Blockchain Fraud Consensus
Decentralised fraud detection, consensus-driven blacklist management and distributed threat intelligence
Wholesale telecom fraud costs the industry an estimated $39 billion annually. Existing fraud management operates in silos - each carrier maintains its own database, its own rules, its own blacklists - so a number flagged as fraudulent on one network can keep generating revenue on another for days before the information is shared. That gap is not an accident: the party best placed to stop the traffic often earns from carrying it. This paper presents the VPX Fraud Consensus model - a distributed, blockchain-secured approach that combines per-number AI scoring, privacy-preserving federated learning across carriers (sharing model intelligence, never raw call data) and multi-party consensus validation to produce a shared, immutable fraud-intelligence layer that propagates blacklist updates to every participant within 60 seconds. The result is a network on which fraudulent traffic earns no one, and on which the detection-time gap that fraudsters live in is closed.
CONTENTS · 10 SECTIONS
1. The Fraud Problem in Wholesale Telecom
International Revenue Share Fraud (IRSF), Wangiri (one-ring callback fraud), Artificially Inflated Traffic (AIT), CLI spoofing and grey route abuse collectively cost the global telecom industry tens of billions of dollars per year. Despite decades of investment in fraud management systems, the problem is growing - not shrinking.
The root cause is structural. Each carrier operates its own fraud detection system, trained on its own traffic data, maintaining its own blacklists. When Carrier A detects a Wangiri campaign targeting premium Nauru numbers, it updates its own blacklist within minutes. But Carrier B, Carrier C and every other operator on the planet continue to accept and terminate those fraudulent calls until they independently detect the same pattern - which may take hours, days or weeks.
The information asymmetry is the vulnerability, and it is sharpened by a conflict of interest: in IRSF and Wangiri the terminating side earns a share of the traffic it carries, so the party best placed to stop the fraud is frequently the party being paid to let it through. The loss lands on the number holder and the honest carrier, who pay down the settlement chain before detection catches up. Fraudsters live in that gap - a coordinated IRSF attack can generate hundreds of thousands of pounds in the window between first detection on one network and industry-wide awareness.
Note on Token Pricing: This whitepaper references VPXN token stakes and economic incentives for Fraud Node operators. All token price references (e.g., "$5,000 stake at $0.10 per VPXN") are illustrative examples for modelling purposes only. Actual VPXN market price will be determined by supply and demand on decentralised exchanges following mainnet launch. For comprehensive token distribution, fundraising structure, and staking economics, see Whitepaper 02: VPX Token Economy, Section 2.
2. Why Existing Solutions Fall Short
Current industry approaches to shared fraud intelligence include:
- GSMA NIRAS (Number Intelligence and Risk Assessment Service) - voluntary data sharing between participating operators. Adoption is partial, data is not real-time and there is no consensus mechanism to validate reports.
- Commercial fraud databases (various vendors) - centralised, proprietary, updated on vendor timelines. Single point of trust and single point of failure. No transparency on how entries are added or removed.
- Bilateral sharing agreements - carrier-to-carrier information exchange, typically via email or portal. Manual process, inconsistent formats, no automation, no audit trail.
- Regulatory databases (e.g. Ofcom DNO) - authoritative for specific use cases but narrow in scope and updated on a scheduled basis (typically daily), not in real time.
2.1 Common Failure Modes
All existing approaches share three fundamental limitations. First, they are mutable - a single administrator can add, remove or modify entries without external validation. Second, they are siloed - no single system aggregates fraud intelligence from the entire carrier ecosystem. Third, they are slow - even the fastest commercial databases operate on minute-to-hour update cycles, while fraud campaigns can generate significant losses in seconds.
3. The VPX Fraud Consensus Model
The VPX Fraud Consensus model addresses all three limitations through four combined mechanisms: distributed AI scoring, privacy-preserving federated learning, multi-party consensus validation and blockchain immutability. Federated learning is the piece that breaks the silo directly - each Fraud Node trains on the traffic it sees and shares only model updates, never raw call records, so the network learns from everyone without any carrier exposing subscriber data. This is what lets a small operator benefit from fraud intelligence derived from the whole network while remaining fully GDPR-compliant, and it is the modern answer to the data-sharing deadlock that has kept industry fraud databases siloed.
3.1 AI Fraud Scoring
Every number submitted to the VPX Network is scored by an ensemble machine learning model running on each Fraud Node. The model combines gradient boosting (for interpretable feature-based scoring) with a neural network (for pattern recognition on sequential call data). Together, 47 features are evaluated per number:
- Call pattern features: call frequency, duration distribution, time-of-day patterns, burst detection.
- Destination features: country risk score, premium rate range detection, known IRSF destination correlation.
- Network features: originating carrier reputation, route diversity, historical fraud rate on the originating path.
- Behavioural features: callback patterns (Wangiri signature), traffic inflation patterns (AIT signature), CLI format anomalies (spoofing indicators).
- Historical features: prior fraud reports on the number, associated number clusters, geographic anomaly scoring.
3.2 Consensus Validation
When a Fraud Node determines that a number exceeds the fraud threshold (score >85/100), it submits a fraud report to the network as a signed transaction. The report includes the number, the fraud type classification, the evidence payload (feature scores) and the submitting node's stake-weighted signature.
The network enters a consensus window (currently 30 seconds). During this window, other Fraud Nodes independently score the same number. If 2/3+ of active Fraud Nodes confirm the fraud classification, the number is added to the distributed blacklist. If consensus is not reached, the report is recorded as "disputed" and the number remains unblocked pending further evidence.
A counter-evidence mechanism allows any Fraud Node to submit exonerating data during the consensus window. If counter-evidence is compelling (e.g. the number is a known legitimate enterprise line), the consensus threshold increases to 80% before blacklisting can proceed.
3.3 Immutable Recording
Confirmed fraud entries are recorded on the VPX blockchain with the following immutable data: the number (E.164 format), fraud type, timestamp of first report, timestamp of consensus confirmation, the evidence hash (SHA-256 of the feature score payload) and the list of node IDs that voted to confirm.
Once recorded, an entry cannot be modified or deleted by any single party. Removal from the active blacklist requires a separate consensus process (de-listing vote) with the same 2/3+ threshold. This prevents both false-positive persistence and malicious de-listing.
3.4 Economic Alignment
The VPX Fraud Consensus model aligns financial incentives with accurate fraud detection through a combination of staking requirements, performance-based rewards, and progressive slashing for false reports.
Staking Requirement: Operating a Fraud Node requires a minimum stake of 50,000 VPXN tokens (approximately $5,000 USD at illustrative $0.10 token price; actual market price varies). This stake serves as economic collateral - demonstrating commitment to honest operation and providing slashable capital if the node engages in malicious behaviour.
Performance-Based Rewards: Fraud Nodes earn VPXN rewards from the Node Operator Rewards pool (35% of total supply, released over 10 years) proportional to their accuracy and participation. Rewards are distributed per epoch (1 hour) based on: True positives (fraud reports confirmed by consensus = full reward), True negatives (numbers scored below threshold that remain non-fraudulent = partial reward), False positives (fraud reports disputed by counter-evidence = zero reward, potential slashing), False negatives (numbers that should have been flagged but weren't = zero reward for that epoch).
- Tier 1 - Correctable (single disputed report, transient ML-flag, recoverable misconfiguration): 25% of Operator stake slashed. Formal on-chain warning; Operator remains operational.
- Tier 2 - Severe (repeated disputed reports, deliberate fraud-detection bypass, double-signing): 75% of remaining stake slashed. 30-day suspension; delegators receive automatic redelegate prompt; Operator must reapply via DAO governance to resume.
- Tier 3 - Critical (attempting to blacklist verified legitimate enterprise numbers, coordinated attack): 100% stake slashed + permanent ban.
Slashing is applied at the Operator level under the canonical three-tier 25/75/100 schedule (Token Economy Whitepaper v3.5 §10); fraud-evidence severity maps offences to Tier 1/2/3. Slashed tokens are permanently burned (not redistributed), ensuring that slashing genuinely removes value from the attacker rather than creating perverse incentives for other nodes to trigger slashing.
For comprehensive staking economics, reward distribution mechanics, slashing tiers, and the broader token economic model that powers all VPX node types, see Whitepaper 02: VPX Token Economy, Sections 5-9. All reward references in this section are subject to the canonical reward disclaimer (TE §16.2), the standard tax notice (TE §16.3) and the dynamic rate adjustment mechanism (TE §11.6.1); reward rates are not guaranteed.
4. Propagation & Integration
The integration surface described in this section - API endpoint, SDKs and example payloads - specifies the planned interface that becomes available to carriers from VPX mainnet launch (Q4 2026); it is not a currently live service. Confirmed blacklist updates propagate to all VPX Network participants within 60 seconds of blockchain confirmation. Propagation occurs via three channels:
- On-chain subscription: nodes monitoring the blockchain directly receive updates as blocks are produced.
- WebSocket push: connected carriers receive real-time fraud alert events via persistent WebSocket connections.
- REST API polling: carriers without persistent connections can poll the fraud API on a configurable schedule (minimum 60-second intervals).
4.1 Integration with Existing FMS
The VPX fraud feed is designed to complement - not replace - a carrier's existing Fraud Management System. The feed provides an additional signal source that can be ingested alongside the carrier's own detection rules, commercial threat feeds and regulatory databases.
Integration Pattern 1: Pre-Filter (Recommended for Conservative Carriers) - Incoming call → Check VPX blacklist → If blacklisted, reject immediately → Else proceed to internal FMS rules. Advantages: Zero false positives from VPX propagate to customers (2/3+ consensus = high confidence). Use case: Carriers with low risk tolerance, strict quality requirements.
Integration Pattern 2: Weighted Scoring (Recommended for High-Volume Carriers) - Incoming call → Score via internal FMS (0-100) → Query VPX fraud score (0-100) → Combine (internal 60%, VPX 40%) → If combined >threshold, reject. Advantages: Leverages both internal and network-wide intelligence. Use case: Carriers with mature internal FMS, seeking additional signal.
Integration Pattern 3: Post-Validation (Recommended for Testing Phase) - Incoming call → Process normally → Log VPX fraud score → Compare to actual fraud outcomes → Refine integration strategy. Advantages: Zero disruption to existing traffic, allows ROI validation before commitment. Use case: Carriers evaluating VPX, pilot phase.
- Python SDK: pip install vpx-fraud (VPX-Python).
- Node.js SDK: npm install @vpx/fraud (VPX-Node).
- Java SDK: Maven Central (VPX-Java).
- Go SDK: go get vpx.network/fraud (VPX-Go).
All SDKs include automatic retries, circuit breaking, and local caching (60-second TTL) to support continued availability even if the VPX API is temporarily unreachable. Integration typically requires 2-4 hours of development time and can be deployed alongside existing FMS infrastructure with zero disruption to live traffic.
5. Worked Examples
Canonical consensus rule. A fraud report finalises when the sum of approving Fraud Nodes' stake weight reaches ≥ 2/3 of total active Fraud Node stake, with at least 7 distinct Fraud Nodes participating, and with no per-Operator stake counting for more than 10% of the fraud-quorum stake total. Counter-evidence escalates the threshold to 80% per §3.3. All worked examples below are expressed in stake-weighted form. Where a head-count summary is also provided ("5 of 7", "6 of 8"), it reflects the special case of approximately uniform stake distribution across the active Fraud Node set and is shown alongside the canonical stake-weighted threshold for narrative clarity.
5.1 Wangiri Attack Detection
A Wangiri campaign begins at 02:14 UTC targeting UK mobile numbers with callbacks to premium-rate numbers in the Solomon Islands (+677). The attack generates single-ring calls (duration <3 seconds) to 15,000 UK mobiles over a 6-minute window.
At 02:14:08, the first Fraud Node detects the pattern: burst of short-duration calls from a concentrated originating range, all targeting a known premium-rate destination country. The AI model scores the originating numbers at 94/100 (Wangiri signature). A fraud report is submitted.
At 02:14:12, four additional Fraud Nodes independently confirm the Wangiri classification. Consensus is reached: the approving Fraud Nodes carry 71% of total active Fraud Node stake (1.42M VPXN of 2.0M VPXN total at this network scale, no single Operator above the 10% per-Operator cap), exceeding the 2/3 = 66.7% stake-weighted threshold. Under approximately uniform stake distribution, this corresponds to a 5-of-7 head count for narrative clarity. The originating number range is added to the distributed blacklist.
At 02:14:18, the blacklist update is confirmed on-chain. Within 60 seconds (by 02:15:18 at latest), all VPX Network participants have received the update and are blocking callbacks to the premium-rate destination. Total time from first fraudulent call to network-wide protection: under 70 seconds.
Without VPX, the same attack would typically be detected by individual carriers over a 2-48 hour window, with each carrier independently building rules. In that window, the fraud operator could generate £80,000+ in premium-rate revenue.
5.2 IRSF Detection
An IRSF scheme routes international calls via compromised PBX equipment to revenue-share numbers in high-cost African and Middle Eastern destinations. The attack is launched on New Year's Eve weekend (when IT security teams have reduced staffing) and targets 100+ international mobile networks to obfuscate fraud patterns and avoid single-destination threshold alarms.
The compromised PBX (municipal government, 20-user phone system) generates 5,000+ international calls per day to destinations the organisation has never called before: Nigeria, Ethiopia, Ghana, Iraq, Yemen, Russia. Termination rates range from £2-4/minute (50-100× higher than typical UK/EU rates of £0.008-0.015/minute). Over a 5-day holiday period, the attack generates £120,000 in fraudulent interconnection costs before the carrier's fraud team (working with reduced weekend staff) can contact the client, confirm the traffic is fraudulent, and implement blocks.
The traffic appears partially legitimate at first glance: standard CLI format (using the organisation's real main number), varied call durations (30 seconds to 5 minutes), distributed across many destinations. However, the geographic anomaly (100% international traffic vs. the organisation's normal 5% international baseline) and premium destination clustering (85% of calls routed to destinations with termination rates >£2/minute) create a strong IRSF signature.
VPX Fraud Nodes detect the pattern through correlated features: the originating CLI (municipal main number) has a historical destination profile of 95% domestic, 5% EU. Current traffic shows 0% domestic, 100% international (geographic anomaly score: 98/100). The destination ranges have elevated historical fraud scores (Nigeria Mobile MTN, Ethiopia Mobile: known IRSF targets). The traffic volume has increased from 0 international calls/day (baseline) to 5,000+ calls/day (infinite percentage increase). The destination rate correlation shows 85% of calls targeting premium destinations (>£2/min) vs. the organisation's normal 0% premium destination usage.
The AI model scores the originating CLI at 88/100 (IRSF signature: geographic anomaly + volume spike + premium destination clustering + holiday timing). Consensus is reached within 25 seconds: approving Fraud Nodes carry 78% of total active Fraud Node stake (1.56M VPXN of 2.0M VPXN total, no single Operator above the 10% per-Operator cap), exceeding the 2/3 = 66.7% stake-weighted threshold. The originating number is blacklisted network-wide within 60 seconds of confirmation. Subsequent call attempts are rejected at the routing layer before any further fraudulent minutes are generated.
Total time from first fraudulent call to network-wide protection: under 90 seconds. Without VPX, the same attack runs for 4-7 days (typical carrier detection window during holiday periods), generating £100-200K in interconnection costs per compromised PBX. VPX's 90-second response prevents over 99% of the fraud damage in this scenario.
5.3 AIT (Artificially Inflated Traffic) Detection
AIT represents a sophisticated fraud category where colluding carriers fabricate telecommunications traffic to inflate settlement revenue. Unlike IRSF or Wangiri which exploit technical vulnerabilities, AIT exploits the bilateral trust model inherent in traditional wholesale settlement. VPX's network-wide visibility breaks the bilateral collusion barrier.
Attack Scenario: Carrier A (European Tier 3 wholesale carrier) and Carrier B (offshore termination provider) execute a bilateral AIT scheme. Carrier A routes 8 million "fabricated" voice minutes per month to Carrier B's premium destinations. Carrier B logs the traffic in CDRs, generates invoices, but never delivers calls to real endpoints. The traffic is terminated in Carrier B's switching infrastructure (generating legitimate-looking ASR/ACD metrics) but the calls connect to automated IVR systems or dead-end trunks rather than real subscribers.
Financial Mechanics: At £0.012/minute termination rate, 8M fabricated minutes = £96,000 monthly settlement. Carrier B invoices Carrier A £96K. Carrier A pays via legitimate settlement channels. Carrier B rebates Carrier A £48K (50% kickback) via offshore invoice manipulation or consulting fees. Both parties profit £48K monthly (£576K annually) from fabricated traffic. Downstream carriers and enterprise customers absorb the inflated interconnect costs.
Month 1 (Pre-Detection): Carrier A routes 8.2M minutes to Carrier B. Industry-typical A→B traffic for this route: 400K minutes/month. Inflation ratio: 20.5×.
Week 2: VPX Analytics Node AN-EU-03 flags anomaly: Carrier A→B traffic volume (2.1M minutes in 7 days) is 18× higher than B→A traffic (116K minutes in 7 days). Normal bilateral traffic shows 0.8-1.4× ratio (relatively balanced flows).
Week 3: VPX Fraud Node FN-US-12 detects secondary pattern: 94% of Carrier A→B calls have identical duration (exactly 120 seconds). Real traffic exhibits natural variation (5s-45min spread, normal distribution). Uniform duration = fabrication signature.
Week 4: VPX cross-carrier analysis reveals tertiary pattern: Carrier B reports 8.2M inbound minutes from Carrier A, but only 340K outbound minutes to downstream carriers. Imbalance ratio: 24:1. Real termination providers show 3:1 to 8:1 ratios (inbound wholesale traffic distributed to multiple downstream routes).
Day 26: Fraud consensus reached. AI scoring model combines three anomaly signals (bilateral imbalance 20.5×, uniform duration 94%, downstream distribution gap 24:1) = composite fraud score 96/100 (AIT signature detected). Approving Fraud Nodes carry 75% of total active Fraud Node stake (1.80M VPXN of 2.4M VPXN total, no single Operator above the 10% per-Operator cap), exceeding the 2/3 = 66.7% stake-weighted threshold. Under approximately uniform stake distribution this corresponds to a 6-of-8 head count for narrative clarity. Blacklist entry includes route-pair identifier, evidence hashes, and voting node attestations.
Day 27: VPX DAO governance alerted to suspected AIT scheme. Bilateral route Carrier A→B flagged for enhanced monitoring. VPX-connected carriers receive fraud alert: "Route A→B exhibits AIT indicators. Recommend enhanced due diligence on settlement invoices from this route pair."
Day 30: Independent verification: Two VPX-connected Tier 1 carriers cross-reference their own traffic data. Carrier C routed 2.4M minutes via Carrier A in Month 1, but Carrier A's reported downstream terminations (to Carrier B) don't correlate with Carrier C's originating destinations. Traffic distribution mismatch confirms fabrication hypothesis.
Outcome: Carrier A and Carrier B are flagged in VPX fraud database as "AIT-suspected route pair." VPX-connected carriers implement enhanced settlement audits (CDR cross-verification, downstream correlation checks) for this route. Within 60 days, Carrier A's fabricated traffic volume drops 89% (8.2M → 900K minutes/month) as enhanced scrutiny makes the scheme unprofitable. Estimated fraud prevention: £1.03M annually across VPX carrier network.
Key Detection Advantage: Traditional bilateral settlement cannot detect AIT because both colluding parties have incentive to hide the fraud. VPX's network-wide visibility enables third-party carriers (C, D, E) to flag anomalies that neither A nor B would self-report. The multi-carrier corroboration (traffic imbalance visible to 6+ independent VPX nodes across 4 countries) creates unforgeable evidence.
False Positive Mitigation: VPX differentiates AIT from legitimate traffic imbalances (e.g., one-way broadcasting services, call center termination) through additional context: AIT exhibits uniform call durations (robotic signature), whereas real traffic shows natural variation. AIT routes show downstream distribution gaps (traffic "vanishes" after termination), whereas legitimate high-volume routes show 1:3-1:8 inbound:outbound ratios as traffic fans out to multiple destinations.
Operational Impact: AIT detection does not immediately block traffic (avoiding false positive disruption to legitimate routes). Instead, flagged routes trigger enhanced monitoring, settlement audit requirements, and DAO governance review. If fraud is confirmed via multi-party evidence (3+ independent carriers corroborate anomalies), the route pair is blacklisted and participating carriers face stake slashing penalties (25% first offence under the canonical Tier-1 schedule, detailed in Whitepaper 02: VPX Token Economy §10; offence-evidence mapping to Operator slashing is also discussed in Whitepaper 01 §8).
6. Accuracy & False Positive Management
The consensus model is designed to hold false positives materially below single-model commercial fraud databases on confirmed blacklist entries (scheduled design target, not measured production performance; subject to network conditions and validator distribution). The target is supported by three mechanisms:
- Multi-party validation: no single node can blacklist a number. The 2/3+ consensus requirement means multiple independent AI models must agree.
- Counter-evidence process: any node can submit exonerating data during the consensus window, increasing the threshold to 80%.
- Progressive confidence: numbers scoring between 70-85 are flagged but not blacklisted, giving carriers the option to apply their own risk tolerance.
6.1 Model Retraining
The AI scoring model is retrained hourly on network-wide traffic data. Each Fraud Node downloads updated model weights via the VPX Protocol's model distribution mechanism. Retraining incorporates confirmed fraud outcomes (true positives and true negatives from the consensus process) as labelled training data, creating a continuous feedback loop that improves accuracy over time.
7. Economic Impact for Carriers
Carriers adopting the VPX Fraud Consensus feed achieve measurable fraud loss reduction, faster attack containment, and lower false positive costs compared to traditional fraud management approaches.
7.1 Fraud Loss Reduction
Based on VPX detection speed (60-second network-wide propagation vs traditional 24-48 hour industry response times) and fraud campaign duration analysis, carriers adopting VPX are projected to achieve a 40-75% fraud loss reduction (central case 60%). The canonical Tier-2 carrier profile against which these figures are quoted is set out below. The canonical profile:
- Carrier profile: 500M international wholesale minutes/year, approximately £225M total carrier revenue base (the fraud-exposure base; the £0.008/min blended termination rate is not the carrier's revenue base).
- Pre-VPX fraud losses: ~£1.8M/year (0.8% of £225M revenue base, CFCA Global Fraud Loss Survey 2023 industry-typical[1]).
- Post-VPX fraud losses: ~£720K/year at the central case (60% reduction; band £450K-£1.08M depending on the 40-75% reduction range).
- Annual savings from fraud loss reduction: ~£1.08M at the central case (band £720K-£1.35M).
The reduction is achieved through two mechanisms: (1) Network-wide propagation prevents fraud campaigns from exploiting multiple carriers sequentially (eliminating the "whack-a-mole" problem where fraudsters move between carriers after detection), (2) Sub-70 second detection-to-protection window limits fraud campaign exposure from hours/days to under 2 minutes.
7.2 Faster Detection ROI
Traditional fraud detection operates on hour-to-day timelines, allowing attackers to generate £50K-200K in fraudulent traffic before blacklisting propagates industry-wide. VPX's 60-second network-wide propagation reduces this window by 98%+, limiting fraud campaign exposure to £1K-5K before protection activates.
Illustrative scenario (modelled, not a measured production case): a Wangiri campaign targeting UK numbers with Solomon Islands premium-rate callbacks generates £87K in fraudulent traffic over 14 hours before detection by traditional FMS systems. With VPX Fraud Consensus, the same attack pattern would be detected and blacklisted network-wide within 70 seconds, limiting exposure to ~£2.3K (a ~97% reduction in fraud losses).
7.3 Reduced False Positive Costs
Commercial fraud databases have false positive rates of 0.1-0.5%. For a carrier processing 100M calls/year, a 0.3% false positive rate means 300K legitimate calls blocked = £150K-300K lost revenue (assuming £0.50-1.00 average revenue per blocked call).
VPX is designed to drive the false-positive rate materially lower than any single commercial database, by requiring 2/3 independent-node consensus plus a counter-evidence window before a number is blacklisted, so that a single mis-scoring node cannot cause a false block. Even a conservative order-of-magnitude improvement on the commercial baseline would cut the false-positive cost for a 100M call/year carrier from £150K-300K to a small fraction of that. The realised rate is a design target, not a guaranteed figure.
7.4 Total Economic Impact
For the canonical Tier-2 carrier profile above (500M minutes/year, ~£225M revenue base, 100M calls/year, baseline fraud loss 0.8%), the total annual economic benefit of fraud-feed adoption is shown below. All figures are projected, central case:
ROI projections are based on VPX economic modelling, fraud detection speed analysis, and the canonical carrier profile defined above. Actual ROI will vary based on carrier baseline fraud rates, traffic volume, implementation quality, and network adoption. These are forward-looking projections and do not guarantee specific returns. The VPX fraud feed is designed to deliver measurable economic value independent of adoption of other VPX Network services (routing, settlement).
7.5 Fraud Intelligence as a Product
The same consensus that protects VPX carriers is a saleable asset. VoicePro monetises fraud intelligence on two tiers that reinforce rather than compete with each other.
Network tier (token-mediated): VPX-connected carriers receive fraud alerts as a benefit of membership, and Fraud Nodes earn VPXN for correct classifications. This is the flywheel described above, priced in VPXN (see §7.4).
Commercial tier (fiat): non-participant operators, MVNOs, enterprises and their fraud teams can subscribe to a commercial feed - VPX Global Insight+ - for fiat, delivered by API or scheduled file. Because the dataset is produced across the whole network rather than a single carrier, it carries signal a single operator cannot generate alone. Margin on the commercial feed routes to the VPX treasury and buyback-and-burn, so the fiat product is accretive to VPXN rather than a drain on it.
The product is factual signal, not accusation: flagged number ranges (IRSF, hijacked or unallocated), routes exhibiting AIT indicators, Do-Not-Originate candidates and Wangiri or SIMbox patterns - never a claim that a named carrier is fraudulent. This keeps the feed defensible and is how fraud intelligence is sold across the industry. Commercial resale is limited to aggregated, de-identified signals, consistent with VoicePro carrier interconnect terms.
Strategically this turns VoicePro from a net consumer of third-party fraud and numbering dips into a net originator of them: the intelligence it already buys to protect its own traffic becomes a product it sells. Revenue is carried in the B2B carrier P&L as the VPX Global Insight+ line (per-query and subscription pricing).
8. Competitive Landscape
The VPX Fraud Consensus model is compared against existing fraud intelligence solutions across five dimensions: detection speed, accuracy, update mechanism, transparency, and coverage.
8.1 Key Differentiators
The VPX fraud-feed design targets the following performance envelope through its distributed consensus architecture. All figures below are scheduled targets and projected design goals, not measured production performance; actual performance will depend on network adoption, validator distribution and operational conditions:
- Speed: target <70-second detection-to-protection median (design goal versus typical industry 15min-24h response cycles) through real-time blockchain propagation rather than manual / scheduled updates.
- Accuracy: multi-party consensus validation (2/3+ threshold) with counter-evidence mechanism targeting a false-positive rate materially below single-model commercial databases (target, not measured at scale; see §6.1 for the dynamic-rate-adjustment mechanism).
- Transparency: every blacklist entry includes immutable on-chain audit trail (reporting node, timestamp, evidence hash, voting nodes) - a structural property of the protocol design.
- Coverage: network-effect architecture - value increases with each additional VPX carrier (scheduled benefit, contingent on adoption).
- Immutability: distributed consensus is designed to prevent single-party manipulation - a property of the consensus model.
8.2 Integration Advantages
VPX fraud-feed integration is carrier-agnostic and is designed to be deployable alongside existing fraud systems with no required replacement of incumbent tooling. Carriers retain full control over fraud decisioning (VPX provides signal, carrier applies policy) while benefiting from network-wide intelligence. References to specific incumbent product categories (commercial databases, industry associations, FMS vendors) are at category level; VPX does not assert specific cost or performance comparisons against named third-party vendors here.
The decentralised architecture is designed to reduce single-vendor lock-in and to support continued fraud intelligence availability across changes in individual node-operator membership. Operational resilience targets are scheduled, not guaranteed.
9. Conclusion
The VPX Fraud Consensus model transforms telecom fraud detection from a siloed, carrier-by-carrier problem into a network-wide, consensus-driven intelligence layer. By combining per-number AI scoring with distributed consensus validation and blockchain immutability, the model targets detection speeds (sub-70 seconds from first fraudulent call to network-wide protection) and accuracy levels (false positives materially below single-model commercial databases, as a design target) that no single-carrier system can match.
The economic model reinforces accuracy: Fraud Nodes earn rewards for correct classifications and face stake slashing for demonstrably false reports. This creates a self-correcting system where the financial incentives of every participant are aligned with network-wide fraud prevention. For comprehensive staking economics, reward distribution mechanics, and slashing tiers, see Whitepaper 02: VPX Token Economy, Sections 5-9.
Carriers adopting VPX Fraud Consensus are projected to achieve measurable ROI within 30-60 days through fraud loss reduction (£720K-£1.35M/year projected for the canonical mid-size carrier profile, central case ~£1.08M), lower false positive costs (£145K-290K/year projected savings), and reduced commercial database expenses. Based on economic modelling, the fraud feed is projected to deliver approximately 25-40× annual return on investment independent of other VPX Network services. Disclaimer: These are forward-looking projections based on VPX economic modelling and fraud detection speed analysis. Actual results will vary based on carrier traffic volume, baseline fraud rates, network adoption, implementation quality, and market conditions.
For carriers considering VPX integration, the fraud consensus feed can be adopted as a standalone signal source - ingested alongside existing FMS rules - without any commitment to other VPX Network services. The fraud feed is the most immediate, lowest-risk, highest-ROI entry point to the VPX Ecosystem. Integration typically requires 2-4 hours of development time using the planned SDKs (Python, Node.js, Java, Go) and can be deployed with zero disruption to live traffic.
10. Canonical Disclaimers
Reproduced from the VPX Token Economy Whitepaper v3.5 (§16.2 and §16.3), with cross-references localised to this document.
This document is published by VoicePro Plus Ltd for informational purposes only. It does not constitute investment advice, a prospectus, or an offer of securities. The VPX Ecosystem is under active development; specifications described herein are subject to change. VoicePro Plus Ltd is registered in England and Wales (Company No. 14520016). Registered office: 128 City Road, London, EC1V 2NX.
10.1 Standard Reward Disclaimer
VPXN rewards are utility tokens earned through participation in the VoicePro Mobile platform or operation of VPX infrastructure. They are denominated in VPXN and convertible within the VoicePro ecosystem. Reward rates are not guaranteed; they are subject to network conditions, DAO governance changes, and the dynamic adjustment mechanisms described in Whitepaper 02, Section 11.6.1. The value of unredeemed VPXN balances may fluctuate. VoicePro does not solicit purchases of VPXN as an investment. VPXN is not a security, share, or claim on revenue.
10.2 Standard Tax Notice
VPXN rewards may constitute taxable income or a benefit in kind in the recipient's jurisdiction. UK recipients should be aware that HMRC has indicated that crypto rewards from platform engagement may be treated as miscellaneous income or, in some circumstances, as a benefit in kind. Recipients are responsible for their own tax compliance. VoicePro does not provide tax advice; recipients should consult a qualified adviser. This notice is general in nature and does not constitute legal or tax advice.
References
Every citation in this document routes here. Each entry names the primary source and the exact claim it supports.
- [1]CFCA - Global Telecommunications Fraud Loss Survey (2023). Global telecom fraud losses of approximately $39 billion annually cfca.org/fraud-loss-survey/ ↗ · accessed July 2026Cited in §7
This document is published by VoicePro Plus Ltd for informational purposes only. It does not constitute investment advice, a prospectus, or an offer of securities. The VPX Ecosystem is under active development; specifications described herein are subject to change. VoicePro Plus Ltd is registered in England and Wales (Company No. 14520016). Registered office: 128 City Road, London, EC1V 2NX.
Ready to learn more?
Speak to our team about the VPX Ecosystem and how it integrates with your existing infrastructure.
Contact Our Team