Secure, cost-effective services and consulting for telcos, ISPs and OTTs
Telecommunications providers are responsible for offering their customers the best possible service based on a secure, powerful and high-performance infrastructure. Additionally to this, they must also fulfill the requirements of the German Telecommunications Act (TKG) which are mandatory by law.
valantic’s software solutions and services for the telecommunications sector give telcos the opportunity to implement the requirements for TKG compliance, TC security, and TC software engineering quickly, cost-effectively, securely, and with little effort. This also includes the provision of the digital interface (ETSI ESB) and the e-mail-based transmission procedure (E-Mail ESB).
valantic’s service portfolio includes TKG compliance solutions for the legally compliant handling of public authorities’ requests for customer data, traffic data and retained data (Section 9 of the German Telecommunications & Telemedia Data Protection Act (TTDSG) (Section 96 TKG), Section 112 TKG, Section 174 TKG ), Section 176 TKG (Section 113b TKG)) and for the legally compliant monitoring of telecommunications, international-gateways and e-mails (Section 170 TKG (Section 110 TKG)). If desired, valantic can, as your partner, take over the entire business process and end-to-end handling of contacts with public authorities. valantic serves the entire spectrum of all TKG-relevant requirements. In doing so, its consultants act as a link between all authorized bodies, the German Federal Network Agency (BNetzA) and the German Federal Commissioner for Data Protection and Freedom of Information (BfDI).
Another indispensable component for telecommunications providers is valantic’s portfolio of fraud detection solutions. These fraud prevention management systems help identify fraud patterns quickly and efficiently, thereby avoiding financial losses and the associated reputation damage.
For processes that cannot be mapped using standard software, we work together with you to develop digital solutions tailored to your specialist division’s specific needs.
We’d be happy to advise you!
Legally compliant from the first customer onwards
Telecommunications regulation is a sovereign task of the German Federal Office of Justice. The underlying goal of the German Telecommunications Act (TKG) is to safeguard user and consumer interests and fair competition, and to secure the baseline provision of telecommunications services nationwide.
The current German Telecommunications Modernization Act (TKMoG) revised and modernized the present TKG comprehensively, and the amendment was supplemented by a new law, the German Telecommunications & Telemedia Data Protection Act (TTDSG). This has also led to changes to the legal fundamentals relevant for TKG compliance and goes hand in hand with a new technical guideline – the German Technical Guideline for Implementing Statutory Measures for Monitoring Telecommunications.
For providers of interpersonal and interactive electronic communications services (Section 3 No. 24 TKG), the provisions of the German Telecommunications Act are legally binding and in part entail additional costs for personnel and other outlays.
The following applies:
Other transmission procedures are not allowed!
valantic’s three-part solution suite allows providers of Internet access services, telecommunications services, and number-based and number-independent over-the-top services (OTT) to cut personnel costs, expedite their workflows and boost the economic efficiency of handling TKG compliance-relevant processes (Section 172 (1) and (3) TKG) and (Sections 21 to 24 TTDSG).
With valantic’s support, telecommunications service providers can return to concentrating on their core business, leaving valantic to ensure professional fulfillment of the legal guidelines.
Consulting & Support
valantic’s consultants have extensive TKG know-how. They advise customers on all relevant obligations in the run-up to an implementation, and draw up the necessary concepts for the security and supervisory authorities.
Development & Operation
valantic’s consultants have more than two decades of practical experience in implementing legal requirements.
Reporting & Monitoring
When taking over specialist processes, valantic works 24×7 with security-cleared personnel who have sound know-how in the legal fundamentals of e.g. TKG and the German Code of Criminal Procedure (StPO).
cAIS – Public Authority Information System
Section 9 TTDGS (Section 96 TKG) | Traffic data
Section 174 TKG (Section 113 TKG) | Customer data
Section 176 TKG (Section 113b TKG) | Retention data
With cAIS, valantic offers its customers a modular public authority information system for receiving and responding quickly to requests from German and European public authorities for customer, traffic and retention data. The solution runs on-premises and as Software-as-a-Service (SaaS). The European Telecommunications Standards Institute (ETSI-ESB) transmission procedure is an integral part of the solution, which also includes a SINA (Secure Inter-Network Architecture) box in the SaaS variant. cAIS is also suitable for small and medium-sized telecommunications providers, allowing them to respond quickly and easily to official inquiries.
However, more and more TC providers are turning to valantic’s Business Process Management (BPM) to fulfill these legal requirements and are thus following the trend of outsourcing these complex activities to a specialist (contractor ) such as ourselves. This is allowed under the new European production and preservation orders (E-Evidence Regulation). The telecommunications provider / service provider can thus focus on its core business, doing so with the certainty of operating in full compliance with the law.
E-Evidence Regulation
EPOC and EPOC-PR | E-Evidence Regulation
With the adoption of the E-Evidence Regulation on June 13, 2023, the foundation was laid for better digital cooperation across the EU in the area of cross-border access to electronic evidence (mutual requests for legal assistance). The Regulation obliges providers of online services to secure and hand over electronic evidence on the order of judicial authorities within the Regulation’s ambit – regardless of whether the user data are stored on servers in different countries, or inside or outside the EU. The rules will only apply to stored data, as real-time monitoring of telecommunications is not covered by the guidelines. The measures must be implemented within two years of the date of entry into force of this Regulation.
cLIMS – Telecommunications Monitoring
Section 170 TKG (Section 110 TKG) | Telecommunications monitoring (TCM)
Section 170 TKG (Section 110 TKG) | International gateway monitoring (IGM)
Section 170 TKG (Section 110 TKG) | E-mail monitoring
There are four good reasons for using cLIMS (“Lawful Interception as Managed Service”): cost-effectiveness, guaranteed legal compliance, data protection and quality. valantic employs security-cleared personnel to implement its customers’ monitoring measures in accordance with Section 110 TKG on a 24×7 basis, covering every aspect from receiving and reviewing the monitoring orders to billing. valantic ensures that you comply with all legal requirements.
cAAV – Automated Information Process
Section 173 TKG (Section 112 TKG) | Automated Information Process
Network operators must provide public authorities with automated access to all assigned telephone numbers as well as to the corresponding addressees. It must be ensured that the German Federal Network Agency (BNetzA) is able to retrieve data from the operator’s customer files from within Germany at any time. With cAAV, valantic offers network operators a powerful solution for reliably fulfilling the legal requirements of Section 173 TKG (Section 112 TKG). cAAV can be integrated into legacy CRM systems and is available as a managed service.
Secure networks, data and revenues via the ETSI interface
Telecommunications networks form part of a country’s critical infrastructure and are increasingly being targeted by cybercriminals. Fault- and interruption-free operation of the networks and services must be fully guaranteed at all times.
The German Telecommunications Act (TKG) and the EU General Data Protection Regulation (EU GDPR) impose legally binding measures on the providers of telecommunications and Internet services. They must, amongst other things, inform their customers as quickly as possible of DDoS (distributed denial of service) attacks, infected systems and cyber attacks to enable countermeasures to be taken without undue delay.
EU data protection requirements impose strict rules on the handling of customer data, particularly with regard to data storage. Early detection of attempted fraud in telecommunications networks helps reduce and avoid economic damage.
For the various tasks in the area of security, valantic offers special solutions for avoiding financial losses and reputation damage for the companies concerned.
cERT – Automated BSI Notifications
Section 169a (4) TKG (Section 109a (4) TKG) | CERT notifications
Section 169a (4) TKG requires telecommunications providers to notify their customers of DDoS (distributed denial of service) attacks, infected systems and open server services without undue delay. With cERT, valantic helps network operators to fulfill this obligation. It ensures the automated processing of cERT notifications and identification of the relevant customer data. Afterwards, the data subjects are notified and informed automatically about the potential threats and suitable countermeasures.
cDROP – Central Data Erasure Platform
Section 35 of the German Federal Data Protection Act (BDSG) | Article 17 EU GDPR | Personal data
The EU General Data Protection Regulation (EU GDPR) requires all companies to erase obsolete customer data and to be able to prove this in case of doubt. valantic’s cDROP allows network providers to implement statutory erasure requirements on the basis of defined rules, even in heterogeneous IT ecosystems and across multiple customer accounts. cDROP has interfaces for connecting to various data-carrying source and target systems. Audit-proof historization and meaningful reports document the erasure operations.
fAST – Fraud Management & Revenue Assurance
valantic’s fAST is a detection & prevention system that helps avoid losses from bad debts as well as consequential and reputation damage. Rule-based scenarios and automated real-time actions ensure rapid detection and containment of threats and reliable prevention. fAST’s highlights include outstanding scalability, high-speed data analytics and the ongoing optimization of the threat detection processes.
Digital solutions that connect
valantic develops, digitizes and automates workflows in its telco customers’ IT ecosystems, addressing, for example, division-specific processes that can only be mapped at considerable additional expense, or not at all, by standard software solutions. Another facet of the software services is the modernization of legacy applications, allowing them to continue to operate reliably with other IT systems. Here’s a overview of our consulting approach and project methodology:
Agile Development Methodologies
valantic develops solutions based on agile, state-of-the-art scrum project methodologies tailored systematically to its customers’ specific needs. It works hand in hand with its customers to monitor progress at regular intervals (sprints).
Interoperability
valantic designs and implements interfaces to relevant source and target systems by means of REST and SOAP and works closely with its customers to close digital gaps and eliminate any existing media breaks.
Cutting-Edge Technologies
valantic uses modularized Java backend systems and employs methods such as Business Process Modeling Notation (BPMN) and workflow and decision engines for IT-assisted process execution. Docker container technology is used to provide services such as databases or mock placeholders, while full-text searches run on the powerful open-source search engine Elasticsearch, and front-end frameworks such as Angular and Vue.js guarantee user-friendly web interfaces.
Operating Models
On Premises, Managed Service, Software-as-a-Service.
