Email a colleague    

December 2016

A Real-Time Packet-Based Solution to Detect & Block any Hijacked OTT Call

A Real-Time Packet-Based Solution to Detect & Block any Hijacked OTT Call

When I authored TRI’s 2015 research study on telecom fraud management (FM) solutions, the OTT bypass problem was just warming up.

But here we are in late 2016 and FM vendors are still way behind.  Sure, a few vendors are helping telecoms assess the problem, but in terms of solid, repeatable applications or service solutions to block and detect OTT bypass I’ve heard nothing.

Until last week.  That’s when I got a splendid briefing from Andy Gent and Paul David of Revector.

Revector is the first FM firm to develop a real-time solution to both detect and block the OTT bypass at the packet level.  And as you’d expect, Revector is now engaged with major operators who are rolling out the solution.

Andy has been in the telecoms mobile business for a short 46 years.  He was a Director of Development at Cable and Wireless Mobile and involved in C&W’s mobile 50 operations around the globe.  Andy later become a country CEO for places like Pakistan, Kuwait, and pioneered personal handyphone in Hong Kong.

Andy then broke away in 2001 to developing solutions for SIM Box fraud, test call generation, CDR analysis, and location solutions.  Revector has delivered solutions to operators in more than 100 countries.  As the issue of OTT bypass grew, Revector worked on a detection method.

Paul is a seasoned telecoms player having had wholesale responsibility at C&W Caribbean, Mercury and Hong Kong Telecom with senior marketing and sales roles at COLT Telecom and Kingston Telecom more recently.  Paul built IP networks and application servers while at an internet start-up in Houston TX.  Paul has been working with Andy for two years.

This interview with Andy and Paul gives vital intel on the hijacking threat from VIBER and other OTTs, explaining how hijacking is masked and why it’s as serious a threat to roaming revenue as it is to international voice.  Andy and Paul also opened up Revector’s kimono a bit to shed light on the full ecosystem it’s developed to adapt as an OTT modifies its code and routing practices.

Dan Baker, Editor of Black Swan: Andy, you guys at Revector are pioneers in the fight against SIM box fraud.  And now the new OTT hijacking threat has emerged and you’re addressing that threat too.  What’s your big picture outlook on the bypass problem?

Andy Gent: Well, Dan, SIM box fraud is still very much alive.  In fact, in one country where we work, we saw 97% bypass with all calls coming in by SIM boxes.

In an African country, SIM Boxes have all but disappeared, then suddenly they started losing almost all their international revenue.  We brought in our OTT bypass solution to stop the bypass calls, and guess what?  The traffic generally came back to the authorized routes as our equipment blocked the calls... but of course, some of the SIM Boxes came back.

And you sent a survey out to operators to get more information on this OTT bypass threat.

Andy: Yes, we circulated a survey.  We knew the right people to send it to since Revector has worked with operators in over 100 countries in the past 10 years.

So we sent the survey out to about 1,000 senior managers, and we got back about 150 responses so far.

It appears the number losing traffic to OTT is very high.  In the last three months I’ve been to Myanmar, Pakistan, the Middle East, and Africa.  And everywhere I’ve tested, I’ve seen OTT bypass and that includes the UK too.

People haven’t figured out what to call this OTT bypass yet.  There are questions about whether it’s legal or fraud.  I like your term “OTT hijacking” because it covers the gamut.

Andy: Yes, what you call it very much depends.  If you’re in an advanced, deregulated market, OTT hijacking falls under the net neutrality scope so it’s legal.  But in a country like Sri Lanka, it’s clearly illegal because they passed a law saying, “No one can connect voice calls unless you’ve got a license and pay the government 14 cents a minute”, yet new OTT operators terminate calls and don’t pay the government any taxes.

In fact, Sri Lanka is a poster child of OTT bypass: they’ve lost a great deal of market share from OTT Bypass, yet it's illegal for a carrier to send its traffic via OTT to reduce payments to Government and the legitimate Operator.

When you take away a country’s ability to tax and manage its own communications infrastructure, you’re tampering with something delicate.

Andy: Much of the traffic being pushed to OTT is coming from fixed operators looking to earn a better profit on the routes with high termination.  If they can avoid paying international government taxes, they can drive more voice calls.

For example, if a wireline subscriber calls, say, an African country, it will cost the operator significantly more to do it legally than via an OTT Operator.  But then there is an infrastructure problem because now nobody is paying the destination operator to build a 4G or LTE radio network for OTT players to use.  So the OTT Operator is getting a free ride today, but who will build out the networks of tomorrow?

Obviously, the losers in that transaction are the government who earns no tax, and the operator who gets no terminating payment.

I understand even Roaming Revenues are at risk from OTT bypass?

Andy: It’s true.  The roaming revenue is very attractive to OTT.  One operator has lost 50% of their roaming revenue this year.  That traffic loss occurred in only two months of high roaming traffic in holidays — so the revenue disappeared practically overnight.  The loss happened during these holiday seasons when roaming revenue can make up half the operator’s inbound termination revenues.

Dan, I was the CEO of an operator in Pakistan in the late 90’s and we got lots of our revenue from roaming and international incoming calls.  And I know those same operators are losing this traffic.

In fact, I did some test calls when I visited Malta recently.  I had both a UK O2 phone and a Sri Lankan phone with me, so I made calls between them.  When I called in both directions, VIBER hijacked both calls so no roaming charges could be charged by O2 or the Sri Lankan operator.

We’ve seen this roaming bypass occur in a couple countries.  For instance, the Muslim community going on the Hajj to Mecca: the roaming revenue all but disappeared during Ramadan for many operators this year.

Exactly how is VIBER able to hide its hijacking?

Andy: Dan, net neutrality rules say a VIBER-to-VIBER call is fine and should not be stopped or re-routed.  That would be anti-competitive.

However, VIBER taking a traffic feed from a carrier and delivering traffic over their network is just not authorized in many markets.

We asked ourselves: “How can we create a solution that stops OTT hijacking, but leaves OTT-to-OTT calls alone?”

And so our customers can very clearly say to their regulator: “I’m following the net neutrality laws, but I’ve also stopped the bypass of government taxes and licensed operator termination charges.”

Paul, the OTT traffic is encrypted, so I imagine this was not an easy task.

Paul David: Yes, it was extremely hard to do.  And I give OTT players credit: they did a terrific job of masking the way they mix their traffic.  We developed an ecosystem to detect the pattern of the call and to maintain detection going forward even if the pattern changes.

On the technical side, how does your solution work?

Paul: Well, since we’re the first to market, we’re cautious about revealing too many details.  Suffice it to say we’re using leading telco-grade DPI switches to which we add Revector’s unique software.  From there the solution is able to parse the data traffic, quickly identify it as OTT bypass, and block illegal calls.

Andy: Now on a personal note, I’ve been developing test call generators to detect SIM box fraud for 15 years But Revector’s new OTT solution is far more capable of providing an accurate assessment for Mobile operators to understand the losses on their network due to OTT hijacking .  This is far more reliable that others using test calls which rely on sampling — not accurate enough to really build a picture of losses.

Our new solution looks at all the traffic: it tells you exactly how many calls are actually terminating on your network.  Then we convert that back into CDRs to measure how much money is being lost.

So what are you doing for operators in this area?

Paul: We got engaged 18 months ago by a major group operator.  Because of the work we’ve done for them over the past 15 years, they came to us and told us their frustrations.  We’ve since installed and proved out the solution in Africa, Middle East, and in Asia with clients.

Andy:...And also the UK.  We tested with an operator in the UK and can see the shape of the traffic and block it.  Typically we’ll go in and do a very thorough assessment of the problem first before we roll out the solution.

How aware are mobile operators of the threat they face from OTT bypass?

Andy: To be honest, Dan, I just got back from the GSMA Fraud Forum meeting where my sense was that many operators are too busy with their heads down managing the retail side of their business.  They are not paying enough attention to the significant dangers they face here.

A couple weeks ago I walked into an Asian operator who told us, “We’re experiencing 97% SIM box bypass.”

Now as I walked into the conference room, I notice an advertisement on the wall that talked about their partnership with VIBER.  So I asked, “Why did you decide to partner with VIBER?”

And I heard back, “Well, we’re not quite sure how that partnership will affect us, but somebody in marketing felt it would be a good idea to put VIBER on all our handsets.”

Can you just imagine what the VIBER salespeople are telling their fixed operator clients: “”Every single handset in that Asian country is coming through us.“

Paul: We saw a similar situation in Eastern Europe where an operator came up with the “brilliant” idea of having an OTT pay them say 35 cents to put its app on every one of their handsets.

Well, today that mobile operator has the biggest bypass problem in all of Europe.

Congratulations on your splendid OTT Bypass solution.  And thank you for briefing Black Swan readers.  To close, I’m curious what you see on the horizon with this OTT hijacking threat?

Andy: Well, Dan, we talked about VIBER because that’s the threat at the moment, but really the same sort of issue must be tackled across all the OTT players — WhatsApp, Facetime, WeChat, and others.  As applications and messaging converge, there are going to be more and more of these issues and Revector has built a future-proofed capability to help operators deal with the issue for the long haul.

Indeed, if more players take on VIBER’s business model and two or three of them succeed, then the voice market disappears and the mobile business model goes out the window.

We know how the SIM box fraudsters make their money — and it’s on a strict profit basis.  But VIBER and OTT hijackers could wipe those guys out completely.

Anywhere that operators share revenue, the threat exists — even within the local market.  Now in the UK right now, operators don’t share network — it’s all the bill and keep model and there is no national roaming, so there’s no money to made there right now.  In other countries, however, that’s not the case.

Technically, VIBER can hijack any voice call, but they are limited by network congestion and operators are just not going to build out additional networks for OTT players to get a free ride.

That said, from a VIBER point of view, pumping millions of calls through their network doesn’t make sense unless the arbitrage gap provides a decent profit margin.  The battle continues...

Copyright 2016 Black Swan Telecom Journal

Andy Gent

Andy Gent

Andy Gent is CEO of Revector, a leading company in the detection of GSM and OTT fraud worldwide.

Andy founded and developed Revector services and solutions and to date has worked with Governments and Mobile Operators in more than 100 countries.

One of the world’s leading experts on Interconnect fraud, Revector was awarded two Queen’s Awards for Enterprise in Innovation and International Trade in 2012.

Andy formed Revector after an extensive international career across telecom, software, mobile and Internet businesses in roles including Chief Executive of Paktel, Pakistan’s largest Mobile operator, ECET International, a Cisco-backed software application house and QuailtyNet, Kuwait’s leading internet service provider.

In 1995, as early mobile, video and internet technologies were merging, he formed the Hong Kong based joint venture PHS International between NTT, Itouchu, Hong Kong Telecom and Cable & Wireless to promote these Japanese technologies worldwide which are now common place in today’s 3G networks

Prior to this he was Director of Development for Cable & Wireless Mobile, responsible for consultancy, new licence bids and support to mobile operations supporting all technologies in more than 30 countries, including One-2-One, Hong Kong CSL, Optus, MTN, M1, and Bouygue.

After starting as an apprentice at BT, his career moved from design and development at Hasler (Switzerland) into marketing roles at Dacom, General Datacom and Mercury.

Achievements in this long career include designing the first IBM PC clone, invention of the telex modem and patents in automobile electronics.

Andy has a B.Sc. and a M.Sc in digital communications and electronics from Loughborough University.   Contact Andy via

Paul David

Paul David

Paul David is the Chief Commercial Officer at Revector.  He has more than 20 years’ experience across the IT and Telecoms industry in Europe, Asia and the USA.  Paul started his career in 1981 in Cable & Wireless specialising in pricing and international accounting rate settlements.

Throughout his career, Paul has held wholesale responsibility at C&W Caribbean, Mercury and Hong Kong Telecom and has had a number of senior marketing and sales roles at the likes of COLT Telecom and Kingston Telecom.  Paul also built IP networks and application servers whilst at an internet start-up in Houston TX.

Paul joined COLT as Director Datacentre Solutions with a remit to turn-around the UK Data Centre business.  Paul was then promoted to Group Marketing Director for COLT Europe on the COLT PLC Board.  His activity culminated in £110M of new revenues growth to COLT in one year.

Paul has been working at Revector for two years as Chief Commercial Officer (CCO).   Contact Paul via

Black Swan Solution Guides & Papers

Recent Stories