EmbedWay Voice Anti-Fraud Solution
— From Network Traffic to Call Interception
The Challenge
Voice fraud has evolved into a high-tech crime. Criminals now use AI voice cloning, deepfake, and real-time voice morphing to impersonate trusted identities. Traditional anti-fraud measures fall short:
Incomplete data – Only signaling samples, missing the full conversation context.
Lagging detection – Fraud is discovered only after money is lost.
Lengthy response – Multiple systems and manual steps delay blocking.
Deepfake blind spot – Few solutions can detect AI‑synthesized voices in real time.
Our Solution
A closed‑loop system that captures, analyzes, and blocks fraudulent calls — right at the network core.

1. Capture
Mirror core network interfaces (1G–400G) to obtain all of voice traffic with zero packet loss.
2. Extract
Reassemble RTP streams, decode all codecs, and separate caller/called channels.
3. Detect
Analyze acoustic, synthetic, and prosodic features to identify AI‑cloned or TTS‑generated voices.
4. Transcribe
Convert speech to time‑stamped text with speaker role labeling.
5. Analyze
Match against fraud script libraries and fuse deepfake scores, semantic risk, and behavioral patterns to generate a risk score (0–100).
6. Integrate
Push structured intelligence (suspect number + evidence + score) to your existing anti-fraud platform via API.
7. Block
Execute millisecond‑level call termination, speed‑limiting, or diversion through core network signaling.

This is not a blacklist filter. It's an inline detection node that reconstructs every call from RTP streams and acts on deepfake audio in real time.
This is far more than a basic blacklist filter. Deployed inline at the core of the network, it identifies deepfake audio and scam scripts during calls, and enables call interception with optional manual review.
Data completeness is the foundation.
By mirroring interfaces from 1G to 400G, the system reassembles every packet with zero loss. The detection engine sees the full conversation, including silence gaps and cross-talk, which are often telltales in synthetic audio.
Detection works across three independent dimensions.
Acoustic artifacts (e.g., unnatural formant transitions), generative model fingerprints (spectral periodicities left by TTS or vocoders), and prosodic anomalies (odd rhythm, flat intonation) are scored jointly. A single red flag won’t trigger a block; the fusion logic only alerts when multiple layers converge.
Outputs are built for investigation, not just automation.
Alongside a risk score (0–100), we surface the specific time-aligned script fragments that triggered the alert, labeled by speaker role. This means a human reviewer can verify the evidence in under 10 seconds, and the same structured payload can feed directly into case management systems.
Blocking is co-located with capture.
The enforcement module runs on the same appliance that does packet reassembly. Signaling-based termination (SIP BYE or media steering) executes within the same RTT as the analysis — typically under 100ms from feature extraction to teardown. No handoff to a separate policy server, no queueing delay.
We plug into your existing decision layer, not replace it.
Data pushes out via REST or Kafka in a schema you control. You keep your own rule engine, your own whitelist/blacklist, and your own escalation policies. We simply deliver granular, forensically useful intelligence you can feed into them.
Telecom operators face mounting fraud-related churn and regulatory pressure. With this system, they can offer anti-fraud protection as a network-native service tier — no app install, no user friction — while simultaneously reducing complaint volumes.
Regulatory bodies often struggle to obtain structured, admissible evidence from carriers. Our output includes role-labeled transcripts and forgery confidence scores, which can be exported directly into law enforcement workflows and aggregate trend dashboards.
Existing anti-fraud platforms don’t need to rebuild their rule engines. They can ingest our risk scores and script matches as new feature vectors, complementing their existing blacklist and user-reporting data.
Financial institutions care less about the call itself and more about the downstream transaction. Forwarding a high-risk score (e.g., >85) to their payment system can trigger a 24-hour settlement delay or a mandatory out‑of‑band verification.
End users never see the system — and that’s the point. Protection happens at the network side, transparently, without requiring them to install, configure, or update anything.
Copyright©2026 EmbedWay Technologies (Shanghai) Corporation
Stock code: 603496
沪ICP备07003214号-1
Terms of usage