ITSPA Spring Workshop on WebRTC and Fraud

ITSPA’s Spring Workshop, sponsored by Genband, on WebRTC and fraud took place on Wednesday at the office of Charles Russell Speechlys LLP.

forum

The well-attended event began with an introduction to WebRTC and its advantages from David Tubb, Director of Technology EMEA at Genband, and also Genband’s Nuvia and Kandy plaforms. This was then followed by an introduction to Genband’s Summer of Apps Competition, a contest exclusively for ITSPA members. Please see the story on A lively panel session then took place, Chaired by ITSPA Council member Trefor Davies, and featuring David Tubb (Genband) , Peter Dunkley (Technical Director – Acision), Rob Pickering (CEO – ipcortex) and Matthew Hodgson (technical co-founder – Matrix.org). The panel covered a range of issues related to WebRTC and took a number of questions from the audience. Particular focus was spent on the issue of how WebRTC as a technology can be monetised and also whether its rise would spell the end of traditional voice communications. There was widespread agreement amongst the panel that WebRTC was the future (if not already the present), with it being noted that Google Hangouts switched to the technology roughly eight months ago, and it being considered only a matter of time before Microsoft rolled out the technology widely. However, it became apparent that it was unclear as to how WebRTC would affect the traditional telecoms market, with some attendees and panelists suggesting that traditional telephony technologies will still dominate for some time.

The event then moved onto its second part focused on telephony fraud. This session began with a brief introduction from David Cargill, Chair of ITSPA’s Operations Group, on the trade association’s recent work on this topic. Martin John from AQL then provided a summary of the mechanics behind international shared revenue fraud – a summary article to accompany the presentation he gave on Wednesday is available here. A live demonstration of a PBX being hacked using SIPVicious (a set of tools supported by Google which is intended to be used to test SIP based VoIP systems) then followed. Attendees were surprised by the ease and speed at which the hack took place, with questions following as to whether Google’s backing from the tool should be removed. However, there was widespread agreement that it would be better for the industry if the tool remained available. A summary of the methods that can be employed to protect systems from hacks, including geoblocking, encryption and alphanumeric passwords. The session then concluded with David Cargill providing a brief overview of ITSPA’s guide to reporting fraud – please see the separate section in the update for a full summary of this document. There was widespread agreement amongst attendees that more could be done within the ITSPA community to tackle the issue of telephony fraud, with an increased focus on UK and EU lobbying being one potential path to pursue.  Additionally it was suggested that a review of the current payment mechanism was needed and that ITSPA could work to develop a real-time IP address block list, as often these lists are out-of-date. These possible follow up activities will be discussed on the next Operations Group call.