With more countries increasing their termination rates for SMS delivery, the profit potential of artificial inflation of traffic (AIT) is growing increasingly attractive to fraudsters. It is a complex challenge that is costing brands huge sums of money and draining their trust in messaging, meaning that they are moving to other channels to communicate with their customers.
AIT is a sophisticated form of fraud where threat actors request a one-time password (OTP) or two factor authentication (2FA) to a premium rate or ghost number, which then incurs costs for the organisation originating the message. It is a rising threat within the telecoms industry, with fraud intelligence from GSMA IRSF Prevention showing that SMS AIT increased by 380% over a 12-month period.
One of the core challenges of AIT is that it’s much harder to detect than traditional types of fraud. OTP and 2FA requests aren’t typically flagged as spam, allowing fraudsters to bypass organisations’ firewalls and take advantage of applications including banking apps, social platforms and marketing services.
Without a solution to screen the traffic requesting these passcodes, it’s impossible to determine the origin, and therefore whether it is legitimate or fraudulent. This is driving the need for dedicated anti-fraud solutions to ensure AIT doesn’t continue to go undetected.
Understanding AIT Fraud and its Impact
AIT is caused by many different factors. The most prominent involves threat actors creating bot accounts which then trigger a flood of fake requests sent via a high-cost route to rack up increased fees. Rogue mobile network operators (MNOs) or another rogue party, who receives revenue share, then profit from the increased charges.
Increasing levels of A2P fraud are causing a notable shift in how users are interacting with communications channels. According to research from XConnect and Mobilesquared, traditional channels accounted for 70% of trust in 2023, but by 2025 this will drop to around 50%, with 50% of trust attributable to RCS and WhatsApp. AIT is not only driving massive financial losses for enterprises but threatening the future of A2P as a trusted channel for communications.
It is impacting the industry in several ways including:
To stay ahead of evolving AIT tactics and optimise their A2P operations, organisations need to find a way to rapidly pre-validate the numbers in their systems before outbound messaging activities are initiated.
As a neutral provider of numbering information services, our mission is to help the industry restore trust in telecoms through collaborative solutions that tackle the biggest industry challenges, including AIT.
The launch of our AITCheck™ solution in collaboration with the GSMA is the latest way we’re executing on this, helping the A2P ecosystem to secure against rising AIT fraud instances.
Introducing AITCheck
AITCheck provides enterprises, mobile operators and CPaaS providers with real-time numbering intelligence to protect against significant financial losses from bot attacks on A2P services. It is a part of the XConnect RiskALERT™ product suite and provides insight into whether a number is valid, ported and allocated to indicate signs of AIT fraud.
The solution combines XConnect’s award-winning Number Information solutions with the GSMA’s IRSF Prevention database to reduce fraudulent OTP requests, mitigate AIT-based losses and enhance routing optimisation and alerting for high-risk destinations. Customers, from the 239 countries and territories covered, benefit from 24x7x365 monitoring as well as access to the IRSF database, updated every 20 seconds for real time insights into numbers being used for AIT fraud in SMS traffic.
Enabling A2P Success
The key to proactive detection against AIT lies in deploying reliable, accurate and up-to-date datasets that are specifically designed to detect fraudulent numbers.
XConnect is an unbiased and trusted provider of number information services committed to restoring trust in telecoms. By working in collaboration with leading industry bodies, including the GSMA, we’re supporting this mission and protecting the future of A2P messaging.
We provide the telecoms industry with low latency, high capacity, high availability datasets built on privacy-by-design principles to optimise communication performance, reduce fraud and protect individuals. AITCheck builds on our dedicated XConnect RiskALERT family, which also includes XConnect IRSFCheck™ to prevent International Revenue Share Fraud (IRSF) before an attack takes place.
Our goal is to provide a comprehensive anti-fraud solution that helps the industry detect and defend against AIT fraud in real time. The A2P ecosystem benefits from:
Routing Optimisation.
With AITCheck, organisations can enhance routing optimisation and alerting for critical destinations and better handle traffic termination on high-risk networks.
Revenue Protection.
AITCheck enables organisations to solve an immediate business challenge by combining a number of data points which can be used in AIT detection. These data points determine whether a number is valid, ported and in the GSMA IRSF Prevention database, with more than 19+ million unique high-risk IRSF numbers in our global threat feed.
Increased Load Balanced Traffic.
Deploying AITCheck can help organisations gain more messaging traffic that is load balanced on multiple suppliers by applying strong fraud filtering and blocking. With up to 25,000 global threats and attacks detected per day, this filtering allows them to benefit from improved reliability, enhanced performance and increased scalability.
Increased Customer Trust.
AITCheck allows companies to regain trust with their customers and make sure they do not lose revenue on fraudulent traffic. They benefit from real time tracking of AIT to with access to a database with an over 90% detection rate on confirmed fraud cases.
