Please enable JavaScript.

Coggle requires JavaScript to display documents.

VOIP BUSINESS, HOW DOES IT WORK?, . - Coggle Diagram

- - - - VoIP codecs are important because they allow high-quality voice calling to be conducted without using a huge amount of bandwidth. This means a home user can make long-distance calls even if their internet connection is slow. It also means business users can run lots of VoIP lines for a contact center on one connection.
    - - G.711
        
        ITU introduced this codec in 1972 for digital telephony use. It has 2 variants, u-Law in the US and Japan, and A-Law in Europe. Both being the default standard in each respective country.
      - G.722
        
        G.722 was approved by the ITU in 1988, and its technology is based on SB-ADPCM. It offers improved speech quality when compared to G.711 and sample data uses 14 bits.
      - G.729
        
        This codec has low requirements on the bandwidth front and also offers good audio quality. It encodes the audio in frames, with each frame being 10 milliseconds. Each frame contains eighty audio samples. It’s bitrate for one direction is 8kbit/s.
      - G.723.1
        
        There are 2 variants of this and both operate on 30 millisecond audio frames, but they operate of different algorithms.
        
        The first variant has a bitrate of 6.4kbit/s, and rates a 3.9 on the MOS. The second variant has a bitrate of 5.3kbit/s and rates a 3.7 on the MOS. As far as encoded frames go, the first is 24 bytes long, and the latter 20.
      - GSM 06.10
        
        This is also referred to as GSM Full Rate. It was designed by the ETSI (European Telecommunications Standards Institute for use by GSM mobile networks. This variation can be used freely, so it tends to be an incredibly common option in open source VoIP apps. It operates on audio frames of 20 milliseconds, which is 160 samples. Each frame is compressed to 33 bytes, with the resultant bitrate coming out at 13kbit/s.
      - Speex
        
        This open source codec is patent free. It was designed to work with 8kHz, 16kHz, and 32kHz sampling rates. The most popular choice for VoIP use is 8kHz.
      - Siren
        
        çThis open source codec is patent free. It was designed to work with 8kHz, 16kHz, and 32kHz sampling rates. The most popular choice for VoIP use is 8kHz.
    - - G.722 is for HD audio calls and is open-source. Usually included with every IP phone and most softphones.
      - G.711/u is the North American standard and is the most widely used codec, default and standard in any IP device.
      - G.729 is a compressed codec using about 1/3 the bandwidth of a standard G.711 codec. Useful when on a mobile app or when connecting over a long geographical distance to cut down on audio issues due to lag. Recently open-sourced.
      - G.711/a is the European equivalent of the G.711-u and is their standard codec. Also available in any IP device.
      - the quality of the codec will determine how clearly the voice signal can be replicated. the more compact a codec is, the greater likelihood that there will be a significant discrepancy in how the voice originally sounded and how it is reproduced at the other end. Good codecs try and maximize the voice quality for a specific bandwidth requirement.
      - When two SIP providers communicate with each other, they can negotiate and determine which codec is to be used. This freedom is available because transmission over the Internet can take place via any number of different codecs. However, the traditional PSTN system does not possess this flexibility. It is a standardized algorithm known as G.711. It employs no compression techniques and has been used in regular telephone lines for decades. When a VoIP system needs to communicate with the PSTN network, all communication has to finally drop down to G.711. This is because the PSTN system knows nothing else and as long as a large number of people still use it, VoIP has to play by the old rules.
  - - - GOALS OF IGRP .
        
        Stable routing even in very large or complex networks. No routing loops should occur, even as transients.
        
        Fast response to changes in network topology.
        
        Low overhead. That is, IGRP itself should not use more bandwidth than what is actually needed for its task.
        
        Splitting traffic among several parallel routes when they are of roughly equal desirability.
        
        Taking into account error rates and level of traffic on different paths.
  - - - The idea of the Do Not Originate Registry was to combat spoofers who impersonate legit numbers from government or private institutions. A robocall is an automated dialer that delivers pre-recorded messages rather than a live conversation. Mostly, these robocalls can be infuriating as they deliver unwanted, irritative messages. Combating robocalls have taken a new twist with the entry of various government agencies and organizations.
  - - - Sends the data and check whether it is sent or not
    - - Send the data. it is faster. Mostly used in games. not safe.
- - - - Fake Call Transfers
        
        The hacker typically operates their VoIP service in a different nation. The compromised PBX is used when a user of the fraudulent service places a call to a country outside of their own.
      - Revenue Sharing Plans
        
        Usually, this kind of fraud uses high-priced phone numbers. For some services, calling this kind of number will cost you more. Hackers will set up phony businesses to buy these premium phone numbers. They can fictitiously increase call volume to these numbers to profit from a percentage of the call fee. why and how does it good or bad
      - Wangiri
        
        The fraudster makes massive calls to mobile subscribers
        The call is dropped after some ring tones, one of the VoIP phone scams. The targeted consumer will receive a missed call with a fake CLI and will not be able to pick up. This CLI is associated with a Premium Rate Service, typically a local number. The targeted customer will typically hear an adult-oriented recording when he phones back this numbeFAS (False Answer Supervision)
        When a call hasn’t been established, a member in the traffic flow chain transmits a false signal showing that a call has been established. Calls are billed as completed even when not connected, and the calling party is charged for call setup time (early response, dead air, artificial reply, etc.). Additionally, calls are billed for call duration even when the called party cannot be reached.
        
        Hangi regionda çıkar ortaya
        
        Flash Calls
        
        flash calling passively connects users with passwords by simply dialing their number and cutting the line. No one needs to answer the call – the receiver’s phone just needs to use the last four digits of the inbound number and apply it as a verification code. It is used when a mobile user is registering for a service, installing an app, or doing anything that requires them to provide a valid mobile phone number to complete the process. OTP One Time Password
      - TYPES of Fraud Calls
      - Other Types
        
        stir / shaken
        
        Criminals and unscrupulous robocallers often alter or spoof the calling number of their outbound telephone calls in order to deceive the called party. This deception can be as simple as changing the calling number so it appears that a neighbor is calling.
        
        This deception increases the chance that the called party will answer a robocall. In other cases, the deception may be more malicious, such as a fraudster impersonating an IRS agent in order to steal a tax refund. This practice of altering the calling number of a telephone call is known as spoofing.
        
        STIR/SHAKEN uses digital certificates, based on common public key cryptography techniques, to ensure the calling number of a telephone call is secure. In simple terms, each telephone service provider obtains their digital certificate from a certificate authority who is trusted by other telephone service providers. The certificate technology enables the called party to verify that the calling number is accurate and has not been spoofed.
        
        The STIR system aims to add information to the SIP headers that allow the endpoints along the system to positively identify the origin of the data. This does not directly prevent the ability for a robocaller to spoof a caller ID, but it does allow upstream points to decide whether or not to trust that ID.
        
        STIR is based on SIP and is designed to work with calls being routed through a VoIP network. It does not work within the "original" telephony network, which relies on standards such as SS7 to route calls. VoIP calls enter the network at the "edge" through a variety of VoIP-to-telephony gateways, and they can receive STIR information at that point or anywhere earlier during the VoIP section of the call. But once inside the telephony network there is no standard for forwarding that STIR information to the end user.
        
        Caller ID spoofing is the act of maliciously faking the caller ID on a phone call. This is usually to increase the chances of the person being called answering the call and to take advantage of them in some way, perhaps to defraud them. For example, a bad actor may spoof the caller ID to be a number in the local area code of the person being called. This is distinct from changing the caller ID for legitimate reasons, for example if a call center is making a call on behalf of a business and is presenting the caller ID of the business.
        At a high level, STIR provides the ability within SIP to authenticate caller ID, and SHAKEN defines the end-to-end architecture to implement caller ID authentication using STIR in the telephone network.
  - - - CLI Spoofing is the practice of disguising the identity of a call by indicating to the receiver that the call has originated from a station other than the true originating station. a corrupt carrier in the call chain hijacks a call and disguises it as local or some other form of low-cost traffic by changing the Call Line Identity (CLI, or commonly known as the Caller ID).
        
        That carrier pays the low rate for the disguised traffic, thereby increasing their profit margins. The person receiving the call sees a number other than the true number that's calling them. scammers spoofing phone numbers understand that due to the number substitution, the Answer-Seizure Ratio (ASR), or the number of suc. calls that are answered, drops because people are reluctant to answer a call from an unknown number. But at the end of the day, they still earn enormous profits.
        
        Where there are profits, there is always fraud. Fraudsters quickly realized that the drastic rate differences under the OBR model in the EU offered prime conditions for CLI Spoofing.
        The telecommunications industry now has the technology to stop spoofed calls, for good. The key to mitigating this fraud scheme lies in the simple but profound concept of cross validating call details before a call connects. xconnect number validation is the key.
  - - - OTP-BASED IRSF
        
        Step 3: The provider forwards the request to a carrier. This request is necessary as multiple network providers in the region are involved before the OTP can reach the intended consumer.
        
        Step 4: A compromised carrier, colluding with an attacker, forwards the request to an IPR number instead of the intended recipient.
        
        Step 2: The consumer-facing business forwards the OTP request to a cloud communication provider.
        
        Step 5: ‘Terminating’ a call on an IPR number is expensive; and ultimately it is the consumer-facing business that must absorb the losses.
        
        Step 1: An attacker initiates a manual or a scripted attack on a webpage to trigger voice- or SMS-based OTPs. Depending on the returns, attackers can opt for high-volume attacks or low-and-slow attacks
        
        Step 6: Attackers earn huge profits from their share of the fraud, usually $1 or more per transaction.
      - the numbers used in IRSF do not belong to the national numbering plan, detecting them becomes even more difficult.
- - - - They can do nothing and risk an existential threat to their business, they can block high risk voice traffic and potentially lose some market share, or they can carry traffic and accurately charge according to any surcharges that apply. Clearly, doing nothing is not an option.Blocking high risk traffic offers a quick solution to OBR management, but ultimately any carrier looking to optimise their business for the long term must be able to correctly identify and manage the traffic subject to OBR. If left unchecked, carriers will see negative margins and lose time and resource to disputes with other carriers
  - - - Origin Based Rating (OBR) started about 3 years ago, in Europe in order to bridge the difference in pricing between calls terminating in EU region and calls originating in EU for the rest of the world.
    - - at first in Europe, with the initial goal of bridging the pricing differential between calls originating and terminating in the EU region and those originating in the EU but terminating elsewhere in the world. Regulators had mandated lower prices for call termination in response to which European carriers built a surcharge model based on origination for fixed and mobile calls. Initially, the model was based on identifying origination groups composed of mainly non-European countries, but this expanded to include the segregation of missing or non-identified calls too, in short order.
        
        WHY? TO AVOID TAX SCAMMING. reversed VAT. Started in England. England saw that there was a fraud. The Queen said, the VAT amount should be defined in the invoices. The tax should be paid as well. After this, if you are an European operator, you may pay your tax according to OBR.
- - - - DID
        
        Direct Inward Dialing (DID) is a telephone service that enables incoming calls to ring through to a specific phone instead of going to a menu. ITFS also enables incoming calls to bypass a menu and go directly to a phone.
        However, the calling party is usually charged a local fee when calling a DID number. Calls to an ITFS number, on the other hand, are completely free of charge.
      - The format of ITFS numbers signals to callers that the phone number can be dialed for free. Depending on the country of origination, international toll free service numbers usually start with 800, 0800, or 1800.