Telstra’s announcement that it was partnering with Ericsson – and specifically its network Application Programming Interfaces (APIs) aggregator unit Vonage –was a clear signal that the way ANZ enterprises are buying network services is going to look very different from today. The non-exclusive agreement introduces Telstra's network APIs to the Vonage platform, giving enterprises and developers the opportunity to utilise its network capabilities to create innovative
applications.
Telstra and Vonage will also work together to identify and bring new open APIs to market, such as slicing, edge computing, fraud and spam protections and network analytical insights. They will also explore the integration of Telstra’s APIs with Vonage’s API platform. The two will collaborate on and continue investing in enhancing existing APIs, such as Silent Authentication – a new verification method that provides secure authentication without requiring users to input passwords or verification information.
However, exposing network functions through APIs poses security challenges for both operators and enterprises. Telstra will supply services directly and through API aggregators like Vonage and in this model, part of the security responsibility falls on the aggregator and some may even pass onto the application developer [see figure]. Telcos faces the challenge of balancing the risk of exposing network functions on one hand, and providing APIs that give value for the aggregators
and their customers on the other – all without knowing exactly how the end consumers will be using these APIs.
Telstra began this work with Commonwealth Bank (CBA) with the new pilot of Scam Indicator. This tool detects high-risk scam situations in real time using a Telstra API that CBA calls as part of its scam detection processes. It enables CBA to check if a customer is on a phone call, a prime indicator of a scam. This allows CBA to try to contact the customer or implement additional checks.
To protect privacy, CBA can only access specific data points related to scam prevention through the API and does not have access to any other underlying customer data. In this model, network APIs allow Telstra to build out its 5G Platform as a Service (PaaS) where application developers and industry can leverage the telco’s network attributes for critical services that must traverse over the network with improved guarantees such as Quality of Service and future network slicing for both consumer and industrial applications.
For services to work, telcos need to encrypt communications through APIs and ensure runtime protection at the API gateway level using security solutions. At the same time, they must balance making APIs user-friendly and transparent for developers while carefully deciding which data and functions to expose to avoid revealing sensitive information. CSPs face numerous decisions, often involving conflicting demands, to maintain this balance.
But to properly serve the enterprise market, Telstra needs API aggregators like Vonage because they partner with multiple telcos to package, expand, and resell communication services and solutions – for example, Singtel, the owner of Optus recently partnered with Vonage. Aggregators may need to handle user authentication and authorisation and comply with certifications like Payment Card Industry Data Security Standard (PCI DSS) and System and Organisation Controls (SOC), as well as GDPR and other privacy regulations. Given their interactions with multiple CSPs, they must carefully onboard users by performing KYC checks and enforcing strong user credentials.
Vonage’s partnership with Telstra enables the secure and efficient exposure of Telstra’s network assets to developers, delivering services over the operator’s network in a standardised, developer- friendly manner.
Ericsson CEO and managing director ANZ Emilio Romeo will be delivering the keynote address titled “Understanding the importance of accelerating 5G industry adoption” at Interconnect World Sydney at the Hilton Hotel on 7 August 2024.
The inaugural event brings together the industry’s leading telcos, ISPs, IXs, TMT investors, government agencies along with key enterprise decision makers. These stakeholders will consider key technology and investment trends and address best practices in terms of the connectivity of digital infrastructure. To find out more and to register please visit: https://interconnectworld.com/events/sydney-interconnect-world-2024/
[Author: Simon Dux]