Call centers, no matter if they are in-house or out-sourced, in-bound or out-bound, are popular targets for fraudsters. Not only is the agent at risk of sharing customer information, but the fraudster ties up the call center resources e.g. staff, or network capacity with non-productive (and risky) calls. Also, the call center’s toll free number that allows fraudsters unlimited, free call attempts does not help. Agent training is valuable, but with fraudsters becoming increasing creative and structured, technology that helps combat fraudulent attempts can drastically mitigate the risk to the call centre.
An Oracle Security Shield (OCSS) deployment includes an Oracle or third party SBC, an Oracle Session Router (SR) in the case of a third party SBC, the Cloud Communication Service (CCS), and the Oracle Security Shield (OCSS) subscription. The Oracle Cloud Infrastructure hosts the Security Shield service, along with other components that the OCSS uses for operations such as the dashboard, analytics, phone intelligence look-ups, the data store, and other services. The Cloud Communications Service (CCS) and the SBC reside on-premises. The SR and the CCS is software that can be loaded on a VM. The SBC can be a virtual/soft SBC, or a dedicated hardware appliance.
The following diagram shows the components in an OCSS deployment – Oracle SBC topology shown.
The SBC serves as the entry point for calls and acts as the enforcement point for implementing the actions that the OCSS instructs. The SBC also reports the end of a call, the reason for termination, and call timers, which the OCSS uses for reputation assessment and threat detection.
The Cloud Communication Service (CCS) establishes a secure ground-to-cloud tunnel for on-premises OCSS components to communicate with OCSS components in the Oracle Cloud Infrastructure.
The OCSS service hosts the Web GUI, which displays tabs where you can configure, manage, and maintain the service.
The OCSS applies rules, provides call behavior analytics, sends the enforcement actions to the SBC. The OCSS combines various sources of information to instruct the SBC about which actions to perform on a call. The OCSS service works predominantly pre-answer, but also supports post-answer control. The enforcement actions, which you can specify, can include actions such as allowing, blocking, and redirecting the call to a different destination.
The OCSSC service also integrates the Data Analytics Cloud Service, which is a combination of multiple services designed to perform advanced analytics. The Data Analytics Cloud Service stores SIP INVITE messages and policy results in a data lake for analytics for a limited period of time.
The SBC sends a REST API request to the Security Shield Cloud service for each new call attempt on a realm configured for the OCSS service. In the API calls, the SBC sends specific data from the INVITE and BYE to the OCSS. The OCSS runs a series of verifications on number plan information and performs look-ups for information to determine the reputation score and enforcement action. The OCSS service also uses random response codes (from a list of valid ones) to obfuscate the actual reason for blocking a call. The OCSS communicates the enforcement action to the SBC, which applies the action to the call.