Chances are you’ve received several flash calls this week when registering for a new app or verifying a transaction. Flash calls are almost instantly dropped calls that deliver one-time passcodes to users, verifying their phone numbers and actions. Many prominent apps and companies, such as Viber, Telegram, WhatsApp, and TikTok, use flash calls as a cheaper, faster, and more user-friendly alternative to application-to-person SMS.

With the flash call volume expected to increase 25-fold from 2022 to 2026, from five to 130 billion, it’s no wonder they’re a hot topic in the telecom industry.

But what’s the problem, you may ask?

The problem is that there is currently no way for operators to bill zero-duration calls. This means operators don’t make any termination revenue from flash calls, which overload networks. What’s more, operators lose SMS termination revenues as businesses switch to flash calls. SMS business messaging accounts for up to five percent of total operator-billed revenue in 2021, so you can see the scale of potential revenue losses for operators. 

In this article, I’ll discuss why flash calls are on the rise, why it’s difficult to detect and monetize them, and what operators can do about this.

Why are flash calls overtaking SMS passcodes?

Previously, application-to-person SMS was a popular way to deliver one-time passwords. But enterprises and communication service providers are increasingly switching to flash calls because they have several disruptive advantages over SMS.

First and foremost, flash calls are considerably cheaper than SMS, sometimes costing up to eight times less. Cost of delivery is, of course, a prime concern for apps and enterprises.

Second, flash calls ensure smooth user interaction, which boosts user satisfaction and retention. On Androids, mobile apps automatically extract flash call passcodes. This makes the two-factor authentication process fast and frictionless. In comparison, SMS passcodes require users to read the SMS and sometimes insert the code manually.

Third, on average flash calls reach users within 15 seconds, while SMS sometimes take 20 seconds or longer. The delivery speed of flash calls also improves the user experience.

The problem: Flash calls erode operators’ SMS revenues

While offering notable advantages for apps, flash call service providers, and end users, flash calls create numerous challenges for operators and transit carriers.

As we discussed before, flash calls erode operators’ SMS revenues because much of the new flash call traffic will be shifted away from current SMS business messaging. The issue is only going to become more pressing as the volume of flash calls grows.

So from the operator’s standpoint, flash calls reduce revenue, disrupt relations with interconnect partners, and overload networks. However, there is still no industry consensus on how to handle flash calls: block them like spam and fraudulent traffic or find a monetization model for this verification channel, like for application-to-person SMS.

Accurate detection of flash calls is a challenge

The first crucial step that gives operators the upper hand is accurately detecting flash calls.

This is difficult because operators have no way of discerning legitimate verification flash calls from fraud schemes that rely on drop calls, such as wangiri. The wangiri fraud scheme uses instantly dropped calls to trick users into calling back premium rate numbers. In addition, flash calls need to be distinguished from genuine missed calls placed by customers.

The problem is that even advanced AI-powered fraud management systems struggle to accurately differentiate between various zero-duration calls. The task requires AI engines to be trained on large volumes of relevant traffic coupled with analysis of hundreds of specific call parameters.

Dedicated anti-fraud solutions are the answer

There are only a few solutions on the market that are capable of accurately distinguishing flash calls from other zero-duration calls. Dedicated fraud management vendors have made progress on this difficult task.

The highest accuracy of flash call detection now available on the market is 99.92 percent. Such tools allow operators to precisely determine the ranges from which flash calls are sent. As a result, operators can make an informed decision on how to treat flash calls to maximize revenue and can proactively negotiate with flash call providers.

Flash call detection creates new opportunities

Our team estimates that flash calls make up to four percent of Tier one operators’ international voice traffic. Without accurate detection and a billing strategy, this portion of traffic overloads operators’ networks and offers no revenue. However, with proper detection flash calls offer a new business opportunity.

Now is a crucial time for operators to start implementing flash call detection into their system and capitalize on the trend.

There are a few anti-fraud solutions on the market that give operators all the necessary information to negotiate a billing agreement with a flash call provider. Once an agreement has been reached, all flash calls coming from this provider will be monetized, much like SMS.

All flash calls not covered by agreements can be blocked automatically. This will help to restore SMS revenues. Once a flash call has been blocked, subscribers will most likely receive an SMS passcode sent as a fallback.

Moreover, modern solutions don’t affect any legitimate traffic because they only block selected ranges. This also helps to prevent revenue loss.

Essentially, the choice of how to handle flash calls comes down to each operator. However, without a powerful anti-fraud solution capable of accurately detecting flash calls in real time, it’s nearly impossible to monetize flash calls effectively and develop a billing strategy.

Dmitry Sumin is the Head of Products at the AB Handshake Corporation. He has more than 15 years of experience in international roaming, interconnect and fraud management. Since graduating from Moscow State University, he has worked for both vendors and network operators in the MVNO and telecommunications market. This piece is exclusive to Broadband Breakfast.

Broadband Breakfast accepts commentary from informed observers of the broadband scene. Please send pieces to commentary@breakfast.media. The views reflected in Expert Opinion pieces do not necessarily reflect the views of Broadband Breakfast and Breakfast Media LLC.

WASHINGTON, November 21, 2022 – The Federal Communications Commission on Monday took another step to combat telephone spammers by ruling that straight-to-voicemail robocalls are “call(s)” under the 1991 Telephone Consumer Protection Act and will be subject to the law’s consumer protections.

According to the TCPA, before any call using an automatic dialing system or artificial or prerecorded voice is made to a wireless number, the recipient must provide affirmative consent. In 2017, All About the Message – the owner of a proprietary ringless, straight-to-voicemail calling software – petitioned the FCC to allow its software to operate outside of TCPA’s constraints. After the FCC received more than 8,000 comments and replies on the matter, nearly all opposing the petition, All About the Message sought to withdraw its request.

The FCC pushed forward, nonetheless. “Because the Petition drew substantial attention from commenters and members of Congress, and the applicability of the TCPA to ringless voicemail technology has been the subject of considerable recent litigation,” Monday’s ruling read, “We believe this declaratory ruling is necessary to resolve a controversy and remove uncertainty about ringless voicemail.”

“Imagine finding robocallers leaving junk voicemails on your phone without it ever having rung.” said FCC ChairwomanJessica Rosenworcel. “It’s annoying and it’s happening to too many of us.  Today we’re taking action to ensure these deceptive practices don’t find a way around our robocall rules and into consumers’ inboxes.”

The FCC’s ruling follows an anti-robocall notice of inquiry the agency approved last month. The commission is exploring how best to crack down on illegal robocalls occurring over non–internet protocol networks, which are technologically incompatible with the prevailing STIR/SHAKEN protocol.

WASHINGTON, October 25, 2022 – The effectiveness of the Federal Communications Commission’s robocall framework will not see its full potential until all carriers are captured by the framework, said submissions to the agency, which urged the commission to encourage carriers to move to the internet protocol and to not grant any additional time to adopt the framework for those carriers.

The commission is seeking comments about whether the STIR/SHAKEN – Secure Telephone Identity Revisited and Signature-based Handling of Asserted Information Using toKENs – framework is effective and if deadline extensions for participation should be afforded to those not currently under the framework.

The framework is designed to combat illegal robocalls and spoof calls, that deliberately falsify the information transmitted to caller ID to disguise their identity to the end user.

The framework allows for authentication and verification of caller ID information for calls carried over the Internet Protocol network. The originating carrier shares what it knows about a caller ID to the terminating provider by signing them with an encrypted attestation level – A, B, and C – that represents whether the provider can confirm the identity of the caller, confirm the phone number, or that the call originated elsewhere.

But submissions to the FCC said the framework is ineffective because some carriers have not adopted a move to the IP network, which the framework requires to communicate attestation levels.

NCTA, TransNexus, Neustar and others weigh in

“Continuing the transition to IP and broadening the adoption of STIR/SHAKEN are essential to the framework’s further success,” read comments submitted by industry association NCTA – the Internet and Television Association.

“This is no fault of the framework,” added voice-over IP company TransNexus in its comment, indicating that the failure results from its ineffective use within the U.S. telephone network, adding the lack of transition to IP has hindered the framework’s widespread adoption.

NCTA further suggested that the commission measure how the lack of progress in the IP transition has and will continue to limit STIR/SHAKEN’s effectiveness in achieving its full intended benefits. Doing so, it claimed, would provide the commission insight into next steps to broaden the impact and adoption of the framework.

Not only does IP adoption hinder its progress, but so does “inconsistent” STIR/SHAKEN implementation among service providers, said telecom analytics company Neustar in its comments. Providers do not appropriately apply attestation.

Neustar, USTelecom, and the American Bankers Association alike indicated concern that some calls are given authentication levels that they are unqualified to receive while others, namely legitimate calls from banks, receive lesser attestations that hinder their business.

“In the most egregious cases, originating providers are using A-level attestations for clearly spoofed calls, which makes it more difficult for analytics tools to separate good calls from bad calls,” said Neustar, urging the FCC to encourage providers to properly apply attestation by following Alliance for Telecommunications Industry Solutions specifications for attestations.

Extensions to abide by framework

By congressional direction, the FCC required providers to implement this technology in their IP networks by June of 2021, except in the case of extensions for applicable parties, namely small businesses that face “undue” burden in adopting the framework.

In May of 2021, the commission unanimously voted to shorten its previous deadline by which small voice service providers must become STIR/SHAKEN compliant. But in December, it ruled that non-facilities-based carriers must abide by the earlier deadline of June 2022 because they originated an “increasing quantity” of illegal robocalls, while facilities-based carriers had the additional year until June 2023 to adopt.

As part of its request for comments, the FCC asked for consideration on implementation of further deadline extensions to applicable parties in adopting the STIR/SHAKEN framework. Commenters agreed almost universally that the effectiveness of the system depends on the widespread adoption of the framework and rejected the possibility of extending the deadline.

Telecommunications company Transaction Network Services argued that the extension should be allowed to expire as planned because the true potential of the framework is only realized when all or virtually all voice service providers utilize it.

Last year, the FCC handed record-setting fines to Texas telemarketers and issued numerous cease-and-desist letters to providers that appeared to be complicit with spoof calling. Earlier this month, the FCC proposed that seven voice service providers be removed from receiving call traffic after violating the STIR/SHAKEN framework. Removing these service providers would require all other providers to ease carrying the offending provider’s traffic.

In September, the FCC requested comments on a proposed rule to apply the framework’s caller ID standards to text messaging.