diff --git a/README.md b/README.md index fefa88a..722c5f3 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ Repository to describe, develop, document and test the Call Forwarding Signal AP ## Scope * Service APIs for “CallForwardingSignal” (see APIBacklog.md) * It provides the customer with the ability to: - * The Call Forwarding Signal (CFS) API provides the API Consumer with information about the status of the Call Forwading Service on a specific phone number. The main scope of the CFS API is "anti Fraud" to avoid fraudsters to use the Call Forwarding Service to carry on a scam. Other use cases are anyway supported by the CFS API that also provides additional endpoints to detect the general Call Forwarding Service settings. + * The Call Forwarding Signal (CFS) API provides the API Consumer with information about the status of the Call Forwarding Service on a specific phone number. The main scope of the CFS API is "anti Fraud" to avoid fraudsters to use the Call Forwarding Service to carry on a scam. Other use cases are anyway supported by the CFS API that also provides additional endpoints to detect the general Call Forwarding Service settings. * The Application Server invokes the Call Forwarding Signal API to determine if a specific phone number has an active "call forwarding" setup. "Call forwarding" is a network service that redirects incoming calls to another phone number (configured in the service). The Call Forwarding Signal API can be used by a bank to verify if a “call forwarding” option is active on the customer’s phone number to avoid frauds. A call from the bank to the customers can indeed be forwarded to a different number because of a fraud attempt. * The API is useful to avoid frauds. Banks offer the option for users to receive telephone calls to solve problems, e.g. in case of issues with the bank App, issues with Smartphones, the bank website or any tool providing access to the online bank account management system.
How does the fraudster operate?
• Through social engineering, the fraudster gathers information about bank customers who are engaged in such a situation, needing the bank to contact them.
• Once they identify the service provider and phone number of a customer, they manage to successfully activate, on the customer profile, the 'call forwarding' to a phone number they control.
• After successfully setting up 'call forwarding,' the fraudster then contacts the bank, claiming an inability to access online banking services and requesting a call from a bank representative.
• When the bank calls the registered contact number of the user, the active 'call forwarding' diverts the call directly to the fraudster, thus completing their scheme.
The Call Forwarding Signal API can be used by the bank to verify if a "call forwarding" option is active on the customer's phone, avoiding such a fraud. * Describe, develop, document and test the APIs (with 1-2 Telcos)