The evolution of telecommunications networks toward cloud-native architectures and the implementation of 5G Standalone (SA) are fundamentally changing how subscriber data is managed. One of the most critical and technologically complex processes in this context remains Mobile Number Portability (MNP). What appears as a simple operator change with prefix retention at the user interface level becomes a complex task of coordinating signaling traffic, synchronizing distributed databases, and preventing fraud at the enterprise infrastructure level.
Modern telecom faces high operational complexity in integrating legacy signaling protocols (SS7/Diameter) with modern service architectures. A delay in updating routing information by even a few minutes can lead to loss of signaling traffic, incorrect billing, and the creation of vulnerabilities exploited by attackers.
Anatomy of MNP routing: why number portability creates asymmetry
Historically, telecommunications networks were built on the principle of operator-bound numbers, where a specific code (NDC) was strictly assigned to an operator. The emergence of MNP shattered this static paradigm. Now, for every call, the network must perform a "Query on Request" procedure to determine the actual owner of the number before routing the traffic.
There are two primary methods of routing under MNP conditions:
- Direct Routing: the network where the call is initiated queries the local database of ported numbers (LDB), retrieves the Routing Number (RN), and directs the call directly to the recipient's network. This is the most efficient method, minimizing connection setup time.
- Indirect Routing: the originating network directs the call to the primary donor operator based on the prefix. The donor queries its database, determines that the number has been ported, and redirects the call. This creates a "tromboning" effect (a looped route), which increases latency. In practice, up to 53.7% of call setup delays in hybrid networks can be caused by signaling protocol translation at the interface with legacy donor MNP databases.
The main challenge is that all local operator databases must be synchronized with the central database (CRDB) in near real-time.
Legacy of SS7/Diameter and 5G SBA challenges
Modern telecom operators are forced to maintain a hybrid environment. On one hand, the network core based on 3GPP standards (5G Standalone) is built on a service-based architecture (SBA). On the other hand, a portion of voice traffic and SMS still depends on SS7 (MAP) and Diameter protocols, which cannot be abandoned immediately.
According to the ENISA Threat Landscape 2025 report, the exploitation of legacy signaling protocols (specifically SS7 and Diameter) remains a persistent security risk for mobile networks. Attackers can use spoofed signaling messages to gain unauthorized access to routing information or intercept SMS traffic (e.g., OTP passwords). Approximately 27.7% of signaling security incidents in cross-border roaming can be linked to routing data manipulation.
Financial dimension: subscription fraud and identifier spoofing
Slow MNP database synchronization is a significant source of financial loss. According to the CFCA Global Fraud Loss Survey 2025, global losses from telecom fraud in 2025 are estimated at approximately $41.82 billion (an increase compared to $38.95 billion in 2023). Subscription fraud, which can be directly linked to user identification during number porting, causes losses of about $5.31 billion annually.
Fraudsters exploit the "grey window"—the time interval between the actual moment of number porting and its update in billing systems—to intercept access or organize bypass routing.
Transitioning to TM Forum ODA: how API-first solves the MNP problem
To overcome these challenges, the TM Forum Open Digital Architecture (ODA) concept proposes replacing monolithic BSS/OSS with a component-based architecture where domains interact via standardized Open APIs.
Transitioning to ODA means abandoning batch processing in favor of an event-driven architecture. When the CRDB confirms a number porting, the event is immediately published to the data bus. BSS and OSS components subscribe to these events and instantly update their local caches, which isolates the signaling core from heavy databases and ensures a unified security model.
Modernizing BSS/OSS: practical steps and tools
Modernization of legacy BSS/OSS systems and the construction of an integration layer for MNP routing can be implemented based on the UnityBase platform, a joint development of the Intecracy Group alliance. Thanks to a unified Domain metadata model, the platform allows for generating REST API and synchronizing subscriber data between different DBMS (Oracle, PostgreSQL, MS SQL) without accumulating technical debt.
For Tier-1/2 telecom infrastructure, transaction processing speed is critical, which is provided by an asynchronous non-blocking server based on the SpiderMonkey engine. Furthermore, for high-load projects, commercial editions of the platform (Enterprise/Defence) provide advanced security mechanisms: role-based and row-level access control (RBAC/RLS), deep audit trails, and the ability to isolate signaling traffic from direct access to the core.
It is important to understand that implementing cloud platforms does not automatically eliminate all threats. It is necessary to configure signaling firewalls that will correlate incoming SRI/LUR requests with the actual status of the number in the local MNP database in real-time.
| Comparison parameter | Monolithic legacy BSS/OSS | Cloud-native API-first (ODA/3GPP) |
|---|---|---|
| Synchronization speed | Batch processing, delays up to several hours | Real-time synchronization (Event-driven API) |
| Signaling interface processing | Direct address translation (GT), SS7 exploitation risk | Signaling core isolation, verification via SBA security |
| MNP database scalability | Vertical (hardware dependency) | Horizontal scalability, microservices |
| Fraud resistance | Low (slow porting status verification) | High (instant access to registries via API) |
Modernizing MNP routing is a necessity for maintaining network integrity. The transition from legacy monoliths to flexible API-first architectures allows for reliably protecting the operator's signaling core from modern telecom fraud methods and ensuring service stability in a 5G environment.
FAQ
How does the transition to 5G Standalone affect the operation of local MNP databases?
In 5G Standalone networks (according to 3GPP standards), traditional signaling protocols are replaced by a service-based architecture (SBA). Local MNP databases must support modern API interfaces for instant call routing without the delays characteristic of legacy protocol translation.
What are the main vulnerabilities in SS7 and Diameter used by fraudsters?
According to ENISA data, the main issue is the exploitation of legacy signaling protocols due to the lack of reliable cryptographic verification. Attackers initiate spoofed routing requests during MNP database synchronization delays to intercept SMS or redirect traffic.
Why is ODA more effective than traditional monolithic BSS/OSS systems?
The TM Forum Open Digital Architecture (ODA) replaces monoliths with a component-based, API-first architecture. This allows for a shift from slow batch processing to an event-driven model, where porting information is synchronized across all operator domains instantly.