>

 

Documentation

Fraud Protection Configuration

End users’ credentials are vulnerable to hackers. However, PortaBilling® can offer protection to users with the help of fraud prevention tools. Fraud protection functionality is configured in three steps:

1.      Fraud protection configuration in individual products, thereby allowing IP verification to be performed for all accounts using this product.

2.      Configuration on the customer level using customer sites that can be assigned to certain accounts of this customer.

3.      Configuration on the account level (optional).

 

Let’s consider the following example: your customer’s company is situated in Madrid, Spain. You would like to protect this customer from potential fraud. Since the company is situated in Spain and its employees mainly make calls from Madrid and other Spanish cities, you should perform the fraud protection configuration so that calls made from Spain can be completed without restrictions, while at the same time, calls made from other countries will be considered suspicious and therefore, forbidden or screened.

Checklist

Print this page and use it to check off the operations you have completed while performing the system setup according to the instructions in this chapter. Please be sure to perform all of the operations in the order designated (all of the boxes should be checked); otherwise the service will not work.

 

 

Operation

 

Done

Network configuration

 

Create a Geo / Risk Profile.

[     ]

Rating configuration (Customer)

 

Add the Geo / Risk Profile to a product.

[     ]

Perform the fraud protection configuration for a customer on the Customer Sites page.

 

Account provisioning

[     ]

Check an account’s fraud protection information and account’s current status. Change the status if necessary.

[     ]

Perform the fraud protection configuration for an account (optional).

[     ]

 

Create Geo / Risk Profile

Create a Geo / Risk Profile so that calls made from Spain will not be restricted and calls made from other countries will be considered suspicious and therefore forbidden or screened.

 

 

                             

 

 

 

In the Networking section of the Admin-Index page, choose Geo / Risk Profiles.

1.      On the Geo / Risk Profiles page click the  Add icon

2.      Fill in the “Add Geo / Risk Profile” form:

Name – Geo / Risk Profile object name (e.g. ABC).

No Restrictions – Select countries without any call limitations (in our example this is Spain).

Suspicious – Select countries from which a relatively low number of calls will be permitted without screening, after which the service will be screened.

Prohibited – Select countries for which calls will immediately be screened.

 

Note: the number of calls that can be made without screening is 5 by default and can be configured on the Configuration Server.

 

3.      Add countries to the lists by clicking Add and by choosing countries from the list

4.      Click  Save & Close

 

Add Geo / Risk Profile to the Product

Assign the Geo / Risk Profile that was created in the previous step to the product that will be used by employees of the company.

 

 

 

In the Rating section of the Admin-Index page, choose Products.

1.      Select Product for which you would like to assign a Geo/Risk Profile.

2.      On the Products Management page open the Service Configuration tab.

3.      Select the Fraud Detection section under the Voice Calls service type.

4.      Fill in the following fields:

Geo-IP Fraud Detection Enabled – Select Enabled.

Country / Risk Profile – Assign the ABC Geo / Risk Profile that you created earlier.

Location change allowed every – Specify 60 minutes here, so that an end user can change the location during the time interval of 60 minutes without the need to re-input their PIN.

After passing screening IVR, allow normal calls for – Specify 60 minutes here, so that an end user can make calls for 60 minutes after passing the screening IVR without needing to re-input the PIN.

5.      Click the  Save icon to save changes.

Fraud Protection Configuration on Customer Sites

Perform the fraud protection configuration on the Customer Sites, so that the settings will be applied to all employees of this company.

 

 

 

 

 

1.      Go to the Customer Management screen (the one containing the list of customers).

2.      Select a customer.

3.      On the toolbar, click the  Sites button.

4.      Choose the Default Site or click the  Add icon to add a new customer site (in this case specify the name of the new site in the Site Name field).

5.      Fill in the following fields:

Location Information – Select the Enabled option, which will allow you to define a customer’s permanent location for Geo-IP fraud prevention.

Current Location – Type in ES here. Note that the specified country in this field should be in a country code top-level domain format (e.g. fr for France, de for Germany etc.)

Allowed Mobility – Choose Stationary User (constant location) since the employees of this company always make calls from the same location.

6.      Click the  Save icon to save changes.

Account Provisioning

Check an account’s fraud protection information and current status. Change the status if necessary.

 

 

1.         Open the Account Info page.

2.         Click on the Fraud Prevention tab. Here you can view the Country / Risk Profile name and current status for this account.

3.         In the Change the status to field you can change the status of this account.

4.         If you have modified the Change the status to field, click the  Save icon to save changes.

Override Fraud Protection Settings for an Account (optional)

Perform fraud protection configuration for individual user. Let’s assume that this account is used by this company’s sales manager, whose office is situated in Toronto, Canada although he travels around the world from time to time.

 

 

1.         Open the Account Info page.

2.         Select the Service Configuration tab.

3.         Select the Fraud Detection section under the Voice Calls service type.

4.         Fill in the following fields:

·         Location Information – Choose Account Has Its Own to define a different location for this specific account.

·         Current Location – Type in CA here, since the user of this account is located in Canada. Note that the country specified in this field should be in a country code top-level domain format (e.g. fr for France, de for Germany etc).

·         Allowed Mobility – Only available when Geo-IP Fraud Detection Enabled is set to Yes and a profile is selected in the Country / Risk Profile option for the account’s product. Select Roaming user (Frequent Location) since the user of this account frequently travels; in this case, a location change would be considered acceptable.

·         Service Unblock Code – This is the account’s unique code that is usually provided upon sign-up and can be used later to confirm that a legitimate customer is attempting to make a call if the call was made from a “suspicious” location.

·         Voice Authentication – If the call has been made from a “suspicious” location, this feature will enable or disable a customer’s authentication when a legitimate customer attempts to make a call.

5.         Click the  Save button to save the changes.