OTT bypass, other international bypass fraud detection with StarTrinity test call generator (TCG)
    With the following CallXML scripts you can help telcos to fight with various types of international bypass fraud:
    
        - Over-the-top (OTT) bypass fraud: vendors of mobile applications like Viber, Whatsapp, other mobile VoIP dialers cooperate with wholesalers 
            to bypass high rates of international termination. Termination over the top (over IP protocol) is almost free for the application vendors.
            Having the applications installed on a high percentage of mobile phones all over the world, the vendors use the applications to terminate
            international calls: more and more people see international calls going to their phones via Viber, when it is turned on.
        
- GSM VoIP termination (grey routes) international bypass fraud: people all over the world have VoIP-GSM gateways (aka SIM boxes)
            terminating international (high-cost) calls at local (low) rates
    It becomes more difficult to detect the bypass fraud when the carriers use blending: only a part of traffic goes through the fraud channels.
    There are many companies who specialize of detection of the bypass fraud, and today it becomes more and more easy.
    Almost every VoIP wholesaler is able to make more money by helping telcos to detect bypass fraud. 
    
    
Requirements:
    
        - Interconnection with many carriers to the destination country
- SIP Tester software installed on your server(s) to be used as TCG and call receiver (if needed)
- CallXML scripts for call generator and receiver containing your logic of fraud detection
Sample scripts for OTT bypass detection
    Here are the simplest scripts for OTT bypass detection: call generator(s) send calls to a network of carriers,
    call receiver (could be installed on same machine) links call to call generator, matched or unmatched result is saved to output file.
    
    Script for call receiver:
    
        [hidden due to NDA - there are no complex things here]
    
    Script for call generator:
    
        [hidden due to NDA - there are no complex things here]
    
    
    Our articles
    Thoughts on Microsoft monetization strategy with Skype - OTT bypass?
  
    Today I finally got my own understanding - why Microsoft removed option to turn off anonymous incoming calls. I suspect that they are going to monetize Skype with OTT international bypass fraud. People who do not know what is "OTT international bypass" - I will not describe it here, please find explanation in google. It is a global trend in international telecommunication business.
    How I see story of Skype:
    
        - For some reason they sold their business to Microsoft, I did not like it.
- Microsoft released new cross-platform GUI, I did not like it. Everything worked well before Microsoft
- The Microsoft understood the opportunity of "OTT bypass fraud" - I do not consider it as "fraud" myself if audio quality is perfect. Messangers like Whatsapp, Viber have been doing it already, why not Skype?
- But there are few minor problems for the OTT bypass: 1) need to have phone number linked to messenger account 2) need to have ring sound always turned on. If B party does not hear the ring, the call will never get answered via the OTT bypass route
- So Microsoft decided to always enable ring tone in skype. Also enable calls from unknown callers. Can you find these settings in the new Skype?
- Old version of Skype stopped to work a week ago (August 2018). No way for me now to avoid unknown (and known) callers to call me at night when I am sleeping.
- For a year I have tried to contact Microsoft to let them bring back old settings, no result.
Dear Microsoft management team, do you read this article and do you hear me now????? I have already uninstalled Skype on my main devices but I would like to have it installed and running again, without receiving anonymous calls at night.
    UPDATE: (someone replied to this article and told me that "Skype does not use the telephone number to identify the user") - they really ask to link account with phone number. It is not required though: 
     
    Also, I have installed Skype back again on my android mobile phone, just turned off it in background mode (Android settings), now it does not disturb me at night.
    
    OTT bypass detection and elimination - let's think about it
    I see that many companies claim that they are able to detect interconnect over-the-top (OTT) bypass. Some of them claim that they can even block it in real time:
       
    
        - ARAXXE: they declare that they can "Generate voice calls from your network towards a selection of international destination networks." and "Identify the transit carrier whose call routing leads to OTT Bypass termination." - it looks clear to me.
- FRAUDBUSTER: "spOTTer is able to detect and block OTT bypass fraud in real time. This is the guarantee that all the legitimate traffic that was sent to your network will be delivered through the official interconnection, and prevent further loss of revenue." - it looks not clear. They talk about INBOUND traffic here, not outbound, like ARRAXXE. "SpOTTer can handle the most used protocols: SIP, Viber, Skype, WhatsApp, Line and FaceTime." - what does it mean? They pretend that they can decrypt encrypted traffic, intercept voice call, analyse it and block the call if it is international bypass. My opinion: IT IS FALSE. The SIP is not encrypted, so they can do it with SIP, but nowadays most VoIP retailers already send VoIP traffic from mobile dialers via SIPS or VPN. It can not be decrypted. If FRAUDBUSTER claims decryption of Whatsapp IP traffic, can they also decrypt HTTPS and block unauthorized credit card transactions, having their software put as man-in-the-middle?
- Purgefraud: "The varied services at Purgefraud can detect bottlenecks in a service via its end-to-end active testing operations as shown diagrammatically, to help identify, and eliminate bypass fraud. This results in the proficient elimination of OTT fraud. We at Purgefraud provide a completely managed and flexible solution for all types of bypass fraud based on efficient counter-detection techniques, using boundless international routes."
- Revector: "Removing Over-The-Top termination bypass" - okay, looks like here they speak about outbound traffic
My opinion: it is only possible to detect bypass fraud on OUTGOING trunks, for outbound voice traffic. Inbound OTT bypass is not detectable without test calls. And it is only detection, not elimination. At present time I can only imagine a way to eliminate OTT bypass by legal government regulation:
    
    
        - Government in Country A introduces a law which prohibits international OTT bypass.
- MNO in country A runs a test call campaign: interconnects anonymously via multiple VoIP wholesale carriers and VoIP retail providers and sends test calls to its own numbers. The numbers should belong to real people with real phones having all popular OTT applications installed. The test should be recorded on video to provide evidence for government.
            
                - How to make test calls from various sources: 1) easiest and most expensive answer is to use companies like SIGOS 2) purchase prepaid VoIP retail accounts yourself 3) use services like TelecomsXchange where you can easily interconnect with many carriers
 
- If some test call really gets terminated to an OTT application, the MNO has an evidence of international OTT bypass in Country A, and raises a legal dispute against the OTT application vendor.
- The government talks to vendor of OTT application and they agree to avoid the bypass.
Can this way be really implemented? I am not a legal expert, I don't know how governments work.
    UPDATE: I understand that it is very easy to block ALL OTT calls in an OTT application. One can just monitor IP traffic using Wireshark and define a list of IP addresses, protocols, ports which are used for OTT voice calls. Then it must be easy to block the IP addresses, protocols, or ports in operator's firewall. I do not know how the operators really work and is there a real opportunity to block IP addresses, but in Russia it is possible (e.g. Telegram).