AurorA guests on RAG-TV

Timo appearing on RAGTV S2E1
Timo on RAGTV S2E1 with hosts Eric Priezkalns and Lee Scargall

On Wednesday, June 17, 2020 I had the honour of appearing on the opening episode of Season 2 of RAG-TV, the online streaming show of the Risk and Assurance Group. Their virtual conference in May was seen by over 2,000 telecom industry pros in over 93 countries ! Read more about that here and here.

RAG ia an association for telco professionals involved in all aspects of Revenue Assurance; fraud management, enterprise risk management, law enforcement liaison, credit risk, market assurance, capex analysis and security. Actually, association sounds too stuffy, a club is a better description. A club of like minded telecom fraud and risk managers wanting to get better and improve.

Commsrisk described the episode like this
“Telcos come in all shapes and sizes, from the hundreds of millions of customers served by an Indian mobile network like Jio, and the extensive multi-country operations and carrier function of a group like Vodafone, to telcos that serve tiny island nations and small, focused international carriers like AurorA International Telecom, based in Waterloo, Canada. They all need to work together in order to connect phone users whilst fighting the rouge elements that plague our industry.”

“AurorA’s Timo Vainionpää and LATRO Services’ Donald Reinhart were the guests for the first episode of the new season of RAG Television, giving me the opportunity to ask them about the factors that encourage bypass fraud and what can be done to identify and compete with gray routing. Watch the replay of the show below.”

Watch here !

Stand on Guard this Canada Day

July 1st is Canada Day ! For me it will always remain Dominion Day but for you young’uns Happy Canada Day ! A day to celebrate this wonderful country of ours.

It is an unfortunate fact that the hackers of the world like to plan their attacks on public holidays when network supervision may not be at its highest. On top of that we are still in the fight against COVID-19, and the criminals have escalated their attacks. Furthermore, our friends south of the border will be celebrating their Independence Day on Saturday, July 4 which gives them even more incentive to be out in force.

Please remember to be vigilant this Canada Day and guard access to your switches.

AurorA has to deliver any traffic that is sent to it , so you are responsible for any unauthorized access to your network. AurorA will pass on any alerts that it gets of suspicious traffic patterns. AurorA has also implemented automatic blocking of B numbers once we detect a suspicious fraudulent traffic pattern in an attempt to minimize losses. Also we have also implemented blocking of entire routing destinations after a threshold is breached to further protect you, our customers, from these criminals and mitigate the damage.

Make no mistake, these frauds are perpetrated by criminals; sometimes organized crime, sometimes terrorist groups looking to raise funds for their causes.

Have a safe and happy holiday. Thank you for choosing AurorA and trusting us with your international traffic.
Timo Vainionpaa

Elon is not coming to rescue Canada’s remote broadband

Elon Musk and StarLink
Elon Musk, CEO of SpaceX and the StarLink constellation

The telecom press in Canada has been gushing over the news that Elon Musk and his company SpaceX has visions of coming to Canada to provide super-fast Internet service to rural and remote Canadians via their StarLink LEO (low Earth orbit) satellite constellation.

Please take a step back. Pause. Take a deep breath. Just stop it.

This is not imminent, it may never happen. In fact it probably will never happen.

First off, SpaceX only applied for a BITS licence. BITS is Basic International Telecom Service. AurorA has a BITS licence (in fact I believe AurorA had the first BITS licence provided to a non-facilities based carrier). This does not provide StarLink the spectrum required to operate in Canada. OneWeb had licensed Canadian spectrum (through 1021823 B.C. Ltd.) and so does Telesat for their proposed LEO constellation. SpaceX hasn’t yet applied for a Canadian spectrum licence (as far as I know).

The model of “connecting the unconnected”, providing broadband Internet service to the 3.5 billion people in the world that don’t have it has been around for decades. I remember the old Teledesic and Skybridge proposals, ICO, Iridium and GlobalStar who all went bankrupt. Iridium emerged from Chapter 11 eventually after a huge amount of drama (see my review of a great book on Iridium). More recently OneWeb who had already launched 74 satellites went bankrupt in March (read here) and before that LEOSat last November. As an aside, even Intelsat went into Chapter 11 bankruptcy protection in May.

Elon’s SpaceX has 362 satellites in orbit, but to actually provide service their plans call for 4,000 satellites just in the first phase deployment. To do this takes money; SpaceX need billions, and soon, to satisfy its high cash burn rate. It’s not making near enough revenue launching satellites (and astronauts) from others to cover the costs of it unpaid Starlink launches. This is also why they are desperately trying to be included in the FCC’s Rural Digital Opportunity Fund auction to get a piece of up to $16B in funding, even though they cant demonstrate that they can actually provide service (and may be fudging the latency numbers, hard to prove since you cant actually test it) !

There are very few investors that can write the cheques big enough to fund an LEO sat constellation. Even large investors like Softbank balked at committing additional risk capital to a single investment like OneWeb. The history of bankrupt constellations would bear that out. COVID-19 has made raising money for risky ventures even harder. Building the business case is difficult; it costs too much money to make money, even for a SpaceX that has re-invented rockets and dropped the price of launching satellites.

LEO satellite constellations, especially using small nano satellites can provide great services for many use cases; Earth observation, low data rate iOT or M2M, remote asset tracking, weather data and even imaging. GEO sats can provide great high throughput required for TV and telecommunications, but they provide poor connectivity at Northern latitudes like Canada’s Arctic. The use case of providing broadband Internet for the unconnected is just not suited for LEO.

To connect those 3.5 billion people to the Internet requires not only the huge investment in satellites and ground infrastructure (plus legal/regulatory, and non-trivial insurance costs) but also an inexpensive antenna/receiver for the consumer to be able to plug in themselves to access the service. Given that the terminals will be in remote areas they will need to be low power usage. By definition those places are off the grid. Since the LEO sats move quickly across the sky, the tracking antenna must be sophisticated, like a electronic phased array. No one has yet to produce such a low-cost, low power terminal device.

When the constellation is finally setup, the satellites would cover the entirety of the Earth’s surface. Ninety percent of the time this would be over open water, frozen tundra, wilderness and deserts devoid of people. So a business case dependent on a use case like consumer broadband would not generate revenue 90% of the time ! In areas like Africa or the Amazon, the surface is covered by jungle. The signal won’t penetrate through thick vegetation, limiting its usefulness. Finally, how much would people actually pay to use the service ? Has Elon gone out and talked to the people in emerging markets and asked them what they need and what they can afford ? What about when that area finally gets served via a cable or fixed wireless that can provide service for an order of magnitude less ? Eventually even Nunavut will get service by one or more sub-sea fiber optic cables.

So where exactly are the customers going to come from to justify the immense capital cost of building the constellation ?

The other problem that LEO sat constellations have to solve before we actually see this service launched is the one that they create themselves by launching thousands of satellites to do so. Space debris. Low Earth orbit is already crowded with dysfunctional satellites and space debris. What happens if, no when, a StarLink satellite malfunctions or becomes derelict or collides with other satellites or space debris. The attraction of low cost sats is that they are made with commercial off-the shelf components for a fraction of what traditional GEO sats cost. But given their disposability we are going to have a huge increase in space junk.

Without strict regulatory oversight (and who would be responsible for this in space ?) and the non-zero chance of failures and malfunctions, we could see a runaway feedback loop creating tons of space debris, called the Kessler syndrome. These concerns and liabilities have still not been fully addressed for the large volume LEO constellations.

Until StarLink (or any other LEO Sat constellation) actually builds and operates a constellation without going bankrupt, solves the physics of providing low cost-low power consumer terminal equipment and can guarantee they won’t destroy low Earth orbit with space debris for succeeding generations don’t hold your breath for cheap sat based broadband service in Canada’s rural and remote areas.

Instead of waiting for Elon, Canadians should take control of their own future and build more Arctic fiber optic cables.

Because we all Internet !

The logo of the Internet Society

In February, I took the step of joining the Internet Society – Canada Chapter. It seemed like a great opportunity to meet and learn from some fellow Canadians about this wonderful thing we call the Internet that we all (well not all, and that is one issue) use every day. If it wasn’t for the Internet you wouldn’t be reading this blog post !

The Internet Society globally works for an open, globally-connected, secure, and trustworthy Internet for everyone. The Canadian chapter advocates on behalf of Canadians for an affordable, accessible, fair, open internet. Bridging the digital divide to ensure all Canadians can reap the economic and social benefits the internet can provide.

AurorA has been operating since 1994, and I’ve seen the Internet evolve dramatically over that time. My initial Internet experiences involved dial up modems, a Netscape Navigator browser and an actual written book of interesting websites ! Now it seems that all of the services that AurorA offers are related to or use the Internet in some fashion. For example, the premium voice services we offer are carried over SIP trunks on the Internet.

One of my pet peeves is the mis-conception amongst the general public that the Internet is a service from their Big Telco service provider. Big Telco is fond of claiming that it is “their” network especially when others want to inter-connect. The Internet is far from that. The global Internet consists of tens of thousands of interconnected networks run by service providers, yes, but also individual companies, universities, governments, and others. Big Telco is, at best, just a minor access ramp to the glory of the Internet.

There is no central authority that governs the Internet. This makes it possible for anyone to create content, offer services, and sell products online without requiring permission. Extending this network to rural and remote regions on Canada is also a subject that I care deeply about, as all Canadians deserve the benefits that fast and reliable Internet access can provide. The pandemic has clearly shown this as even many of our own parlimentarians were unable to connect as their Internet service was not reliable or fast enough.

The Canadian Chapter of the Internet Society has a lot of resources that I am looking forward to exploring and learning from. They also sponsor Committees, Roundtable Discussions, Conferences and Meet-ups. The meet ups are in the Ottawa area so as much as I would like to go to one, it would involve a special trip from Waterloo. Once the COVID-19 isolation restrictions are lifted, I will make the effort to get to one so that I can meet people in person in a more informal setting.

To learn more about the Internet Society you can go here, and about the Internet Society – Canadian Chapter here.

RAG London Online 2020: Day 2

The sponsors of RAG London 2020
Thanks to the sponsors of RAG London Online 2020 for the free event

Today was the second and final day of the Risk and Assurance Group (RAG) London conference. Due to the ongoing global pandemic it was turned into a virtual online conference. The sessions began at 7:30 AM London time (2:30 AM in Waterloo) but I listened to the whole event from start to finish for the second day in a row.

Today there was a superb real-life session on assuring network assets from Optus, one on revenue protection and maximization for pay-TV providers, Rating Reconciliation, RAG Online Learning Courses and Risk Management in Other Industries (retail, utilities, financial services and charities). The bulk of the remaining sessions, though, were related to fraud management in various forms. These were the meat, the substance I was craving when I decided to attend the conference.

A lot of modern voice calls are now placed using the SIP protocol ; IP, 4G LTE, 5G, OTT apps and all modern PBX all rely on SIP. SIP calls are a combination of two elements, a signalling stream and an RTP stream. As part of the signalling, a log-in and password accompany every call. Hackers have latched on to this to hijack SIP calls and steal those credentials. This is now the main vector for PBX hacking to do IRSF. The TL/DR is if you are using SIP (and we all do) then no one is 100% safe and we need to be very vigilant.

There were two panels discussing various aspects of fraud management . One was about integrating Test Calls into an assurance strategy to find issues that might go unnoticed if we just focus on CDR reconciliation. The other panel looked at the rise in SIM swap fraud during the pandemic , OTT bypass fraud (or OTT hijack might be a better description) via Viber, Off-net bypass, Refile and SIM box detection.

Then there was a session on IRSF (International Simple Resale Fraud); Wangiri (one ring) is one form of it, hijacked PBX’s are another and is the one I see more commonly with my customers. Kenneth Mouton outlined three tactics to provide protections; i) setting traffic limits ii) Databases (of numbers to block) iii) Analytics (CDR vs Signalling, AI/ML vs rule based) . He also ran through five myths about IRSF and proceeded to debunk them

  • – “Subscriber pays” is a myth
  • – “You can fix problem 1” is a myth
  • – “IRSF is only about Premium Numbers” is a myth
  • – “IRSF/Wangiri is high volume in a short period” is a myth
  • – “RAFM Managers know IRSF” is a myth

There is enough substance here (and my notes are copious) that I plan on writing a few more detailed blog posts in the near future. For sure at least one just on SIP and another just on IRSF.

Those are just some of the over-arching themes from over ten hours of superb content. If you missed it and are interested , some of the videos will be posted on the RAG website here.

I would like to thank the hosts Eric Priezkalns, Rachel Goodin and Tony Sani for putting on a great virtual conference. I would like to thank all of the speakers and all of the sponsors. And I would like to thank RAG, for bringing together over 2,000 people in telecom revenue, risk and business assurance from around the world (93 countries !) in a free to attend event.

I so look forward to the next RAG event, hopefully it will be a live one. The content of the virtual event was superb but I miss the networking part of the conference and the chance to chat face-to-face with like minded professionals. Here is hoping we can meet in person again soon.

RAG London Online: May 13-14, 2020

The compères Eric, Rachel and Tony

Today was the first day of the Risk and Assurance Group (RAG) London conference. Due to the ongoing global pandemic it was turned into a virtual online conference. The sessions began at 7:30 AM London time (2:30 AM in Waterloo, eek !) but I listened to the whole event from start to finish.

The conference covered revenue assurance, fraud management, cybersecurity, billing accuracy, enterprise risk management, margin optimization, cost management and other kinds of business assurance.

Revenue Assurance is a broad topic that can cover many issues in a telecom business. Many of the presentations highlighted the growth and evolution of revenue assurance from a simple audit type function to informal analytics to entire ecosystem tracking. RA professionals can not only increase the top line by preventing revenue leakage but also improve bottom line profits and cash flows, all without dampening demand. In fact
it can be said that business assurance is the only function that assures profit as it has the data to measure costs on a customer basis.

The near future for RA would be to embrace emerging technology such as Machine Learning and other for automating more and more processes. The skills of RA professionals in telecom will also find their way into other industries such as Finance, Utilities , Consumer and Tech.

There were discussions on the blockchain for telecom as well as specifically for battling Wangiri one-ring fraud. Other fraud management schemes such as STIR/SHAKEN, A&B # Handshake, and Seismic were discussed.

One of my favourite lines I heard today, reminded me of my sales philosophy with my own customers. “Trust is the biggest thing; it is about the relationship, it is not a transaction”. It was said in a discussion of RA working with internal partners such as network but it really did remind me of why I love my business and serving my customers.

Those are just some of the over-arching themes from over ten hours of superb content. If you missed it and are interested , some of the videos will be posted on the RAG website here.

Better yet, get yourself out of bed at 2:30 AM tomorrow and catch Day 2 of the conference live. That way you can participate in the Q & A sessions ! I am looking forward to it myself.