Yes, You Can Avoid Paying for Unwanted, Malicious Toll-Free Calls
If you are following the robocalling space, you’ve seen the U.S. Federal Communications Commission (FCC) take increasingly strong action against illegal robocallers over the last few years, both by issuing mandates such as STIR/SHAKEN and by penalizing illegal robocallers.
One recent penalty proposed by the FCC was a $116M Robocall Fine for Toll-Free Traffic Pumping Scheme. The company made more than 9 million unsolicited prerecorded voice message calls to toll-free numbers.
There are two major problems for businesses that receive unsolicited robocalls used for toll-free traffic pumping:
- These calls consume enterprise employees’ and call center agents’ time.
- Businesses are forced to pay for these calls, even when they are not tied to legitimate business purposes.
Why do businesses have to pay for these unwanted, malicious toll-free robocalls? To answer this question, you have to understand how the toll-free compensation model works.
In the US, toll-free numbers are assigned on a first-come, first-served basis by entities called Responsible Organizations (RespOrgs) and updated in the national SMS/800 toll-free number database to ensure prope routing. Let’s follow the green arrows shown in Figure 1, where each toll-free call routed to the toll-free number’s business owner carries an associated cost sharing compensation. The compensation model starts with the called party (the toll-free number’s owner) who compensates the RespOrg (or toll-free service provider) for completing the call. The RespOrg pays a small charge back to the carrier who delivered the call to them. In turn, any intermediate carrier pays a small charge back to the prior hop or originating provider. And where any database queries are done to determine routing, these too are compensated through the cost sharing structure.
Figure 1 – Toll-Free Routing and Compensation
By now, you may have figured out that the originating carrier monetarily benefits from the toll-free calls and when an originating carrier is engaged in access stimulation/traffic pumping, it will share the compensation with its call origination customers to “pump” more calls across its network.
But are these huge penalties imposed by the FCC ever collected? As per this report by TechCrunch, “The ones getting fined sometimes get away with paying only a fraction of the amount”. This opens up the possibility of increasing amounts of toll-free fraud, leading to enormous unanticipated bills for the enterprises who own those numbers.
The FCC is doing its part in proposing an enormous penalty, so it is clear that the industry needs actual enforcement of these fines to change the behavior of bad actors. However, until this type of fraud is greatly diminished, what can enterprises do to protect themselves from malicious incoming toll-free robocall traffic and the associated costs?
The answer is for the toll-free number business owner to implement a voice threat prevention solution that provides automated methods to:
- Identify when a malicious toll-free robocall traffic pumping event is taking place
- Stop these toll-free calls from being “established”
Our Voice Threat Prevention solution offers automated solutions to both of these requirements. We combine the power of our Analytics to detect a potential toll-free robocall traffic pumping event and our Reputation Scoring Service to assess call attempts in real-time to indicate the likelihood that these calls are malicious. For different reputation score ranges, it is possible to set different policy decisions on how a given call should be handled.
Ribbon uses a novel and patented algorithm to learn normal toll-free traffic patterns across a very large set of calling and called parties, all tracked to the hour of the week. This algorithm quickly detects new traffic pumping sources and triggers actions to mitigate subsequent calls. If a call receives a reputation score that indicates it is likely to be part of a toll-free robocall traffic pumping event it will also likely have an associated policy decision to reject the call. Execution of the “call rejection” decision will most often be enforced, in real-time, by a session border controller. This voice threat prevention process can be seen in the 3-step Figure 2 below.
Figure 2 – Step 1. Malicious Toll-Free Traffic Pumping Event, Disrupts Business
Figure 2 – Step 2. Analytics Detection, Updates to Reputation Scoring
Figure 2 – Step 3. Reputation Scoring and Call Treatment Policy Decision, SBC Blocks Malicious Toll-Free Robocalls, Disruption Stops
Rejecting these malicious robocalls means the toll-free number business owner avoids incurring costs for unwanted calls that use up system capacity (e.g. in hold queues / IVRs) and disrupt agent time.
Clearly, malicious incoming toll-free robocall traffic can have a huge negative impact on organizations of any size. To learn more about how you can protect yourself please visit our Voice Threat Prevention web page or webinar.