Omni Shield

Overview

Omni Shield is 8x8's solution to protect enterprises and their customers from fraudulent SMS activities, such as toll or international revenue share fraud.

The Omni Shield solution offers comprehensive monitoring, real-time traffic analysis, and automatic detection and cancellation of messages from known fraudulent numbers.

Its benefits include reducing Artificial Inflation of Traffic (AIT) attacks, decreasing monthly messaging expenses, and providing real-time alerts and automatic detection of potential fraud.

How Omni Shield Works?

Omni Shield Consists of two primary components:

  • Traffic Anomaly Detector: Analyse live traffic on abnormal trends using machine learning
  • Phone Number Intelligence (Launching Soon): Verify that a number is valid and responsive before sending an SMS

The diagram below adds more context into how Omni Shield fits within the context of sending SMS traffic:

Recommendations To Mitigate SMS Fraud Attacks

While Omni Shield can help prevent fraud attacks, we believe in a shared responsibility model between 8x8 and you as a customer.

Please see the following page for recommendations that should be implemented on your end to mitigate fraud attacks.

FAQ

QuestionAnswer
How do I enable Omni Shield?Omni Shield is for existing SMS API Customers. If you would like to enable it for your 8x8 subaccount, reach out to your account manager.
Does Omni Shield work only for OTP traffic?Yes, Omni Shield is typically enabled to detect AIT attacks in OTP traffic only. This is because OTP traffic comprises of the overwhelming majority of AIT attacks.
Does Omni Shield automatically block messages?Only when the service team has been given permission in advance.

Otherwise, you will be notified by the service manager, and you can decide whether to block the messages on the operator level
How does Omni Shield use historical data to determine the risk of a number (and whether to block)Omni Shield uses a few data points including:
- How often an OTP converts from said number (across our platform, which means it could be coming from various brands)
- 3rd party data source on how risky the number
Can we see information about messages banned by Omni Shield on the dashboard?This is planned within 1H 2024. For customer who need the stats today, they can be derived from the log with message status & error code.
Can Omni Shield Protect Against all SMS Fraud?Omni Shield is designed to curb AIT fraud specifically, but it is a shared responsibility between 8x8 and our customers using our APIs to send SMS traffic.

We strongly advise you to see our section below on what you can do to prevent SMS fraud for advice to secure your platform against Fraud attacks.
What error code is sent in an API call if a message is blocked? Will a webhook also be sent?The message status will be "Rejected by 8x8", the error code is TBD.
In the case of number porting from one operator to another will blocking still happen?Once a number is ported the likelihood of it being part of AIT decreases so chances are we won't block it.

Glossary of Terms

  • PNI (Phone Number Intelligence): 8x8 collects OTP Conversion history of a number and also checks to see if the number is flagged as suspicious by 3rd party.