Fraud Protection Configuration

Checklist

Create a geo / risk profile

Add geo / risk profile to the product

Fraud protection configuration on customer sites

Account provisioning

Override fraud protection settings for an account (optional)

Fine-tune fraud protection settings for private networks

Handle calls from specific IP addresses

 

End users’ credentials are vulnerable to hackers. However, PortaBilling® offers protection to users via its fraud prevention tools. The Fraud protection functionality is configured for customers of Universal and Hosted IP PBX business models in three steps:

1.     Fraud protection configuration in individual products, allowing IP verification to be performed for all accounts using this product.

2.     Configuration at the customer level using customer sites that can be assigned to certain accounts.

3.     Configuration at the account level (optional).

 

The Fraud protection functionality for customers who use services within other business models is configured in two steps: 

1.     Fraud protection configuration in individual products, allowing IP verification to be performed for all accounts using this product.

2.     Configuration at the account level (optional).

 

Let’s consider the following example: your customer’s company is situated in Madrid, Spain. You would like to protect this customer from potential fraud. Since the company is situated in Spain and its employees mainly make calls from Madrid and other Spanish cities, you perform the fraud protection configuration so that calls made from Spain can be completed without restrictions. At the same time, calls made from other countries are considered suspicious and therefore, forbidden or screened.

Checklist

Print this page and use it to check off the operations you have completed while performing the system setup according to the instructions in this chapter. Please be sure to perform all of the operations in the order designated (all of the boxes should be checked); otherwise the service will not work.

 

 

Operation

 

Done

Network configuration

 

Create a Geo / Risk Profile

[     ]

Rating configuration (Customer)

 

Add the Geo / Risk Profile to a product

[     ]

Perform the fraud protection configuration for a customer on the Customer sites page

[     ]

Account provisioning

 

Check an account’s fraud protection information and account’s current status. Change the status if necessary

[     ]

Perform the fraud protection configuration for an account (optional)

[     ]

Create a geo / risk profile

Create a Geo profile so that calls made from Spain will not be restricted and calls made from other countries will be considered suspicious and therefore forbidden or screened.

 

1.      On the navigation menu, select Sales, then Fraud prevention and click Geo profiles.

2.      On the Create geo profile panel, specify the following details:

·         Name – Type a geo / risk profile name (e.g. Business customers).

·         Managed by – Define whether this geo / risk profile will be used by an administrator or one of your resellers:

·         Default approach to calls – Specify the call processing approach that is applied to calls from any user location:

o   TrustfulCalls are allowed unless user location is defined as an exception in the profile.

o   Cautious5 calls are allowed before redirection to the screening IVR unless user location is defined as an exception in the profile.

o   ParanoidAll calls are rejected unless user location is defined as an exception in the profile.

 

3.      Click Save.

 

Create a Geo / Risk profile

 

With Paranoid default approach to calls all calls are rejected or screened. To allow calls from some country (e.g. Spain), you should add it to Exceptions.

 

1.      On the Geo profile panel that opens, click Call processing approach.

2.      On the Call processing approach panel, click the Add country button for Trustful approach.

 

Configure Geo profile

 

3.      On the dialog window that opens, select a country from the list (e.g. Spain) or type the name of the country in to Search country/entry field and click Add.

 

Add the country that requires Trustful approach

 

4.       Go to the Approach actions panel and specify the parameters for each approach:

·         Paranoid – Define how calls originating from countries specified in this approach will be processed:

o   Choose Immediately redirect the call to screening IVR to immediately redirect calls to the screening IVR. To continue to use the service, the caller must provide additional credentials to prove that he / she is indeed a legitimate user.

o   Choose Quarantine the account, bypass the screening IVR to immediately change the account’s status to Quarantined. After that, any call attempts from the account are automatically blocked. 

o   Choose Reject calls without any further actions to immediately reject calls made from countries present in the list. Calls originating from trusted countries will come through without restrictions.

·         Cautious – Define how calls originating from countries specified in this approach will be processed:

o   Choose Allow … calls before redirecting to screening IVR to still allow a customer to make a certain number of calls. The possible values are 3, 5 and 10. After that, any attempt to make an outgoing call from a country listed here will be screened, and the caller must provide additional credentials to prove that he / she is indeed a legitimate user.

o   Choose Reject calls without any further actions to immediately reject calls made from countries present in the list. Calls originating from trusted countries will come through without restrictions.

 

Configure approach actions

 

5.      Click Save.

Add geo / risk profile to the product

Assign the Geo / Risk profile that was created in the previous step to the product that will be used by the employees of the company.

 

Add Geo / Risk Profile to the Product

 

1.      On the navigation menu, select Service catalog and click Products.

2.      Select the Product for which you would like to assign a Geo / Risk profile.

3.      On the product’s panel, click Services, select Voice calls and go to Fraud detection page.

4.      On Fraud detection configuration panel, specify the following details:

·         Geo-IP fraud detection – use a slider to enable this feature.

·         Allowed location change period, minutes – Type 60 here, so that an end user can change location during an interval of 60 minutes without needing to re-input their PIN.

·         Allowed normal calls period after passing screening IVR, minutes – Type 60 here, so that an end user can make calls for 60 minutes after passing the screening IVR without needing to re-input the PIN.

·         Geo / Risk profile – Assign the Business customers Geo profile that you created earlier.

 

5.      Click Save.

Fraud protection configuration on customer sites

Perform the fraud protection configuration on the customer site so that the settings will be applied to all of this site’s accounts.

 

Go to the Sites panel

 

Add the customer site name

 

Enable the location information functionality

 

1.      On the navigation menu, select Sales and click Customers.

2.      On the Customer panel, click Personal and select Sites.

3.      On the Sites panel, click Add a site.

4.      Specify the name of the new site in the Site name field and click Add.

5.      On the Site panel, enable the Location information option and fill in the following fields:

·         Allowed mobility – Choose Stationary User (Permanent location) since the employees of this company always make calls from the same location.

·         Current location – Select the country where the customer is located from the list. In our example it is Spain, since the customer is located in Spain.

6.      Click Save.

Account provisioning

Check an account’s fraud protection information and current status. Change the status if necessary.

 

Configure fraud protection for an account

 

1.         On the Account panel, click Fraud protection. Here you can view the Geo / Risk Profile name and current status for this account.

2.         In the Change status to field you can change the status of this account.

3.         If you have modified the Change status to field, click Save to save changes.

Override fraud protection settings for an account (optional)

Perform fraud protection configuration for an individual user. Let’s assume that this account is used by this company’s sales manager, whose office is situated in Toronto, Canada, although he travels around the world from time to time.

 

Override fraud protection settings

 

1.         Open the Account page.

2.         Select Services and go to the Service configuration page.

3.         On the Voice calls configuration panel, select the Fraud detection section.

4.         Fill in the following fields:

·         IVR authentication – If the call has been made from a “suspicious” location, this feature will enable or disable a customer’s authentication when a legitimate customer attempts to make a call.

·         Location information – Use a slider to enable this option to provide information about the end user’s current ‘default’ country and whether he is permitted to make calls from abroad.

·         Allowed mobility – Only available when Geo-IP fraud detection is set to Enabled and a profile is selected in the Geo / Risk profile option for the account’s product. Select Roaming user (Changeable Location) since the user of this account frequently travels; in this case, a location change would be considered acceptable.

·         Current location – Select the country where the customer is located from the list. In our example it is Canada, since the user of this account is located in Canada

5.         Click the Save button to save the changes.

Fine-tune fraud protection settings for private networks

Internal subnets such as 10.x.x.x, 172.16.x.x, 192.168.1.x do not belong to any specific country. However, there is an option called GeoIPOverride that makes it possible:

a) to mark the internal subnets as Internal Networks. The Billing Engine considers the Internal Network to be a separate country, so any fraud protection settings described previously can be applied to these internal subnets.

b) to assign the internal subnets to a specific country.

 

This can be adjusted on the configuration server.

 

1. On the configuration server clone the currently active configuration.

2. Select BillingEngine on the Configuration Tree and then choose VoiceCallsRoaming among the Groups.

3. In theGeoIPOverride field mark the subnets with “!” to assign them to the Internal Network.

4. Use a country code top-level domain format (e.g. FR for France, DE for Germany, etc) to assign a subnet to a country.

NOTE: Each record must be written in a separate row.

 

The configuration shown in the screenshot means that IP addresses from 10.x.x.x, 172.16.x.x, 192.168.1.x subnets are marked as Internal Networks. The customer may now move them to “No Restriction,” “Suspicious” or “High-risk” lists on the PortaBilling web interface. The 192.168.222/24 subnet is now considered to be from the Netherlands. Further adjustments for this country must also be done on the PortaBilling® web-interface.

 

4.         Click the  Verify button to verify the changes.

 

Fine-tune praud protection settings

 

5.         Click the  Check / Apply button to apply the configuration.

 

Apply the configuration

 

Handle calls from specific IP addresses

The list of countries for each approach is divided into 7 groups based on the continent they belong to – plus there is also an extra Other group.

 

Other catagories

 

The Other group allows you to allow or restrict calls coming from specific IP addresses based on the following categories:

·         Not applicable – This category is used for private or indefinite IP addresses.

·         Internal network – This category is used for handling private subnets. Please refer to the Fine-Tune Fraud Protection Settings for Private Networks step for the detailed configuration.

·         Satellite provider – This category is used for IP addresses from Satellite ISPs that provide Internet service to multiple countries.

·         Anonymous proxy – This category is used for IP addresses that are used as anonymizers or VPN services (e.g. Tor exit nodes, public proxies, etc.).

·         Europe – This category is used for a set of IP addresses that has users all over Europe.

·         Asia-Pacific region – This category is used for a set of IP addresses that has users all over the Asia/Pacific region.

NOTE:  The "Europe" and "Asia-Pacific region" categories do not include all the IPs covered under those respective regions. Blocking "Europe" will only block a small portion of IP addresses. It will not affect all European countries. In other words, to block all IPs in Europe you must block each European country, individually, as well as the "Europe" category.