Turning events into real-time risk decisions.
Tellaris connects your signalling, CDR, roaming and billing data into one live behavioural model, catching known fraud today, and the anomalies that become tomorrow's fraud types.
Tier-1 carriers run Subex, Mobileum, or custom-built fraud stacks staffed by 20-person teams. If you're an operator serving 1-20M subscribers, the licensing alone prices you out. Meanwhile SIM box bypass is draining your international termination revenue, Wangiri bots hit your subscribers overnight, and IRSF quietly inflates wholesale invoices you pay 60 days later.
Kafka-compatible ingestion from your mediation layer, rated-CDR exporters, and signalling probes. Flexible ingest adapters with governed Avro contracts once feeds are onboarded, so we adapt to your data rather than the other way around.
Tier-2/3 CDR rates, load-tested beyondOur stateful core joins voice, signalling, and subscriber-profile signals in a single pass. Rule engines catch known fraud patterns, ML scoring surfaces the novel ones.
Sub-150ms end-to-endTrigger a block, rate limit, step-up review, network-policy action or case-management workflow. Every decision is logged with the signals that triggered it, so analysts can see why.
Explainable by defaultTellaris reads your signalling and rated CDRs and keeps a live behavioural profile per subscriber, entirely on your own infrastructure. Most events are scored and monitored silently. When a case crosses the action threshold, Tellaris fires an enforcement decision to your BSS, and the cases your team confirms sharpen detection over time.
Tellaris is a real-time decision layer that runs in parallel to the call flow, marrying the signalling layer with the commercial reality of your rated CDRs. It's the glue between systems that don't talk to each other, not another rip-and-replace.
We consume parallel feeds, never inline. Rated and mediation CDRs today; GGSN / PGW, Diameter on the DRA, and SS7/SIGTRAN light up as you publish them. If Tellaris stops, every call still completes.
Tellaris runs next to Subex, Mobileum, clearing-house feeds, and in-house tooling. It correlates the signalling layer with the commercial reality of your CDRs, the silos those systems can't see across.
Decisions map to your own BSS endpoints, ALLOW / TIGHTEN_RULES / CAP_SPEND / BLOCK, via the Triggers page. Fail-closed allowlist, bearer or HMAC auth, no surprise destinations.
Inline enforcement is an upgrade once trust is established, never the starting position. You decide if and when to move from monitoring to action.
Convergent means one behavioural model across mobile, fixed, voice, SMS, data, roaming, interconnect, subscriber and commercial events. Fraud typologies share substrate features (velocity, fan-out, destination risk, subscriber deltas), so a single streaming pipeline covers them all and extends across domains as feeds onboard, alongside your existing systems and not one project per fraud type.
International voice traffic re-terminated over GSM gateways to evade settlement. We detect by correlating call patterns with HLR location, velocity, and CDR signatures.
Missed-call bots seeding callbacks to premium-rate numbers. We catch the campaign footprint in seconds, not after complaints land at customer care.
PBX compromise → high-value calls to IPRN destinations. We rate-limit and alert before the first full-hour session completes.
Impossible-velocity country flips and high-cost roaming abuse. We correlate location, velocity, and destination risk to catch it before the roaming invoice lands.
Runaway consumption from PBX hijack, compromised SIMs, and tariff arbitrage. We cap spend before the loss compounds, rather than after the bill is cut.
Phishing campaigns and A2P grey-route abuse. Metadata-first detection on originator reputation and velocity, with optional content classification where legally enabled, flags new campaigns within minutes.
Every layer of Tellaris is open-source or open-standard. The streaming fraud-detection blueprint (Kafka-compatible ingest, stateful operators, ML scoring) is a proven carrier-grade pattern. Tellaris productizes it: deployable in weeks for operators who don't have a 20-person streaming team.
| Layer | Technology | Note |
|---|---|---|
| Orchestration | Helm on k3s or vanilla Kubernetes | Self-host or managed |
| Detection engine | Stateful in-process decisioning · rules + ML scoring | Sub-150ms end-to-end |
| Ingestion | Kafka-compatible streaming · Avro schemas + registry | Backward-compatible CDR contracts |
| Enrichment | PostgreSQL + in-memory cache | Subscriber + destination risk features |
| Observability | Prometheus · Grafana · OpenTelemetry | Per-rule SLO dashboards |
Tellaris productises a detection approach with a track record in research and at carrier scale, on infrastructure operators already trust. The evidence, not a pitch.
Independent benchmark for ML-based international bypass detection. An industry reference, not a Tellaris result, and the accuracy bar our scoring is built to clear.
Every event is scored and acted on as it streams in, not surfaced in tomorrow's batch report. That is the gap static, after-the-fact tooling leaves open.
The scale of the problem, climbing yearly while prevention spend stays structurally underfunded. The case for getting ahead of it, not chasing it.
Belgian-incorporated. No third-party data brokers. Every decision is logged for analysis, audit and compliance review.
Bring one hour of anonymized CDRs to the demo call. We'll show you the fraud patterns our pipeline finds, which rules trigger, and which ML scores surface the non-obvious cases. 30 minutes, no slides.