Zero-Rating Fraud – Define & Track
In this excerpt from our updated Zero Rating Fraud paper, we explore how to enable legitimate zero-rated access while preventing misuse and fraud.
Start at Start – Consider what to Offer
Addressing zero-rating fraud begins at both the business and technical stages of designing the offer. It’s essential to carefully consider how access will be granted, how usage will be tracked, and what consumption limits should be enforced. For example, if the offer provides social media access for prepaid users, which social media platforms are included, and what data usage thresholds apply? These considerations effectively define the terms and conditions governing zero-rated access and the eligible users. Additionally, if the zero-rated access is part of a promotional campaign, it’s important to assess its profitability and implement mechanisms to monitor performance over time.
What to Track
As highlighted in the paper, enforcing zero-rating policies and preventing misuse presents a significant technical challenge, especially as fraudulent users become increasingly sophisticated. Techniques such as exploiting Server Name Indication (SNI) and Domain Name System (DNS) manipulation are used to gain unauthorized free data access on mobile networks.
To counteract this, networks need a more intelligent, dynamic approach that measures and models app and content access patterns over time — tracking factors such as session duration, frequency of access, and data volume exchanged. Monitoring zero-rated protocols like DNS on a per-user-session basis is also crucial. This enables not only the detection of abnormal usage but also better planning for future promotional offers.
Legitimate Use or Fraud?
Our paper examines different layers of this approach — from detailed IP and DNS monitoring to advanced application recognition and classification. Distinguishing misuse from legitimate use is inherently imprecise, so tolerance must be incorporated into tracking systems. Metrics such as consumption volume, access frequency, time of day, device type, and app usage help build a comprehensive picture of ongoing behavior. This makes it possible to more accurately identify misuse within a user’s session and apply more targeted enforcement actions.
In our next article, we will delve deeper into enforcement strategies.
But if you can’t wait download our updated paper on bypass fraud:
Review our Enea capabilities for managing data traffic:
