Industry News & Thought Leadership

As we discussed in our last blog, the time for Network Authentication is now.

MNOs are the only source for trusted network authentication signals for mobile users, and this data is extremely valuable to enterprises trying to protect their consumers from fraud while not negatively impacting the consumer experience.

So, you’re ready to start monetizing your network data.  Now what?

Looking Beyond CAMARA

GSMA Open Gateway is a global framework of common network APIs that simplifies access to mobile operator networks. The Open Gateway northbound service APIs are defined within the CAMARA project.

CAMARA is an open-source project within the Linux Foundation that defines, develops, and tests telco APIs. It works in close collaboration with the GSMA Operator Platform Group to align API requirements and publish API definitions. 

While this is fantastic, we believe that currently only eight (8) of the “mature” CAMARA APIs are truly stable and know that just having APIs or an open gateway doesn’t deliver a network authentication business.

Beyond the APIs

There are three key elements for a successful network authentication business.

1. API & Monetization Platform  

The API Platform must allow carriers to manage pricing and access, not just process API calls. Access to the network information must be secure and not expose any PII (personally identifiable information), and the consumption of the information must be vetted and approved.

2. Network Integration

The API Platform must be securely and precisely integrated into a Carrier API platform and/or network elements, and unnecessary load must not be placed on the network. Only a handful of people worldwide know how to connect to an MNO network.  Our team has decades of experience doing just that, and with a low-code/no-code implementation, you can rest easy knowing that your network team won’t be overtaxed. 

3. Business Operations

Beyond a platform and integration, there are many other elements. Privacy. Security. Scalability. Data Consumption. Contracts. Aggregators. Pricing. Optimization. Maintenance. 24/7 Operation & Support. Each of these entails complexities, which must be carefully considered and addressed.

A Step Above

While other platforms exist in the market, none include all three elements for success or have the depth of experience in their personnel as we do at Shush.

Shush’s Sherlock platform supports all eight of the mature CAMARA APIs for authentication and fraud which we believe are stable, plus 39 others, including being the first platform to support silent authentication via TS.43 EAP-AKA.

Unlocking the code to TS.43, Sherlock is the first platform to establish a new, necessary standard for API Authentication, allowing WIFI coverage for silent authentication. This is a vast improvement and a significant change for the entire industry.

In addition to this monumental breakthrough, Shush delivers MNOs a “business-in-a-box” by providing and managing all components necessary for a successful and profitable network authentication business.

Shush will work with you to deploy the Sherlock platform without additional equipment and at no cost to you. 

Our seasoned telecom professionals will work with your existing network and leverage standard protocols to pull the proper network signals for this service, all in compliance with global data regulations. 

We use our 9-point privacy plan to align with you on all aspects of privacy. Our demand partner agreement templates care for the complexities of API transactions and the data exchanged (these are more involved than SMS agreements). We will review and approve use cases for each demand partner to ensure protected access to data for sanctioned use. 

Based on market trends and platform insights, we will provide ongoing recommendations for pricing optimization. We provide continuous maintenance and support for the platform and API traffic, both northbound to demand partners and southbound to your network.  Finally, with a revenue share model, we manage all the operations and send you a monthly check. 

Sounds too good to be true, but it's not!

Ready to get started? Fill out our contact form, email info@shush.pw, or message us on LinkedIn. We look forward to working with you!

The Value of Network Authentication for Enterprises

As we stated in our last blog post, the fraud landscape is constantly evolving with the increasing sophistication of criminals. This presents ongoing challenges for enterprises to protect their business and customers from nefarious actors.

Tides of Change

Around the world, there is a notable shift happening in how security and authentication are approached. Two-factor authentication has been a leading option to protect accounts for many years. It provides an extra layer of security by requiring users to provide two different forms of identification. This is often a password and a code (OTP or one-time password) sent to a user’s mobile device or email (shudder again!).

While effective for a long time, the tides are changing, and a wave of innovation in authentication is developing to keep pace with evolving threats. This is driven by the need to combat increasingly sophisticated fraud and deliver a more seamless user experience. In some areas of the world, financial institutions are encouraged to eliminate weak authentication methods, including SMS and email one-time passwords.

Security & Authentication

Network authentication via telco APIs becomes increasingly valuable as security and authentication methods change. It provides a more secure means of authentication by verifying user identity through their mobile network. This helps protect accounts from unauthorized access and evolving fraud techniques, safeguarding brands and their reputations in today’s digital world.

Network authentication is a foundational element of mobile operations, acting as a crucial barrier to verifying the identity of users and devices and preventing unauthorized access to a carrier network. Preventing unauthorized access reduces the attack surface and makes it more difficult for cybercriminals to exploit vulnerabilities.

In the interest of fraud prevention, most global regulations allow carriers to expose access to specific network elements for authentication to 3rd party enterprise applications, often with a simple update to privacy language and without explicit user consent. 

The key here is that access to the information must be secure and not expose any PII (personally identifiable information).

Value Beyond Security

Strengthening authentication practices is crucial for brands to ensure robust security and fraud prevention, and demonstrating a strong commitment to user data protection. It's not just about keeping the bad guys out and stopping fraud; it's also about showing customers you care about their data. When people know you're serious about protecting their info, they're more likely to trust you and feel good about sharing things online.

Let’s also discuss account access. Logins should be smooth and easy. Network authentication helps make that happen, providing seamless verification without requiring users to enter PINs or OTPs. Seriously, who has time for clunky logins and OTPs these days when everyone expects things to work instantly? Reducing friction is key to keeping people happy.

So what are you waiting for?

Still on the fence about Network authentication? It's a must-have for any brand wanting to keep things safe—think assets, customer info, the whole shebang. It's your primary defense against fraud; honestly, it makes your customers feel they can trust you. That trust? It builds loyalty. It's a win-win for your brand's good name and keeping people happy.

To learn more about how you can access this powerful data for your fraud prevention practices, fill out our contact form, email info@shush.pw, or message us on LinkedIn. 

The Value of Network Authentication for MNOs

Fraud & Cybercrime is the third largest global economy after the US and China. This is mind-blowing!

As we are all painfully aware, the fraud landscape is constantly evolving with increasing sophistication from criminals. This presents ongoing challenges for enterprises to protect their businesses and their customers from nefarious actors. On the flip side, it also opens the door to an opportunity for Mobile Network Operators to help. 

Global Shift

Global SMS revenues are declining, and SMS OTP volumes continue to drop year-over-year, being cannibalized by over-the-top providers (like WhatsApp), authenticator apps, and even email (shudder!). At the same time, fraud continues to rise, and enterprises are looking for more secure authentication methods that address increasingly sophisticated fraud without negatively impacting the customer experience. 

Meanwhile, a shift towards digital identity represents a significant business opportunity for MNOs to re-establish themselves as players within the digital ecosystem.

Where to Start

MNOs are uniquely positioned to provide better fraud prevention alternatives to enterprises, while adding a new revenue stream, but often lack the time, money, people, or market knowledge to deliver a robust network authorization solution.

Additionally, MNOs are unsure where to start with Network APIs. First, let’s define them.

Network APIs allow applications to send requests to network services via predefined endpoints within the network infrastructure to retrieve or manage the requested data, offering seamless integration between different services and applications.

There are only two types of Network APIs.  NaaS APIs used for enhanced communication services like edge computing, network slicing and Network Authentication APIs used for fraud prevention. 

Network Authentication is a Carrier service that passes network signals to Enterprise applications so they can assess whether a user still has control over their device. These unique and differentiated network signals include Silent Authentication, SIM Swap, Roaming, Port-Out, Device Status, and Account Status indicators. Enterprises that receive these real-time values then independently assess the risk of letting a user into a digital account. Major US Banks have been using Network Authentication services for years at scale to thwart mobile fraud.

The Time is Now for Network Authentication APIs

Market studies show that the value of network APIs will reach US$34 billion by 2030, with nearly half being attributed to Subscriber Identity (Network Auth) APIs.

In the short term, network authentication APIs capture 97% of the current $12B+ API market opportunity.

The market exists today for Network Auth APIs, while other API markets are still under construction. NaaS APIs (like QoD) are in the nascent stages of commercial availability and market adoption. 

Of course, there is value in NaaS APIs, but the time is now for Network Authentication. 

Are you unsure how to get started?  We’d be happy to help. Fill out our contact form, email info@shush.pw, or message us on LinkedIn.