Communication services, such as Skype®, that use Voice over Internet Protocol (VoIP) technology are capable of making calls from Internet-connected devices, such as computers and smartphones, to phone numbers within the public switched telephone network (PSTN). Such capabilities, however, also provide an opportunity for unscrupulous users to engage in fraud. Because users can sign up for calling services with minimal documentation, they can use the ready availability of calling services to engage in fraudulent schemes that incur significant costs to the users and operators of call services.
A VoIP service provider, such as Skype® for Business voice, can be exposed to fraudulent and abusive uses of its calling functionality, which can significantly reduce profitability. The fees paid by VoIP users must be sufficient to offset the fees paid by the VoIP provider and leave the VoIP provider with a profit. Whenever a customer makes a call to a PSTN phone number using a VoIP service, the customer incurs two types of costs: a so-called “termination cost,” which is a one-time fee for connecting the call; and an ongoing per-minute cost while the call is active. The termination cost to a foreign destination number may be far greater than the termination cost for a domestic destination number. For flat-rate, minute-capped plans, a service provider typically bears these costs and charges a sufficiently high service fee to make a profit after the costs are deducted. For pay-per-minute plans, a so-called “tenant” (i.e., an organization having a unified billing account for multiple users) typically bears these costs and pays an additional fee to the service provider. Fraudulent and abusive uses of VoIP services are costly for their providers and legitimate users, as the costs incurred by a VoIP connection are usually non-refundable, even if the connection is later discovered to have been made for an improper purpose. It will be further appreciated that when toll free numbers are provided, fraudulent or abusive use can also apply to incoming calls. The systems described herein are equally applicable to screen incoming VoIP calls.
Where VoIP services are offered to a user on a fixed-fee plan, the VoIP provider makes a profit only if the fixed fee received from the user exceeds the total costs of operating that user's VoIP connections during the corresponding fixed-fee period. Fraud on a fixed-fee plan is highly damaging, as the fraudulent VoIP connections incur fees that quickly consume the VoIP provider's profit margin. Alternatively, a VoIP service may be offered to a user on a per-minute basis. In a per-minute plan, to user pays a fee to the VoIP provider for each minute that a VoIP connection is open. The per-minute fee paid by the user to VoIP provider is higher than the per-minute fee paid by the VoIP provider, to allow the VoIP provider to realize a profit. Fraud on a per-minute plan creates unauthorized per-minute fees that are charged to the user, which tends to damage the VoIP provider's customer relationship with the user. The user typically demands the unauthorized fees be refunded, which the VoIP provider often must do to ensure customer satisfaction. As a result, the VoIP provider is left to bear the burden of both the fees payable against the third parties as well as the fees improperly incurred against the user.
One way by which fraud may be carried out is through a so-called “minute-pumping” scheme. In a minute-pumping scheme, a bad actor first establishes a revenue-sharing phone number, such as a United States phone number in the 900 area code. When a revenue-sharing phone number is dialed, a fraction of the fees incurred during the call are shared with the party that registered the number (e.g., the bad actor in a minute pumping scheme). The stolen credit-card information or other improper means may be used by a bad actor to sign up for one or more accounts on a calling service, such as Skype®. For example, the stolen credit card information is used to sign up for one or more tenancies in the Office 365® service and to obtain one of the Business Voice licenses assigned to one or more users (per tenancy). The revenue sharing phone number is then registered with a particular PSTN provider. For the termination cost and per-minute cost, the bad actor will receive a portion of the profits. Each of those accounts is used to repeatedly make calls to the revenue-sharing number, thereby accruing calling fees. Each fraudulent call serves no purpose aside from maintaining an open call connection to incur fees; the content of the call may well be silence. The VoIP provider is left to deal with the costs incurred by the connection as well as any fees that would ordinarily be collected from a legitimate user. For example, when the bad actor uses the multiple user accounts/tenancies to make as many calls as they can to that number, the VoIP service provider ultimately has to pay both the costs to the revenue sharing PSTN provider, as well as the chargeback to the credit card company to cover the fraudulent charges used to purchase the account services. For a single tenancy of twenty (20) seats/user, improper calls can easily cost the PSTN service provider anywhere from ˜$20,000 to over $1 million (depending on whether they are using domestic or international destinations).
Alternatively, an individual may engage in abusive use of an otherwise authorized VoIP user account. Abusive use differs from minute-pumping in that the call connection involved enables actual communication even though the charges incurred are not authorized. An employee of a large company, for example, may be authorized to make international calls through the company's calling-service account as part of his or her work responsibilities. The large company has a tenancy that includes a “wallet” (i.e., balance of money) for international calls. The employee, however, may improperly use those calling privileges to make phone calls every day to friends and relatives in a distant country (e.g., a high termination cost international location), and in this manner the employee abuses the account, thereby incurring significant calling charges to the company's account. This scenario could be in combination with the previous scenario if the user's account has been taken over by a bad actor or other unauthorized entity. The tenant then quickly runs out of wallet money, and either has all of their international calls denied or the wallet is auto-refreshed with funds from a payment instrument. The company and the VoIP provider are then left to foot the bill for the calls, with the Tenant Admin/Company angry that the PSTN service provider did not inform them that a single user was consuming a significant amount of their balance.
VoIP fraud may be especially disruptive for organizations on per-minute VoIP plans. VoIP services, such as Skype® for Business, may offer organizational billing accounts (e.g., “wallets”), which are pre-funded by the organization. When fraudulent or unauthorized VoIP connections are made through the organization's VoIP accounts, those connections may completely deplete the funds in the account, at which point VoIP calling would be disabled on an organization-wide basis. The organization is likely to lose significant time, money and potential business before normal VoIP calling is restored. Alternatively, if the “wallet” feature may have an “auto-refill” automatic payment feature, fraudulent VoIP connections may incur costs indefinitely, until the tenant or VoIP service provider notices the fraud.
Different types of systems and methods have been proposed for detecting and preventing PSTN fraud and abuse. However, such systems and methods have their limitations and can always be improved.
Accordingly, there is a need for a system and method for detecting and preventing PSTN fraud and abuse in real time. There is a further need for a system and method for detecting and preventing PSTN fraud and abuse that does not rely solely on fixed rules to determine whether a VoIP connection is likely to be fraudulent. There is an additional need for a system and method for detecting and preventing PSTN fraud and abuse that screens VoIP call connections to detect potential fraud. There is yet a further need for a system and method for detecting and preventing PSTN fraud and abuse that employs machine-learning to continually adapt to the changing patterns of users while detecting and preventing PSTN fraud and abuse. There is a still further need for a system and method for detecting and preventing PSTN fraud and abuse that terminates existing call connections in close temporal proximity to PSTN fraud and abuse being detected.