The modern telecom landscape is undergoing a deep architectural transformation. The deployment of 5G networks and the implementation of dynamic network slicing require telecom operators to radically rethink their BSS/OSS (Business Support Systems / Operations Support Systems). Traditional monolithic billing systems, designed as closed proprietary complexes, are no longer capable of rating traffic in real time with the necessary flexibility.
The main challenge lies in the technological gap between legacy billing systems and the 5G cloud core, as well as the rise in cyber threats. According to the CFCA Global Fraud Loss Survey 2025, global financial losses from telecom fraud are estimated at approximately $41.82 billion per year, with about $5.31 billion attributed solely to subscription fraud. To minimize these risks and maintain profitability, operators are forced to rapidly transition from monoliths to API-first modular architectures, where rating, mediation, and anti-fraud mechanisms function as integrated microservices.
Evolution of billing: why monolithic BSS cannot keep up with 5G dynamics
Historically, telecom billing was built around batch processing. Network switches generated Call Detail Records (CDR), which were periodically uploaded to the billing system for aggregation and invoicing. This paradigm met the needs of voice communication and mobile internet of previous generations.
However, the 5G standard, developed by the 3GPP consortium, is based on a Service-Based Architecture (SBA) that adheres to cloud-native principles. In such an environment, rating must occur simultaneously with service consumption. If a subscriber uses a dedicated network slice for critical IoT devices or telemedicine, the system must calculate the session cost in real time, based on dynamic Quality of Service (QoS) parameters. Monolithic BSS in this context becomes a technological bottleneck: changing rating logic or deploying a convergent tariff requires intervention in the system core, lengthy testing, and months to release (time-to-market).
Mediation layer as a bridge between legacy protocols and the cloud core
Telecom mediation platforms collect, normalize, and transform "raw" network data (signaling traffic, CDR, IPDR) into a format understandable by BSS. The complexity lies in the need to simultaneously support equipment from different eras.
On one hand, segments of 2G/3G/4G based on SS7 and Diameter protocols remain in operation. The ENISA Threat Landscape 2025 report clearly indicates that exploiting vulnerabilities in legacy signaling protocols remains a persistent security risk for mobile networks, as they lack built-in cryptographic protection mechanisms of the 2020s. On the other hand, the 5G core communicates exclusively via modern HTTP/2 REST API using JSON.
The solution is the implementation of API-based mediation layers. Such a gateway is capable of simultaneously receiving streaming binary data from legacy switches, cleaning it, and generating structured JSON requests for modern BSS components in real time.
Real-time rating in the context of network slicing
To monetize 5G slicing, operators deploy real-time rating engines directly within the service-oriented core. The Charging Function (CHF) interacts with the Session Management Function (SMF) via the standardized Nchf interface.
This allows for rating not just megabytes, but the fulfillment of specific SLAs. For example, if a client orders a slice with guaranteed ultra-low latency (URLLC), the system constantly exchanges data with the BSS to check the balance and deduct funds for milliseconds of priority traffic. Upon reaching the limit, an immediate command is issued to lower the priority or degrade QoS to a standard level, preventing the occurrence of accounts receivable.
Integration with BSS: eliminating revenue leakage and countering IRSF
The lack of real-time control makes operators vulnerable to International Revenue Share Fraud (IRSF). Attackers generate thousands of parallel calls to controlled international premium numbers. With batch CDR processing, an operator detects the anomaly only after several hours, when losses have already reached hundreds of thousands of dollars.
Countermeasures require the deployment of anti-fraud modules that monitor signaling traffic and detect IRSF patterns in real time. It is important to note that industry initiatives such as STIR/SHAKEN (described in the FCC First Caller ID Authentication Report and Order) are focused exclusively on Caller ID authentication and combating spoofing. They are an important part of security but are not a comprehensive solution against complex IRSF schemes or subscription fraud. Deep signal analysis combined with BSS is required.
The teams of the Intecracy Group alliance (an alliance of independent companies linked by partner agreements and share exchanges) provide telecom architecture design services, helping operators transition to cloud-native solutions, integrate disparate BSS/OSS, and deploy traffic processing platforms. For the rapid creation of reliable integration gateways, UnityBase can be used — a full-stack JavaScript low-code platform (jointly developed by Intecracy Group companies, with InBase as a key developer). Using a unified Domain metadata model and an ORM independent of the DBMS, UnityBase allows for the construction of custom API layers on top of legacy systems. The presence of built-in access control mechanisms (RBAC, RLS) and detailed transaction auditing (audit trail) in the Enterprise and Defence commercial editions ensures the necessary level of security when exchanging data between the network core and BSS.
Transitioning to Open Digital Architecture (ODA): practical decomposition steps
To overcome dependence on monoliths, the industry is oriented toward the Open Digital Architecture (ODA) concept from TM Forum. ODA involves replacing closed BSS/OSS with a component infrastructure where rating, product catalogs, and client profiles function as independent but coordinated microservices via TM Forum Open APIs.
However, it should be understood that implementing ODA or API-first approaches does not magically eliminate all integration problems. Decomposing a monolith creates new architectural challenges: the complexity of ensuring eventual consistency and the need to minimize latency during cascading requests between services. The transition should be carried out gradually:
- Product Catalog centralization: isolating a single source of truth for tariff and product configuration, separated from the execution system (rating engine).
- API Gateway: deploying a gateway for orchestrating and securing microservice interfaces.
- Strangler Fig Pattern: parallel deployment of a new 5G rating microservice with a gradual migration of subscribers from legacy billing.
| Parameter | Monolithic BSS | Modular API-First (ODA) |
|---|---|---|
| New tariff launch speed | Months (requires core code changes) | Days or hours (via API component configuration) |
| 5G traffic processing | Limited (batch CDR processing) | Real-time (integration with Service-Based Architecture) |
| Integration complexity | High (point-to-point connectors) | Low (standardized TM Forum Open APIs) |
| Fraud reaction | Reactive (analysis after CDR generation) | Proactive (real-time signaling traffic monitoring) |
BSS/OSS modernization is a critical step for survival in the telecom market. The transition to an open component architecture and the implementation of next-generation mediation platforms not only protects revenue from increasingly complex fraudulent schemes but also creates a foundation for monetizing innovative 5G network services.
FAQ
How can legacy billing systems be integrated with a new 5G Core without a complete BSS replacement?
The most effective method is deploying a hybrid API-based mediation layer. It accepts modern JSON requests from the 5G core (Nchf interface) and transforms them on the fly into traditional formats (Diameter or batch CDRs) understood by legacy billing. This allows for phased migration without interrupting business processes.
What role does a mediation platform play in preventing IRSF-type fraud?
Mediation platforms integrate with anti-fraud modules to analyze signaling traffic (SS7, Diameter) in real time. By detecting anomalous patterns, such as a spike in mass calls to international numbers, the system can block suspicious trunks before the call is established and the first CDR is generated.
What are the advantages of implementing Open Digital Architecture (ODA) for BSS/OSS?
Implementing TM Forum ODA standards helps break proprietary monoliths into independent microservices that interact via Open APIs. This reduces vendor lock-in, accelerates the launch of new tariff products, and allows for easy scaling of only those business functions (e.g., real-time rating) that experience the highest load.