TaCode Tuesdays: Fraud Control in Voice and SMS Applications [Part 2]
Welcome back to TaCode Tuesdays! This is the only place you can find snippets of code for use in your very own text/voice apps, along with a weekly dose of taco puns. I’m a developer here at Zang and not only am I a big fan of tacos (if that wasn’t already apparent), I’m also a fan of open source. My goal is to share a new app idea each week that you’re free to use “as is” or modify and use as the basis for your next app
Last week, I started to talk about Fraud Control within your own iOS SMS and voice apps—you can check out Part 1 here and as always, if you’d like to learn how to get started on Zang, take a look at our very first post
Anyways let’s get get right back to it—we’re picking up after step 2, where I detailed how to setup your ATS (App Transport Security) enabled networking code.
3. Setup your RESTful API call
3.1 Create a Swift method for HTTP ‘POST’ using ‘NSURLSession’.
‘NSURLConnection’ was already deprecated in iOS 9 and has been replaced by ‘NSURLSessionDataTask [[NSURLSession sharedSession] dataTaskWithURL:completionHandler: NSURLResponse. Note that NSError’ is not required if you target iOS 8.
strong>3.2 Below is the expected result of a successful web service call to Zang ‘Block destination’ API
Other than this, you can also code your application to have an outbound call threshold upon reaching a certain monthly spend. The threshold can be in a form of an alert wherein an in-app notification or an email can be sent informing the customer that their account is close to consuming its full credit line. Outbound calls can also be automatically cut once the pre-defined threshold has been reached. But this is another topic for a future blog.
Hardening network security through voice and data firewalls, penetration testing, and adoption of industry standards in security is our last recommendation to protect your voice and SMS applications from fraud
Voice firewalls logs monitor and control all inbound and outbound activities on a per call basis through a call access control (CAC) that is user-defined. Through this solution, data and network penetration, attacks on telephony systems and other infrastructure, unauthorized internet sessions, long distance abuse, and other forms of line disruption can be prevented. The diagram below shows how this is implemented.
Figure 1: Network Architecture – Voice and Data Firewall
This network architecture shows how Voice and Data firewall can be implemented together with Zang PaaS to securely run a voice and messaging application – or any application for that matter which makes use of Zang APIs. Essentially, the Voice and Data firewall works as an additional layer of protection to perform real-time security for voice/unified communications (UC) and modem connection backdoors through unsecured phone lines. According to Gartner 2016 magic quadrants, industry leaders in Voice firewalls are: AhnLab, Check Point Software Technologies, Cisco, and Dell SonicWALL.
Protection is Crucial
Protecting voice and messaging applications from fraud can be challenging most especially at the age of cloud computing. There are generally three ways to secure your systems and applications: through PBX, trunk line, and network hardening. Some of the safeguards can be acquired from PaaS or software as a service (SaaS) offerings such as network and data firewalls; but some security measures have to be native to your application, like block listing or white listing through certain APIs like those offered by Zang. Another thing that you can do is establish secure application business rules like preventing calls from premium numbers and disallowing switch-to-switch voice mail transfer. Regardless of the method, it’s crucial that you take the steps to protect your voice and SMS applications from fraud.
Well, that’s it for now! If you have any thoughts about the app or just want to share your own taco-related thoughts, you can comment below. I’ll be back in TWO weeks with another installment of TaCode Tuesday.