[Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1 - URGENT

Matthias Hohl matthias.hohl at telematica.at
Sat Jun 4 05:45:27 EDT 2016


Hello,

 

this fraud protection module in 4.3.1 still DOESN’T work!

I also use the latest updates.

The subscriber doesn’t get automatically locked after reaching the fraud limit and the notification mail is send again, everytime the cronjob is running!

 

The Fraud Limit is only set in the billing profile and nothing edited at customer.

 

Customer settings:

 



 

Billing Profile Settings:

 



 

 

I received the notification mail:

Customer # 231 has been locked due to exceeding the configured credit balance threshold (70.60 EUR >= 50.00 EUR) in the billing profile day settings.

 

I checked the subscriber and I saw that there was no lock level activated, and I still receive the notifcations mails now everytime again, when the cronjob runs, until I manually rise up the fraud limit on this customer in the customer settings. 

So I also can’t deactivate the notification mails. Also if I manually lock the subscriber I still receive the notifications until I raise up the fraud limit in customer settings or billing profile settings to be under the threshold.

 

So all is definitely right configurated but your new fraud protection scripts doesn’t lock the subscriber.. I am speaking about that problem now for over 1 month and it doesn’t work.

Everything works fine before I updated to 4.3.1 with fraud protection and now ether subscriber nor customer will be locked any more by reaching the threshold.

 

I don’t know why it is working on your fresh installed 4.3.1 version. But I don’t have a fresh installed version, maybe that is the problem, I don’t know.

Please fix this as soon as possible cause this is a very high security risk.

 

Thanks!

 

 

 

 

Von: Spce-user [mailto:spce-user-bounces at lists.sipwise.com] Im Auftrag von Matthias Hohl
Gesendet: Freitag, 13. Mai 2016 16:13
An: 'Kirill Solomko' <ksolomko at sipwise.com>
Cc: Spce-user at lists.sipwise.com
Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1

 

Hello again,

 

Yeah definitely you have the excat same settings, how i did the setup at my side, but at me and the subsriber didn’t get a lock and the notification mail comes again and again and again and again everytime the cronjobs runs until I rise up the fraud limit.

I did no fresh install I just did a upgrade from 4.2.1 to 4.3.1 and did the last update && upgrade last week.

 

This is in my billing profile: (lock monthly and daily all outgoing calls by reaching a limit and send mail.)

 



 

And this at the customer: (there is just “billing profile default” in every field.)

 



 

And if the call limit was reached, I just get the notification mails every time the cronjob runs but the subscriber never get locked.

I will test it today again after the latest update && upgrade. Once with billing profile lock limit and once with customer lock limit.

 

Sure, I believe that It will work at your side, but just believe me, it didn’t work at me after an upgrade to 4.3.1 :D

 

 

 

 

Von: Kirill Solomko [mailto:ksolomko at sipwise.com] 
Gesendet: Freitag, 13. Mai 2016 15:42
An: Matthias Hohl < <mailto:matthias.hohl at telematica.at> matthias.hohl at telematica.at>
Cc:  <mailto:Spce-user at lists.sipwise.com> Spce-user at lists.sipwise.com
Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1

 

 

On 13 May 2016, at 14:40, Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at> > wrote:

 

Hello,

thanks for the info. I will do the update later today.

Okay.

Yah that’s the behavior I doing currently. But normally I have no customer fraud preferences and use always the billing profile defaults. So there is no need now for mixing.

Is the bug with the automatic lock also fixed? Cause currently I just get the notifications but the lock will not be done automatically, even if it is set "lock outgoing calls" in the billing profile fraud protection. I also tested it with customer fraud protection and also there the settings for lock outgoing calls if limit is reached but also there I just get the notification mail and no lock happened.

 

I have tested it on a fresh mr4.3.1 CE and it worked just fine.

 

1. In the billing profile I set (customer fraud preferences are untouched):

 

fraud_daily_limit: 10 (means 10 cents)

fraud_dailty_lock: “all outgoing calls”

fraud_daily_notify: "myemail"

 

2. There are 2 cdrs with source_customer_cost = 1000 each (total: 2000).

 

3. Issued ngcp-fraud-daily-check and got this result (internal debug):

 

               id: 3

       reseller_id: 1

          interval: day

              type: profile_limit

     interval_cost: 2000.000000

    interval_limit: 10

     interval_lock: 2

   interval_notify: “myemail"

use_reseller_rates: 0

 

4. And received the following email:

 

————

Customer # 3 has been locked due to exceeding the configured
daily credit balance threshold (20.00 >= 0.10) in the billing profile settings.

Affected subscribers:

123456 at 1.1.1.1 <mailto:123456 at 1.1.1.1> 

123457 at 1.1.1.1 <mailto:123457 at 1.1.1.1>  


Your faithful Sipwise system

-- 
This is an automatically generated message. Do not reply.

————

 

5. Status of the customer: "status: locked”

 

6. Status of the related subscribers: "status: locked”

 

7. When I open of the locked subscribers on the ngcp-panel I see 

 

Subscriber status is locked

Subscriber is locked for outgoing

8. When I issue “ngcp-fraud-daily-check” again it does nothing as the customer is already locked.

 

9. When I call to any number from the locked subscriber I get “403 Caller Locked” on my phone and in kamalio-proxy.log I can see "Caller locked for outgoing with mode ‘2'"

 

Kind regards,

Kirill

 


Thanks.

-----Ursprüngliche Nachricht-----
Von: Spce-user [mailto:spce-user-bounces at lists.sipwise.com] Im Auftrag von Kirill Solomko
Gesendet: Freitag, 13. Mai 2016 14:28
An: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com> 
Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1

Hi Matthias,

The new “interval” email template variable will be available later on today, affected packages: ngcp-billing-tools, db-schema (you have to issue “ngcp-update-db-schema" after the db-schema package upgrade).

As for the planned change to use “mixed” billing profile / customer fraud preferences, that will not be implemented, at least not in 4.3/4.4.
Currently you can either add a customer fraud preference (which takes preference over the billing profile once created) and if you no longer need it there is a “delete” button in the customer fraud preferences where after removal all the values are shown as “billing profile default”.

Kind regards,
Kirill 



On 03 May 2016, at 16:45, Kirill Solomko <ksolomko at sipwise.com <mailto:ksolomko at sipwise.com> > wrote:




On 03 May 2016, at 15:54, Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at> > wrote:

Hello again :)

1.) When do you believe this fix is coming?
Cause again another customer reached is daily limit and there was no 
lock :/

Customer # 227 has been locked due to exceeding the configured credit 
balance threshold (73.49 >= 50.00) in the billing profile settings.

It is currently a bit risky not to lock automatically :/


Hi Matthias,

As I have mentioned before the core logic has not been changed in mr4.3 and such behaviour is also in our previous versions.

For now you can either override all the 3 customer fraud preferences or use none of them and the billing profile only.

The incoming improvement will allow to mix up the preferences so the inheritance customer preference -> billing profile will be used.

ETA: this/next week.




2.) Yah using GUI is good, but then you have to manually set the value back on next month :/ not so workflow friendly.


As I have written in the previous reply you you can use "GUI for that and/or the API interface.”, where with our REST API interface you can automate it and well integrate into your own workflow.

Kind regards,
Kirill



thanks

-----Ursprüngliche Nachricht-----
Von: Kirill Solomko [mailto:ksolomko at sipwise.com]
Gesendet: Dienstag, 3. Mai 2016 15:33
An: Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at> >
Cc: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com> 
Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1




On 03 May 2016, at 15:26, Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at> > wrote:

Hello,


-----Ursprüngliche Nachricht-----
Von: Kirill Solomko [mailto:ksolomko at sipwise.com]
Gesendet: Dienstag, 3. Mai 2016 13:23
An: Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at> >
Cc: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com> 
Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 4.3.1

Hi Matthias,



On 02 May 2016, at 18:31, Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at> > wrote:

Hello Kirill,

1.) the problem with the amount was just at one customer, another one, which was notified from billing profile monthly limit, was set correct.
2.) yah I know it is in cents not in EUR. Thanks for the advice how to change it.
3.) on last day I had the problem, that a customer exceeded the monthly limit and I got the notifications but no lock... the setting is set right. is this still included in the bugfix?
Yes, that was because you had mixed inheritance (part of the limits were billing profile and part customer based).


No definitely not. The limit was ONLY at the billing profile and NO setting on customer based. It was not one of my test subscriber, it was a totally different one. I got no lock. So something is wrong with the locking module.


I think we are talking about the same. As I have mentioned earlier the upcoming “mixed inheritance” fix will address that. 



 

5.) so is it then possible to just set the limit in customer settings and the mail address will be used from billing profile setting? Like it works currently for the daily limit?
Yes, if a customer fraud preference is unset/empty, inheritance to a related billing profile will take place. Currently it determines it only based on customer fraud interval limit.

 

6.) if you update the script, it is maybe also possible to include a checkbox for "lock limit just for current month", and next month there is standard lock level? Would be nice feature, to top up the limit for the current month only.

We do not add new features in already released versions, only fixes.
I honestly see no reason in that as such limitation may very well go out of control, as if you set this month for a certain lock level but next month you forget to re-enable it if you were about to occasionally.
An example: normal practice for mobile operators is to lock you out (for your own good) if you are over a certain sane daily/monthly usage threshold and send a text message or an email in our case.
You call your operator and ask them to manually unlock you, or if you are really that talkative request them to manually disable/shift the threshold.
I truly appreciate that idea but that feature will less likely be implemented however we will keep that in mind and perhaps morph it into something alike.


Yah thats definitly what i wanted to say. the possibility to unlock a customer for the current billing period. Your example is exactly what I mean. If customer is over threshold, the operator can manually unlock for this period to a higher threshold level. If month is over, the old normal threshold level is back active.


You should either use GUI for that and/or the API interface. No need for anything extra to accomplish the scenario.



Kind regards,
Kirill



-----Ursprüngliche Nachricht-----
Von: Kirill Solomko [mailto:ksolomko at sipwise.com]
Gesendet: Montag, 2. Mai 2016 16:31
An: Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at> >
Cc: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com> 
Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in 
4.3.1

Hi Matthias,

I could not reproduce your scenario.

I have 30 cdrs for customer 5, for 2016-04-22 with 150 cents in sum().

mysql> select count(id), source_account_id,
mysql> date(from_unixtime(start_time)) from cdr group by 2,3;
+-----------+-------------------+---------------------------------+
| count(id) | source_account_id | date(from_unixtime(start_time)) |
+-----------+-------------------+---------------------------------+
|        10 |                 5 | 2016-04-21                      |
|        30 |                 5 | 2016-04-22                      |
|        10 |                41 | 2016-04-15                      |
|        10 |                41 | 2016-04-22                      |

Now the costs:

select sum(source_customer_cost), source_account_id,
date(from_unixtime(start_time)) from cdr group by 2,3;
+---------------------------+-------------------+---------------------------------+
| sum(source_customer_cost) | source_account_id |
| date(from_unixtime(start_time)) |
+---------------------------+-------------------+---------------------------------+
|                 50.000000 |                 5 | 2016-04-21                      |
|                150.000000 |                 5 | 2016-04-22                      |
|                 50.000000 |                41 | 2016-04-15                      |
|                 50.000000 |                41 | 2016-04-22

And customer_id 5 was triggered with the amount of 150 (cents). And the warning I received:

———————
Customer # 5 is currently exceeding the configured credit balance threshold (1.50 >= 0.20) in the customer settings, but has not been locked due to configuration.

Affected subscribers:
…
———————

Please keep in mind that you enter values in cents (150 = 150 cents) where in the email you see them divided by 100.
You can however adjust your template and define it there as “1.50 EUR >= 0.20 EUR”.

Also please bear in mind that in the billing profiles there is a checkbox “use reseller rates”, which means that if it is checked then the reseller defined fees will be used in the calculation (source_reseller_cost instead of source_customer_cost).

As for the new template value [% interval %] it will be available with next package update nearest days and also addressed “inheritance” minor fix when the “limit” value is not set in the customer fraud preferences but the other values are.

Kind regards,
Kirill



On 01 May 2016, at 18:06, Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at> > wrote:

Hello Kirill,

Any news about the Fraud Check update..?

Thanks

Von meinem iPhone gesendet



Am 26.04.2016 um 20:41 schrieb Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at> >:

Hi kirill,

Oh okay. Good to know :)

Then I will wait.

Any update about the "lock" problem?

Thanks for your time.


-----Ursprüngliche Nachricht-----
Von: Kirill Solomko [mailto:ksolomko at sipwise.com]
Gesendet: Dienstag, 26. April 2016 19:34
An: Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at> >
Cc: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com> 
Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in
4.3.1

Hi Matthias,

It is not available yet, it is going to be available as a package 
update nearest days.

Kind regards,
Kirill



On 26 Apr 2016, at 09:34, Matthias Hohl 
<matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at> >

wrote:

Hello,

i inserted [% interval %] in the mail template but it doesn't work.
I can't see the "daily" or "monthly" information in the notification mail.

 


TEMPLATE:
Customer # [% customer_id %] has been locked due to exceeding 
the configured credit balance threshold ([% interval_cost %] >= 
[% interval_limit %]) in the [% type %] [% interval %] settings.

MAIL:
Customer # 6 has been locked due to exceeding the configured 
credit balance threshold (178.59 >= 20.00) in the customer  settings.



-----Ursprüngliche Nachricht-----
Von: Kirill Solomko [mailto:ksolomko at sipwise.com]
Gesendet: Montag, 25. April 2016 23:40
An: Matthias Hohl <matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at> >
Cc: Spce-user at lists.sipwise.com <mailto:Spce-user at lists.sipwise.com> 
Betreff: Re: [Spce-user] NGCP-FRAUD Protection doesn't work in
4.3.1

Hi Matthias,

Inline replies as following:



On 25 Apr 2016, at 19:05, Matthias Hohl 
<matthias.hohl at telematica.at <mailto:matthias.hohl at telematica.at> >

wrote:

3. Bug:

I also see that in the notifcation mail doesn't split between "daily" 
or

"monthly" limit exceeded.

The variable will be exposed to the email templates as [% 
interval %]

Kind regards,
Kirill


_______________________________________________
Spce-user mailing list
 <mailto:Spce-user at lists.sipwise.com> Spce-user at lists.sipwise.com
 <https://lists.sipwise.com/listinfo/spce-user> https://lists.sipwise.com/listinfo/spce-user

 

 

 


_______________________________________________
Spce-user mailing list
 <mailto:Spce-user at lists.sipwise.com> Spce-user at lists.sipwise.com
 <https://lists.sipwise.com/listinfo/spce-user> https://lists.sipwise.com/listinfo/spce-user


_______________________________________________
Spce-user mailing list
 <mailto:Spce-user at lists.sipwise.com> Spce-user at lists.sipwise.com
 <https://lists.sipwise.com/listinfo/spce-user> https://lists.sipwise.com/listinfo/spce-user

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sipwise.com/mailman/private/spce-user_lists.sipwise.com/attachments/20160604/574a6432/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.jpg
Type: image/jpeg
Size: 38726 bytes
Desc: not available
URL: <http://lists.sipwise.com/mailman/private/spce-user_lists.sipwise.com/attachments/20160604/574a6432/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image008.jpg
Type: image/jpeg
Size: 32608 bytes
Desc: not available
URL: <http://lists.sipwise.com/mailman/private/spce-user_lists.sipwise.com/attachments/20160604/574a6432/attachment-0001.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image010.jpg
Type: image/jpeg
Size: 28676 bytes
Desc: not available
URL: <http://lists.sipwise.com/mailman/private/spce-user_lists.sipwise.com/attachments/20160604/574a6432/attachment-0002.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image012.jpg
Type: image/jpeg
Size: 34121 bytes
Desc: not available
URL: <http://lists.sipwise.com/mailman/private/spce-user_lists.sipwise.com/attachments/20160604/574a6432/attachment-0003.jpg>


More information about the Spce-user mailing list