StarTrinity.com

VoIP software

VoIP community

VoIP marketplace


logged in as
log out

GSM Termination and VoIP wholesale business with StarTrinity Softswitch

The guide is dynamically updated with new content. Last modification time: 2018-06-26 SIM blocking
Operations with SIM cards
Major reasons for SIM blocking
Techniques against SIM blocking
Researching SIM blocking
Finding clients. Marketing. Promoting NCLI VoIP routes
Configuring StarTrinity Softswitch for GSM termination
VoIP wholesale: Finding direct NCLI VoIP routes
Configuring StarTrinity Softswitch for whitelist filtering with MSSQL database
If the tutorial is not clear, please send specific questions to skype asv128


To run successful GSM termination business you need
  • GSM gateway in destination country - GoIP, DINSTAR, Skyline, IQSIM, other SIP-compliant gateway
  • SIM cards
  • Internet connection for the GSM gateway
  • Connections with reliable clients who send VoIP traffic
  • Time, energy and skills to research SIM blocking (see below)
  • Understanding of international VoIP market

SIM blocking

The main problem of GSM termination business is SIM blocking (barring). Every newbie terminator gets his SIM cards blocked very soon. Mobile telecom operators have partnership with anti-fraud companies (Amdocs (cvydya), ARRAXXE, BICS, CSG, FRAUDBUSTER, LATRO, Mobius, Revector, SIGOS, XINTEC, ZIRA) to block SIM cards and save operator's own profit on international VoIP termination market. The VoIP termination generates much of money, and it has attracted too many people with low technical and business skills. Most people here don't understand what they do, and they are not successful in providing stable GSM (NCLI, grey) international VoIP routes. There are also many people who were successful in the past, generated millions of dollars, but now all their SIM cards got blocked and VoIP termination business stopped. Moreover, there are too many VoIP wholesalers (transit operators, carriers), scammers, FAS terminators.

Operations with SIM cards for GSM termination

A successful VoIP GSM terminator should clearly understand and optimize the following operations. Every operation could be a reason to have the SIM card blocked, if it looks suspicious to the mobile operator.
  • SIM card delivery by a vendor. Contract signing using a passport ID. Inserting into SIM bank / gateway / USB dongle / mobile phone, with a specific IMEI. SIM card activation within a BTS (tower, cell) with a USSD at a specific time. Activation of multiple SIM cards with serial ICCID numbers at random times in various locations.
  • Optional things to simulate human behaviour: moving card between locations, send SMS, send USSD, make some calls between SIM cards or to some numbers. Put SIM cards offline for some time. Abnormal activity on a SIM card is tracked by mobile operator using CDR analysis software
  • Passing test calls from client during initial interconnection test. The test calls can block SIM cards if the operator's anti-fraud company knows the dialed test numbers
  • Passing traffic from client to SIM card. The traffic is usually blended with test calls which block the SIM card. Only few VoIP retail providers are able to send really clean traffic, as most of them don't care about the test calls. The situation gradually changes as people start to understand the market. Some VoIP wholesalers terminate the generated test calls to IVR. Advanced VoIP wholesalers filter the test calls on their side, block clients who send test calls and send only clean traffic to GSM termination providers, in this way making extra profit. Many clients claim that they have clean traffic, without test calls. In fact, every VoIP retailer who accepts calls from user's SIP phones passes test calls from anti-fraud companies. The anti-fraud companies send generated traffic via VoIP retailers using calling cards, via big tier-1 operators and via wholesalers.
  • Recharging (top-up)
    • USSD recharge codes
    • Top-up web sites, web services
    • Reseller accounts, master SIM cards

Major reasons for SIM blocking

  • Suspicious activation of SIM card
  • Suspicious activity on SIM card, detected by CDR analysis software: too many calls, suspicious ACD/ASR, suspicious ratio between outgoing and incoming calls, etc.
  • Test (trace/spam/robot/junk) calls passed via SIM card
    • Test calls mixed with real voice calls
    • Test calls made during interconnection setup via well-known test call services
  • IMSI catchers: BTS proxy devices used by mobile operator's anti-fraud companies to detect location of GSM gateways. In rare cases mobile operators are able to inspect GSM protocol directly on their own base stations

Techniques against SIM blocking

Successful GSM terminator understands reasons why SIM cards are blocked and configures softswitch, gateway, SIM bank, optimizes all operations with SIM cards to maximize SIM card lifetime before it gets blocked. There is no universal solution against SIM blocking ("anti SIM blocking solution") for all countries and operators, but there are various techniques to protect SIM cards.
  • Techniques against CDR-analysis-based blocking: human behaviour simulation. Correct configuration of GSM gateways, SIM banks, SIM management software, softswitches. Correct distribution of calls between SIM cards based on previously dialed numbers and caller IDs. Movable GSM gateways.
  • Techniques against test-call-based blocking
    • Test call filters
      • White lists - passing calls only to list of numbers. The white list is generated from live traffic CDRs (calls history). The CDR is analysed (filtered, profiled, processed); typical CDR filter is selecting calls with billed duration greater than N seconds. The white list is built based on called numbers (CLD) and/or caller IDs (CLI/ANI numbers). The whitelisting method is most common and well-known by anti-fraud companies. The anti-fraud companies build white lists both from white CLI VoIP traffic and from mobile operator's CDRs and use the build white lists to send test calls; so white list can become poisoned. Advanced GSM terminators dynamically update both white lists and blacklists. The white lists based on caller ID with clients where caller ID really identifies caller (no fake CLI's) are more effective than white lists based on called numbers. The most effective whitelisting method is to filter by combination of both caller ID and called ID (both A and B numbers), but that needs processing of huge CDR volumes (for many years) to acheve good ACD. It is possible to query large CDR data tables on the fly, when the call is processed. Modern database servers allow indexing for fast queries and it is not a problem for people who can integrate softswitch with database server (our StarTrinity softswitch can request databases via ODBC using "requestdb" CallXML element, also it can send web API request to third-party service to filter VoIP traffic).
      • Per-SIM whitelists: binding list of numbers (both caller side and called side) to SIM card
      • Black lists: lists of restricted numbers. The black lists make sense if anti-fraud companies continuously send test calls to same numbers.
      • Dynamic black lists
      • IVR-based filters: caller side is asked to press DTMF digit before passing call to SIM card. See example CallXML script for StarTrinity softswitch. The IVR-based filters are usually combined with white lists and black lists. The whitelists should be built with caution, if you are 100% sure that test calls will not pass your white list
      • Voice-based (RTP) filter: the filter analyses early media sound coming from caller side and passes call to SIM card only if voice level is above some threshold. The RTP filters don't work now because most anti-fraud companies send test calls with non-silent media
      • HLR lookups
      • Messenger lookups: whatsapp, viber, telegram
    • Passing part of traffic to a different NCLI route (e.g. test calls made during interconnection setup)
    • Selecting better source(s) of VoIP traffic (compare and choose better clients). Most clients claim that they have clean retail VoIP traffic. In fact most VoIP retail providers are not aware of test calls and they don't filter retail client accounts and test calls.
      • Comparison between 2 clients. Using dedicated SIM cards for every single originator
      • Comparison with own generated VoIP traffic
  • Techniques against IMSI-catcher-based blocking: correct configuration of GSM gateways, custom GSM gateway firmware, bluetooth gateways, USB dongles. 4G LTE GSM VoIP gateways. Note that in case of bluetooth gateways + real phones and USB dongles it is hard/impossible to change IMEI, if it gets blacklisted by fraud manager software.

Researching SIM blocking

In most cases GSM terminators are not skilled enough to run the research and to optimize the process. People who are successful in GSM termination keep their techniques in secret, use proprietary customized software, keep themselves anonymous and distribute fake information about VoIP termination business. Generic way to research SIM blocking is to make experiment with variable parameter(s) (e.g. location, parameter of filter) and statistically process SIM lifetime results. Most GSM terminators don't have any software to statistically process data and optimize their settings and they have no idea about the statistical machine learning algorithms (neural networks, boosting, SVMs, decision trees). Simpler way is to compare SIM life times for parameter set A and parameter set B. Here is a sample list of things to run the research:
  • Write down and send to us all info about manipulation with the SIM cards for analysis (e.g location, activation, deactivation, recharging/top-up, etc)
  • Collect your own CDRs or your trusted parter's CDRs, analyse them with our CDR analysis tool
  • Test with manually generated traffic
  • Test with automatically generated traffic
  • Test with cleanest traffic
    • Try various sources of traffic
    • Ask us for clean traffic, we will ask our wholesale partners
  • Give us access to the softswitch to analyse the test results for some payment
  • Ask us to optimize the configuration of the softswitch for some payment to protect the SIM cards based on your research. Perform the testing and re-configuration multiple times
As we see now in 2018, most people are not smart enough to research SIM blocking themselves, and they need advice or partnership with more experienced people. Our VoIP marketplace has a list of trusted traders who work in VoIP GSM termination business for a long time.

Finding clients. Marketing. Promoting NCLI VoIP routes

Effective marketing is possible if you understand needs of buyers and sellers in the international VoIP market. What client needs from VoIP provider:
  • Low price. Post-paid contracts. Long billing period. Acceptable payment methods
  • Good quality
    • 24/7 stability of the VoIP route. High uptime. Downtimes could be caused by loss of internet connection, hardware or software failure, mass SIM card blocking. A downtime always leads to loss of terminator's reputation and position in originator's routing table. Modern softswitches automatically detect downtimes and stop sending traffic to the unavailable route. To avoid downtimes terminators can use backup routes where they send traffic in case of temporarily failure
    • High ASR (percent of connected calls). The filters always reduce ASR. The ASR also depends on caller side, in case of cancelled calls (CC, missed calls traffic)
    • High ACD (average call duration). The ACD depends on audio quality (MOS score, round trip time): if audio quality is bad, caller drops the call and redials. The ACD also depends on type of traffic sent by client: robot calls, dialer calls ususally have very low duration. ACD analysis and troubleshooting implies listening to call recordings.
    • Low PDD (post-dial delay): time between start of call and actual ring at destination phone
    When ASR or ACD indicator goes down, it does not always mean a problem. The indicators alone don't provide you full picture of what is happening with VoIP traffic. Solving VoIP quality issues is not easy. It requires deep understanding of VoIP protocols. We have a public free e-book about VoIP troubleshooting - theory and practice.
  • No scam. Here are most popular types of scam done by VoIP providers:
    • Overselling of capacity (selling same number of ports to multiple clients)
    • FAS (false answer supervision): connecting calls with robot IVR (audio machine, audio platform). Over-billing (hang calls).
    • CLI (caller ID) delivery scam: sending all traffic or part of it to NCLI route while declaring CLI delivery for 100% of calls
What VoIP provider needs from client:
  • High price, stable payments
  • Stable traffic from real callers (mostly immigrants calling home), with low cancel rate and high call duration. Many VoIP wholesale carrier clients don't have live traffic and they need some time before sending VoIP traffic to provider
  • No test calls from mobile operators's anti-fraud companies mixed with real calls, or filterable VoIP traffic. Most sales people in VoIP wholesale companies today (2018) do not understand anything about test calls, and they don't have real control over source of traffic, that's why they can't help against test calls. VoIP retail originators can block client accounts which send test calls with low ACD and ASR, but most of them have no interest in such filters if they don't own GSM gateways and SIM cards themselves
  • No scam. Here are most popular types of scam done by clients:
    • No payment within post-paid contract
    • Requesting lower price for past traffic, telling lie about actual price
    • Sending dialer (call center) / missed call traffic to VoIP provider while it is not stated in contract
    • Sending calls to premium numbers (due to lack of skills and understanding of the VoIP market some VoIP providers pass calls to premium numbers)
    • Telling lies about actual volume of traffic and number of concurrent channels
    • Telling lies about existence of live traffic at the moment
    There are many public lists of scammers. Here are most popular:
Places where people create new interconnections (contracts between client and VoIP provider): VoIP providers can use following strategies / ways to promote NCLI routes:
  • Publish offered VoIP routes in the places listed above
  • Offer way to test the routes for new clients, publish results of the tests
  • Publish true and detailed information about their company and VoIP routes, written in good English language
  • Monitor stability of their VoIP routes with StarTrinity VoIP Status service and provide the test results to new clients

Configuring StarTrinity softswitch for GSM Termination

  • Register for free trial here - create account on our hosted softswitch, or use the softswitch on your server
  • If you have Dbltek GoIP gateway(s) and if you want to use StarTrinity softswitch SIM management functions:
    • Set up a Dbltek GoIP gateway(s) at your destination, connect it to internet. Optionally connect gateway(s) to SIM bank
    • Configure softswitch menu - SIM management - Gateway Locations
    • Configure softswitch menu - SIM management - Gateways
      • Add new gateway
      • Follow instructions, connect your GoIP gateway to the softswitch
      • If the gateway is still offline, troubleshoot your internet connection using GoIP - Tools - Ping, make sure that WAN settings are correct
      • Try to access the GoIP gateway via our switch IP
      • Click softswitch menu - SIM management - gateway details - auto configure gateway
    • Insert few SIM cards, see their status in softswitch - SIMs. The status should be "online"
    • Configure softswitch menu - SIM management - SIM operators
    • Configure softswitch menu - Configuration - Originators
      • Add new originator for client(s)
      • Enter client's IP address
      • Set service plan = "no billing" (for the initial test you don't need billing)
      • Set routing group = "gateway channels"
      • Add originator for your test softphone (e.g. Zoiper). Set user name and password in the softswitch, enter same username/password in the softphone
  • If you have another GSM gateway
    • Configure softswitch menu - Terminators. Create new terminator, configure dynamic IP address mode. Configure gateway to register at the softswitch with user name and password generated by softswitch for the new terminator
    • Configure softswitch menu - Configuration - Destination sets (aka pricelists). Create new destination set. Add rates (prefixes, prices)
    • Configure softswitch menu - Configuration - Routing groups. Create routing group, add routing group item with the new terminator and desti nation set
    • Configure softswitch menu - Configuration - Originators
      • Add new originator for client(s)
      • Enter client's IP address
      • Set service plan = "no billing" (for the initial test you don't need billing)
      • Set routing group
      • Add originator for your test softphone (e.g. Zoiper). Set user name and password in the softswitch, enter same username/password in the softphone
  • Make test call from the softphone or directly from softswitch Web UI (originator details - make test call)
  • In case of issues with calls - dropped calls, one-way audio, low ACD, low ASR - you need have VoIP troubleshooting skills to understand the issues and fix them. We have a public free e-book about VoIP troubleshooting - theory and practice to help people with VoIP issues

VoIP wholesale: Finding direct NCLI VoIP routes

Typical mistakes of VoIP wholesalers:
  • Sending impersonal emails without understanding what the VoIP provider needs from client
  • Sending too many emails or skype messages to provider (spam)
  • Not having web site with company details and ref erences
  • Not testing and monitoring quality of VoIP routes
  • Not understanding the VoIP market for the specific destination country
What GSM termination provider needs from client:
  • Clean or filterable traffic from trusted and verified sources - retail VoIP traffic. Or filtered traffic, if you are able to filter test calls yourself.
  • Proof of credibility
  • High price
  • Stable payments in time using acceptable payment method

Configuring StarTrinity Softswitch for whitelist filtering with MSSQL database

The chapter would be helpful for all VoIP wholesale carriers who had large international traffic in previous years and who want to benefit from the huge CDRs.
  • Initial parameters:
    • Purpose: filter international VoIP traffic with A+B whitelist based on huge CDR dta to provide clean traffic for GSM termination, to avoid SIM blocking (implement CDR profiling)
    • Call scenario: filter both caller ID and called ID (A and B) numbers, if A+B combination exists in database - pass the call. Otherwise reject the call with 503
    • Source IP: 212.32.229.xx, destination IP: 67.229.78.xx, number format: 9x*, StarTrinity softswitch IP: 47.254.153.xx, SIP port 5060
  • On the windows server set up "StarTrinity softswitch", "Microsoft SQL Management Studio Express", "Microsoft SQL Server Express"
  • If the softswitch windows server runs behind NAT and firewall (azure, amazon, alibaba):
    • Set setting "ForcedMappedAddress" = "switch_public_ip"
    • Restart softswitch: menu - status - system and maintenance - restart software
    • Allow access to ports in hosting provider's firewall: TCP port 19019, UDP ports 5060, 16000...30000
  • Connect to the MSSQL server in MSSQL Management Studio, create new database. Name it "Filter"
  • Create new table

    Enter field definitions:

    Note: this is simplest case example, you can add more fields like duration, time into the table, also you can create multiple tables in the database. Click "Save", name table as "Numbers"
  • Transfer data from your input file (excel, csv) into the new table
    • Open input file (processed CDR) with A and B numbers in excel, select numbers, press Ctrl+C
    • Go to edit data in the new table, paste the copied rows (Ctrl+V)

    • To optimize SQL queries create index in the table:

      • Add columns A and B
    There is another way (more complex but much faster) - import numbers from CSV file using SQL script
  • Configure routing in StarTrinity softswitch (please refer to softswitch documentation)
    • Create terminator, enter destination IP address, max capacity (menu - configuration - terminators)
    • Create destination set with your prefixes (in this example prefix 98 and price 0, if you don't need billing in StarTrinity softswitch) (menu - configuration - destination sets)
    • Create routing group, add routing group item with the destination set and terminator
    • Create originator with max capacity, use the created routing group. set parent originator = null, service plan = "no billing" if you don't need billing in StarTrinity softswitch. Go to terminator details, set up IP authentication, enter auth. IP address.
    • Enter callXML script for the whitelist filter (menu - configuration - script for incoming calls (XML)
      <callxml>
          <!-- simplest softswitch script for whitelist A+B filter -->
          <performAAA />
          <requestdb command="select count (*) from Numbers where A='$callerId;' and B='$calledId;'" connection="Data Source=(local);Integrated Security=true;Initial Catalog=Filter;Asynchronous Processing=true" var0="count"/>
          <if test="$count; == 0"> <reject value="503" /> <exit /> </if>
          <transfer terminators="routed"/>
      </callxml>
  • Make test call(s) and pass live VoIP traffic via the StarTrinity softswitch
  • In case of getting SQL authentication error like The login failed. Login failed for user 'WORKGROUP\iZgw88dw1mhjkbZ$'
    - configure access rights: MSSQL Management Studio - Security - Logins - "NT AUTHORITY\SYSTEM" - Add rights to this user: db_admin role, access to the database (easier just to select all "rights" checkboxes for the "NT AUTHORITY\SYSTEM" user).
Copyright 2011-2018 StarTrinity.com | Blog | Contact lead developer via LinkedIn | TeamViewer link