Telekom Innovation Laboratories has built a solution, using Hyperledger Fabric, that simplifies and facilitates processes between telecommunications network providers for commercial use cases in the areas of wholesale roaming, wholesale voice and data on demand.
Network operators are facing big problems in handling increasing volumes of roaming traffic. They have hundreds of roaming agreements with other operators in place that need to be updated, implemented and settled, mostly on a yearly basis.
Due to lack of automation of interconnection agreements and complexity of current processes, operations are slow and require a lot of manual work. This leads to financial losses due to roaming transactions that cannot be properly tracked and charged. These days, agreements are to a large part analogue contracts on paper that need to be proofread multiple times by many people. The agreed commercial terms then need to be implemented into the software systems manually later on. Some network operators exploit the current process to their financial benefit by not implementing agreements at all or only with delays, leading to financial losses and disputes. Typos can also lead to disputes and financial losses. A holistic, analytic view on all agreements is impossible. At the end of the contract period, the contracts need to be settled, which means that volumes need to be compared, discrepancies clarified and fraud deducted, which is another lengthy and cumbersome undertaking
The processes in place are dated and are not fit for expected increase of roaming traffic, especially when IoT roaming and 5G will become more widespread. Current systems are hard to scale and lack flexibility.
We at Telekom Innovation Laboratories believe that, in the future, automated processes need to be in place in order to enable telecommunications providers to deliver even better services to customers and be ready for new technologies and services that are already evolving, for example 5G and IOT. The current processes are simply not suitable for handling the technologies of the future.
Using Hyperledger Fabric at its core, our solution will optimize the process and, more importantly, enhance the trust between telecommunications providers.
The solution has two main layers:
The application layer provides interfaces for the many different processes mentioned above (e.g., enabling commercial roaming teams to create, sign and implement wholesale roaming agreements in a fully digitized way). It also has a UI for the commercial managers to interact with.
The network layer provides a solution that enables telcos to install nodes in their own IT infrastructure and join the main network in a semi-automated and effortless way.
Between these layers, an API enables the flow of data and transactions.
The current version focuses on the digital creation and signing of wholesale roaming discount agreements. A digital solution immediately leads to more transparency across internal teams (e.g., finance, legal, commercial), reduction of third party dependencies, reduction of bad debts and a better cash flow situation and therefore increases the profitability of telecommunications providers.
One of the reasons to pick Hyperledger Fabric was the integrated certification authority (CA). With this component, we can ensure that transactions are linked to the legitimate actors, which is very important from a legal perspective. All network operators have signing regulations and processes in place, which ensure that only certain persons inside the organization can sign contracts, while others can only create or edit them. Being able to mirror this process in our solution was a key requirement.
Another reason for our choice was the fact that Hyperledger Fabric is a reliable open source solution backed by a large developer community. We at Telekom Innovation Laboratories believe that the decentralization of blockchain cannot just be a functional aspect but needs to extend to licensing as well. This is the only way to ensure that code can be reviewed, changed, and improved by all participating parties in a blockchain network without having to tackle complex licensing issues. Licensing is challenging already when it comes to bilateral relationships, but is almost impossible to handle if there is a multitude of parties involved in the same system.
In order to ensure maximum control for each network operator joining our system, each operator runs its own full organization on the Hyperledger network. Every organisation entity consists of the following components: peer, frontend, database, certificate authority (CA). The components are packaged as docker components and groups as Pods in Kubernetes and can be installed on the premises of each client organisation that joins the network. There are several reasons for choosing this approach:
- Each participant in the network can have control over its data (contracts) as well as administrative rights to the technical components. Sensitive data can therefore be stored on premise or on private cloud or even dedicated hardware, managed by the organisation.
- Using the distributed blockchain architecture, a copy of the ledger is located on multiple organisations at the same time. Transactions flow is implemented by the orderer in the core network, where the consensus algorithm is implemented. This allows for much higher security, as there is no single point of failure and each organisation participates in the networks at the same level as all other organisations.
- Private certificate authority (CA) allows each organisation to issue cryptographic materials needed to connect to the network, sign contracts and manage transactions. This allows for higher security and flexibility compared to a single centralized CA.
The system currently uses a single blockchain channel, which contains all transactions by all organisations. This means that all transactions are visible by all participants in the channel. However, no contractual data is stored on the ledger. It contains metadata for each transaction that has been executed (e.g., signing a contract by the other party and agreeing to its terms). The hash can be computed based on the raw contract data and therefore can be used as proof in case of dispute that the actual parameters in the contract have been agreed by both parties. A copy of the ledger is distributed in all organisations, but the actual sensitive data is located only at each of the organisations’ respective databases and is not visible to other parties in the network. This ensures that there is a high level of security due to the large amount of participating actors in each transaction, while at the same time keeping up the required confidentiality when it comes to actual commercial data.
The contract data is stored on MySQL server running within the bounds of each individual organisation. This database stores data only related to its own contracts, so there is no distributed contract storage within the network.
Contract data are synchronized only between participating organizations when a transaction occurs (e.g., when a new contract is being created). This synchronization takes place between the frontend components of each organisation. They use a separate API that uses TLS encryption and mutual authentication to secure the transport of data.
A major feature of our solution are installation packages and scripts that allow an easy on-premise creation of a new organization. Through this, we already managed to add major operators to our blockchain network.
Currently, we are also working on integrating the end of period settlements into our solution. As we approach production, we will move to using a RAFT ordering service.