Use Case 1: Phone Fraud
The API is useful to avoid fraud. Banks offer the option for users to receive telephone calls to solve problems, e.g. in case of issues with the banking app, issues with smartphones, the bank website or any tool providing access to the online bank account management system.
How does the fraudster operate?
- Through social engineering the fraudster gathers information about bank customers who are engaged in such a situation, needing the bank to contact them.
- Once they identify the service provider and phone number of a customer they manage to successfully activate, on the customer profile, the “call forwarding” to a phone number they control.
- After successfully setting up “call forwarding” the fraudster then contacts the bank, claiming an inability to access online banking services and requesting a call from a bank representative.
- When the bank calls the registered contact number of the bank customer, the active “call forwarding” diverts the call directly to the fraudster, thus completing their scheme.
The CFS API can be used by the bank to verify if a “call forwarding” option is active on the customer’s phone, avoiding such a fraud.
A use case in this are is ‘Account Takeover’ protection where CFS API is deployed in tandem with SIM swap to alert banks for possible fraudulent activities.
Use Case 2: Alert Interception
The call forwarding function can be used by fraudsters to prevent victims from receiving timely reminders or voice alerts. Due to fraudsters controlling the victim’s phone and enabling unconditional call forwarding, police or family members cannot contact the right number when trying to reach the victim. The CFS API can help the police to identify whether the number has set up unconditional call forwarding, so as to quickly choose other ways to contact the victim, such as instant messaging software.
Use Case 3: Call Forward Verification
Conditional call forwarding can be used by users to forward calls to enhanced voicemail services or virtual assistant service who can answer the call if the original user is not available to answer, providing a better level of customer service to callers than the standard carrier voicemail.
When users are asked to configure the conditional call forward on their number by tapping a forwarding code, this configuration does not always work and requires users to retry the code or restart their phone and try again. With the CFS API it is possible to programmatically check the service configuration status.