Firewalls have succeeded in reducing ‘basic’ A2P abuses, says specialist provider Anam. Now, the industry needs to address more sophisticated threats. The best defence? A combination of machine learning and human expertise.

In one sense this is good news. It shows that firewalls have been pretty successful in blocking the most obvious sources of spam and fraud. They have certainly reduced the incidence of abuses based on faking.

MEF’s A2P Monetisation study, produced in association with Tata Communications and Anam, revealed the extent to which operators have embraced firewall technology. It showed that 46 per cent of MNOs have installed one – and more than half (55 per cent) of these did so in 2016 and 2017 alone.

Clive Steady, Sales Director at ANAM Technologies Ltd

Obviously, SMS firewalls represent a technological solution to channel abuse. They can scan a message to reveal its originator. They can then identify improperly charged grey routes and differentiate A2P from P2P SMS traffic.

According to the A2P Monetisation study, firewalls are doing a pretty good job. However it reported that MNOs still put spam and SIM farms at the top of their list of current threats (33 per cent and 20 per cent respectively).

“Easy to tackle fraud has been reduced,” says Clive Steady, director of sales at Anam. “Firewalls have largely dealt with international grey routes, for example. This shows that MNOs were right to take the step. Many were nervous about installing firewalls for understandable reasons. They worried about blocking off legitimate traffic. But the decision to deploy a firewall has proved right.”

Steady agrees with the MEF study’s conclusion that SIM boxes now represent the primary fraud threat and the biggest limitation of many legacy firewalls. The challenge for operators is to identify traffic coming from SIM farms – and then determine that this traffic is illegitimate.

The solution demands more nuanced traffic detection. This is not trivial. Put simply, firewalls can’t always determine whether SIM farm traffic is legitimate or not. For example, the traffic pattern emerging from genuine SIMs inside smart meters could, superficially, resemble the pattern issuing from a SIM farm broadcasting spam messages.

We can’t always depend on the actual message content because of data privacy concerns in some jurisdictions… so instead we have to look for other patterns that indicate whether the traffic has come from a legitimate source or from a fraudster. Machine learning and AI help us do this.”

Which is which? Here is where AI can help.

“We can’t always depend on the actual message content because of data privacy concerns in some jurisdictions,” says Steady. “So instead we have to look for other patterns and associations that indicate whether the traffic has come from a legitimate source or from a fraudster. Machine learning and AI help us do this. We can use them to draw reliable conclusions based on the activity.”

That said, the machines can’t act entirely alone. A human agent has to instruct them what to look for. MNOs know this. It’s why, when the MEF study asked what products or services will protect their messaging revenue, the answer in second place (behind firewalls) was managed services.

Steady adds: “More and more of our A2P analysts are working directly with operators. It’s an increasingly important element in the fight against a more sophisticated fraud threat.”

He concedes that battle will probably never be wholly won. Messaging is big business, and the rewards of fraud are too big for the criminals to walk away from.  

Steady says: “We can never eradicate all the SIM farms this way, but we can create a situation where spammers have to keep closing and re-opening SIM farms. The hope is that, in the end, it becomes too expensive for them and they are forced to give up.”