involves the illegal connection of international calls via low-cost, prepaid SIM cards. These SIM cards are installed in a device known as a “GSM gateway" or “Bypass,” hence the name “Bypass fraud” or “Bypassing.” Fraudsters use this device to route international calls to the targeted network, making them appear as local calls originating from their own customers. The fraudsters profit from the difference between the international termination rate charged to the upstream carrier and the minimal cost of local calls, which can approach zero, depending on the retail plan associated with the SIMs.
A Bypass is a device containing multiple SIM cards, which are used to terminate calls on mobile networks as if they were initiated from the same mobile network. The Bypass operates continuously, allowing fraudsters to make thousands of calls simultaneously, making it a highly profitable illegal activity.
Traditional fraud management systems can help minimize Bypass fraud, but they are not foolproof and cannot completely eliminate fraud with 100% accuracy. This is a significant problem for telecom operators, since Bypass fraud can result in annual losses totaling billions of dollars. For example, in 2020, AT&T reported a potential fraud loss of $3.1 billion, while interconnect bypass alone cost telcos worldwide $2.71 billion in losses in 2019.
To combat Bypass fraud, operators often employ Fraud Management Systems (FMS) that use various methods to detect fraudulent activity. These methods include customer profiling, terminal analysis, usage monitoring, measurement of incoming vs. outgoing traffic ratios, investigating customer complaints of inaccurate caller IDs, test calls routed from fixed to GSM networks, and more. Once detected, operators can shut down fraudulent SIM cards.
To overcome the limitations of traditional fraud detection methods, telecom operators can use advanced approaches, including machine learning algorithms and big data analytics. These methods offer the capability to identify patterns of suspicious activity that may indicate Bypass fraud.
For example, machine learning algorithms can analyze call data records to identify potential call patterns, such as a high volume of calls originating from the same IP address or a disproportionate number of calls terminating in specific geographic locations. When such anomalies are detected, fraud management systems can flag these suspicious activities for further investigation and decision-making.
Similarly, big data analytics can leverage large volumes of data to uncover patterns and anomalies that may indicate fraudulent behavior. This analysis may include factors like time of day, day of the week, and type of call (e.g., international vs. domestic).
A typical example of Bypass fraud involves the diversion of international calls to appear as local calls with lower termination rates. Here is a real life example: A telecom service user makes an international call from United Kingdom (+44) to India (+91), and fraudsters use a Bypass device to make it appear as a local call with lower termination rates, as opposed to the expected international rate for calls from United Kingdom (+44). The caller remains unaware, but the fraudsters exploit the rate difference between international and local calls, resulting in financial losses for the terminating operators. In addition, the degraded call quality resulting from this fraudulent activity leads to customer dissatisfaction and lower future call answer rates.
Bypass fraud results in direct financial losses and broader consequences for the telecom industry. The low call quality associated with Bypass fraud leads to customer dissatisfaction and compromises the overall user experience. In addition, Bypass fraud strains local networks, potentially causing network overload and reduced quality of service for legitimate users. The deceptive nature of Bypass fraud, where international calls appear as local calls, undermines customer confidence and can facilitate information theft and privacy breaches.