Safety First: Three measures we use to protect your telephony

In this second part of the Safety first series, colleague Sanne talks more about our fraud detection system and how we fend off DDoS attacks.

Profile picture of Sanne Bakker
Sanne Bakker
12 January 2024
Clock 6 min

At Voys we do everything we can to protect your telephony and ensure that you can call with your customers without worries. We did that with our Bug Bounty-program, which we shared about earlier. In the second part of this series, I will tell you more about our fraud detection system, how we prevent DDoS-attacks, and why we stress test our servers every 6 months.

And that’s not everything. I will also share some tips on what you can do yourself to keep frauds away. 

1. The fraud detection system

No worries, luckily it very rarely happens that a VoIP-account of a trunk gets hacked. In the unlikely event that it happens, it’s important to address it as soon as possible. In most fraud cases extremely many calls are being set up to national service numbers and international phone numbers. This is likely something you won’t notice yourself, and as a result, excessive international call charges are incurred unnoticed. This way the cost items ‘national service number’ and ‘international calls’ on your bill will quickly run high. This we want to avoid.

We got your back with our fraud detection system

If our fraud detection system suspects that your VoIP-account or trunk is being hacked, we will deactivate the options of ‘national service numbers’ and ‘calling internationally’ with immediate effect. This way we limit the potential high call charges. In the meantime you can call national phone numbers as normal. If we suspect fraud and we deactivated service numbers and international numbers, we will immediately let you know. We will then also provide some tips on how you can keep your account or trunk secure. 

VoIP-account versus trunk: these are the differences

Our fraud detection system works for both VoIP-accounts and trunks. What exactly is the difference between those two? A VoIP-account supports two phone lines simultaneously, while a trunk can support up to 40 phone lines simultaneously. This means that when you have a VoIP-account, you can have a maximum of two conversations going at the same time, while with a trunk account you can have up to 40. This means that a trunk account is much more attractive to frauds. Just imagine 40 international phone calls made through your trunk, that increases costs quite a bit. 

This is how you can prevent call fraud yourself

Obviously, we secure Freedom as best we possibly can. For a trunk in which you make use of your own telephony system, you are responsible for security. 

If you make use of a VoIP-account or a trunk, this is what you can do yourself to avoid giving fraudsters free reins. 

  1. Don’t share any sensitive data, such as passwords, through emails. 
  2. Use a password manager to safely store all your passwords. 
  3. Use different usernames and passwords for different platforms and change them regularly. 
  4. Change your router’s factory settings. 
  5. Use two-factor authentication (2FA).
  6. Deactivate the option to call internationally when you’re barely or not at all using this.

Do you have any questions about our fraud detections system or do you want to know more about what you can do yourself to secure your VoIP-account or trunk? Feel free to contact us

2. Preventing DDoS-attacks

You’ve probably seen it in the news: organizations affected by a DDoS-attack. In a DDoS-attack a system gets overloaded with extreme amounts of data traffic. The amount of traffic is too much for the system to handle. The consequence is that the services don’t or barely work. 

If this were to happen at Voys, such an attack could result in no or little ability to make or receive calls, faltering calls or not being able to log in to Freedom to for example route your telephony to voicemail with the Temporary Redirect. These are all scenarios that don’t make us happy and that we’d rather prevent. That is why we have set up a system that allows us to fend off DDoS-attacks. 

This is how we protect Freedom against DDoS-attacks

The Freedom platform is protected against DDoS-attacks. Should there be an attack on our system, you can continue calling as normal. This is why: if we detect something suspicious, for example that there all of a sudden is a lot of traffic on our platform, the alarm goes off. 

We make sure that we can distinguish between the real and the fraudulent traffic. We label your phone conversation with your customer as authentic, therefore it is simply processed by the platform. We filter out the suspicious or fraudulent traffic which means it is not processed through the platform. This keeps freedom active and allows all authentic traffic to pass through.

3. Stress testing our servers

All phone calls that go through the Voys platform are processed through servers. If there’s a lack of space on the server because too many calls are held at the same time? Then this can make the bucket overflow. The consequences? Calls that don’t come through or are faltering. That’s the last thing we want. 

By default, we use servers in different locations. We distribute all incoming phone traffic across these locations. Why? If the server at one location goes down, for whatever reason, the traffic is taken up by the servers at the other locations. You can think of it as a backup. This is a good method in theory, but we need to verify that it works that way in practice. 

Extra backup

For extra backup, we do a Half Capacity Test every 6 months. With this test we check whether one location can handle all the phone traffic. This way we can proactively upscale if necessary and know that our backup-plan actually does work as a backup. 

Currently, we run the tests manually once every 6 months. In addition to doing the checks, we are increasingly automating them. This allows us to automatically increase capacity when space shortages are detected during a test. 

No impact on your telephony

As our customer, you won’t notice anything of the stress tests that we are doing. During a test we oversee everything very carefully. Is one location’s capacity threatening to being unable to handle the amount of traffic? If that’s the case, we turn everything back to multiple locations before you’re inconvenienced. This is an immediate signal for us to scale up the capacity of that location. This way you will always be available, even if the servers of one location are down. 

Business accessibility without worries

You don’t want to be worried about your business being perfectly accessible. And you don’t have to, because we do it for you. Now you know what we do behind the scenes to ensure that you can make great calls. Do you have any questions about this or want to know what else we do to protect your telephony? Then don’t hesitate to contact us

Next up: this is how to ensure a suitable VoIP network

In the next and last blog of this Safety First-series, my colleague Ritske will tell you more about a suitable VoIP-network and its technical specifications. Stay tuned!

More stories to read

On our blog we post about a lot of stuff, just go for it and read some posts for your own fun.

Go to the blog
On-premise AI: safeguarding privacy in voicemail transcriptions

from 12 September 2024

On-premise AI: safeguarding privacy in voicemail transcriptions

Read more Arrow right
Accessibility: this is how we make our products accessible to customers with disabilities

from 16 August 2024

Accessibility: this is how we make our products accessible to customers with disabilities

Read more Arrow right