Fraud & Identity Featured Article

Grey Routes: A Service Provider's Worst Nightmare

By Alicia Young Web Editor

One of service providers’ greatest assets and weaknesses is SMS messaging. On the one hand, SMS messaging makes communicating with customers easier than ever. It enables person-to-person (P2P) text messaging, which has been a valued practice for keeping in touch for nearly 20 years. However, SMS capabilities also open service providers up to fraud. According to the telecommunications industry organization GSMA (News - Alert), an average-sized mobile network of 16 million subscribers could easily experience revenue leakage in excess of $4 million per year from SMS-related fraud alone. A large majority of this type of fraud is due to grey route messaging.

Grey route messaging refers to application-to-person (A2P) messages that originate outside of authorized networks, and infiltrate service provider networks by exploiting traffic channels designated specifically for P2P messaging. Unfortunately, grey route messaging can be extremely hard to identify and intercept, leading to revenue leakage for the average service provider. In fact, GSMA found partial or full grey routing on 75 percent of the 816 operator networks it surveyed, 271 of which were considered by the organization to be large and influential providers. A2P specialist Dialogue believes that service providers could save as much as $15 billion in additional revenue next year if they were to address this problem.

The reason grey route messaging has become such a problem is because of the mutually beneficial, yet lax, agreements between service providers that allow for simple SMS billing policies when terminating inbound messaging. Customer messaging between different service providers has been mostly settled by mutual forgiveness, also known as GSMA AA.13 “bill and keep policy.” Unfortunately, third party content providers and aggregators have started exploiting these flexible policies. They have figured out how to take something good that should simply be saving money and time, and turned it into a way to send unauthorized A2P messages.

The unchecked sending of these A2P messages along routes that are meant specifically for P2P messages can become incredibly aggravating for customers, not to mention confusing. Subscribers have been exposed to countless instances of spam and consumer fraud as a result of this manipulation. Often, consumers don’t know what messages are real or worth clicking on, and it becomes easy to simply click “delete” after receiving any message. As a result, legitimate P2P messages are often lost in the shuffle and deleted, unread.

Unfortunately, there’s not much service providers can do on their own to stop unauthorized A2P messages. They can’t pick and choose which messages to stop from flowing, so in order to stop the illegal ones, they’d have to stop the P2P messages as well. Most companies opt not to go that route, which results in countless spam messages making it through to customers. These unchecked messages can have severe consequences for both the service provider and the customer, including: spam traffic overwhelming networks and causing the reliability of legit P2P messages to drop; emergency services may be halted due to their inability to get through; angry customers due to delayed P2P messages; ruined brand reputation for service providers; and more.

The cons definitely outweigh the pros when it comes to letting A2P messages run through unchecked. However, that’s the only option most service providers feel they have. Luckily, there are solutions that exist to help tackle the issue of grey routes. For example, iconectiv’s (News - Alert) Defender Shield monitors and detects unauthorized A2P messages and helps service providers stop them from going through. It uses real time analysis and selective filtering to determine if a message is legitimate. Unauthorized traffic is categorized into different folders—Grey Routes, Spam/ Junk Traffic, Fraud Traffic, etc.

After filtering through the messages, traffic patterns are then monitored 24/7 by expert fraud and identity authentication analysts based on the SMS content being passed, volume being sent at various intervals and frequency of traffic patterns being pushed through the network. Other features include full screening control, so you know what exactly is being sent to your subscribers and when; subscriber originating blocking, which allows subscribers to take control of what messages they receive; and extensive drill-down reports on all incoming and outgoing SMS traffic.

Grey routes are a serious problem that can be detrimental to service providers around the world. SMS fraud results in millions of dollars lost in revenue leakage every year, but it doesn’t have to be that way. It’s time for service providers to stop simply letting illicit A2P messages bog down their P2P networks, and invest in solutions that can systematically clear up that traffic.

What are you waiting for?