Skip to main content

CBA's Anti-Scam Shield: Powered by Telstra Intelligence (Aduna)

 What is Aduna Made Of? (Overview in Layman’s Terms)

Aduna is like a universal remote control for telecom networks. It’s a global platform that connects app developers to network features (such as verifying phone numbers or boosting internet speed) from multiple telecom companies, including Telstra, AT&T, and Vodafone, using standardised APIs (Application Programming Interfaces). Imagine it as a one-stop shop where developers can access cool network tricks without needing to understand each telecom’s unique system. This makes it easier to build apps for secure banking, smooth gaming, or smart devices like connected cars.

Background

Aduna is a joint venture launched in September 2024 by Ericsson and 13 telecom operators, including Telstra, with its name announced in January 2025. It’s built to work with 5G standalone (SA) networks and aligns with the CAMARA open-source project (for standardising network APIs) and GSMA Open Gateway. It uses cloud-native software and middleware to connect telecom networks and deliver services to developers.   

Purpose for Telstra

Aduna supports Telstra’s T30 strategy (Telco 3.0), which aims to lead in 5G innovation, create programmable, intent-driven networks, and generate new revenue through APIs, aligning with its vision of an autonomous, self-healing network that meets real-time customer needs.

Aduna’s Internal Architecture (In Layman’s Terms)

While exact details of Aduna’s internal architecture are not publicly disclosed, we can infer its structure based on its role as a network API aggregator, industry standards, CAMARA specifications, and Telstra’s 5G integration. The architecture consists of software layers that work together to standardise, aggregate, and deliver APIs across telecom networks. Here’s a breakdown:   

API Gateway Layer (The Front Door)

  • What It Does: This is where developers’ apps send requests, like “Is this phone number active?” It checks if the request is legitimate (using security checks) and sends it to the right telecom network.
  • How It Works: Think of it as a receptionist at a hotel, verifying guests (apps) and directing them to the right room (network). It uses standard web protocols like REST (common for APIs) or gRPC (for faster communication).
  • Tech Likely Used: Cloud-based API gateways (similar to AWS API Gateway or WSO2), with OAuth2 for secure logins and rate limiting to manage traffic. Likely hosted on hyperscalers like AWS, Google Cloud, or Azure for scalability.  
  • Example: A banking app (e.g., CBA’s) sends a request through Aduna’s gateway to verify a customer’s phone number, and the gateway routes it to Telstra’s network.

Aggregation and Orchestration Layer (The Coordinator)

  • What It Does: This layer gathers data or services from multiple telecom networks (e.g., Telstra, Vodafone) and combines them into a single, easy-to-use response for developers.   
  • How It Works: Like a chef mixing ingredients from different stores to make a meal, it collects responses (e.g., SIM status from Telstra, location data from AT&T) and formats them consistently. It handles the complexity of different network systems.   
  • Tech Likely Used: Microservices architecture (using Docker and Kubernetes) for flexibility, with middleware (e.g., Ericsson’s Global Communications Platform) to route and transform data. May include Enterprise Service Bus (ESB)-like functionality for integration.   
  • Example: A delivery app asks Aduna for a driver’s location. The layer pulls data from Telstra’s 5G network and another operator’s network, then sends a unified response.

Network Integration Layer (The Network Connector)

  • What It Does: Links Aduna to the core systems of telecom operators, like Telstra’s 5G core, translating standardised API calls into commands each network understands.   
  • How It Works: Acts like a translator, ensuring Aduna’s requests work with Telstra’s unique 5G setup or another operator’s system. It uses CAMARA-compliant APIs for consistency.   
  • Tech Likely Used: Cloud-native platforms (e.g., Ericsson’s middleware), supporting 5G SA core systems, HTTP, and possibly gRPC for high-speed communication.   
  • Example: Aduna sends a Quality on Demand request to Telstra’s 5G network to boost bandwidth for a video call, using 5G’s network slicing feature.

Data and Analytics Layer (The Brain)

  • What It Does: Processes data, tracks API usage, and ensures compliance with privacy laws (e.g., Australia’s Privacy Act, GDPR). It may use AI to spot patterns, like fraud attempts.   
  • How It Works: Like a librarian logging book loans, it records API calls, checks user consent (e.g., for sharing location data), and analyses usage to improve services.   
  • Tech Likely Used: Big data tools (e.g., Apache Kafka for streaming data), AI/ML frameworks (e.g., TensorFlow or custom Ericsson solutions), and databases for metadata storage.   
  • Example: Aduna monitors SIM Swap API usage to detect fraud patterns, alerting Telstra and CBA if suspicious activity spikes.

Management and Security Layer (The Guard)

  • What It Does: Manages who can use APIs, ensures security (e.g., blocking hackers), and handles billing for API usage.   
  • How It Works: Like a bank vault, it checks developer credentials, tracks usage for charging fees, and encrypts data to keep it safe.   
  • Tech Likely Used: Identity and Access Management (IAM) systems, OAuth2/OIDC for secure tokens, and billing platforms tied to operator OSS/BSS systems (for operations and billing).   
  • Example: CBA subscribes to Aduna’s APIs via a developer portal, pays per API call, and uses secure tokens to access Telstra’s SIM Swap API.

Software Used in Aduna

While specific software details are not public, Aduna’s architecture is likely built on:

  • Cloud Platforms: Hosted on hyperscalers like AWS, Google Cloud, or Azure for scalability, with Google Cloud noted as a partner in Aduna’s ecosystem.   
  • Microservices: Use containerised services (e.g., Docker, Kubernetes) for flexibility and handling millions of API calls.   
  • CAMARA Framework: Aligns with CAMARA’s open-source RESTful APIs, possibly with gRPC for high-performance use cases.   
  • Ericsson Middleware: Ericsson’s Global Communications Platform likely provides core middleware for network integration and API orchestration, given Ericsson’s leadership in Aduna.   
  • Security Tools: OAuth2, JWT (JSON Web Tokens), and encryption protocols to secure API transactions, ensuring compliance with privacy laws.   
  • Analytics Tools: AI-driven analytics (e.g., Python-based frameworks or Ericsson’s custom solutions) for monitoring usage and detecting anomalies.   

Available APIs Exposed by Aduna

Aduna exposes CAMARA-based network APIs, standardised to work across its 13 operator partners, including Telstra. Based on the CAMARA Spring25 Meta-Release (March 2025) and Aduna’s announcements, key APIs include:   

  • Number Verification: Securely verifies mobile numbers through operator networks, leveraging smartphone network connection data. Redefines user authentication and reduces fraud risks.   
    • Example: CBA verifies a customer’s number during account setup to ensure it’s legitimate.
  • SIM Swap: Provides critical protection against unauthorised SIM swaps, a common tactic for account takeover fraud. Can provide timestamps of SIM changes.   
    • Example: CBA flags a suspicious transaction if a SIM swap is detected on Telstra’s network.
  • Device Location: Uses the geographical information of a user's phone number to strengthen fraud prevention and optimise marketing and promotional strategies.   
    • Example: A delivery app tracks drivers using Telstra’s 5G network data.
  • Quality on Demand (QoD): Improves performance and user experience by providing real-time network control.   
    • Example: A gaming company pays for low-latency 5G connections for smoother gameplay.
  • WebRTC Call Handling: Facilitates real-time communication capabilities over the web.  
    • Example: A telemedicine app ensures glitch-free video consultations.
  • Device Identifier: Provides unique device IDs for authentication or IoT tracking.   
    • Example: A smart home app identifies connected devices.
  • Connected Network Type: Identifies the type of network a device is connected to (e.g., 5G, LTE).  
    • Example: A streaming app adjusts video quality based on 5G or Wi-Fi.
  • Customer Insights: Provides aggregated insights into device concentration in specific areas. 
    • Example: A retailer targets ads based on user locations, respecting privacy.

These APIs are optimised for 5G SA networks due to features like network slicing and low latency (<10 ms), but they can work with FTTP or LEO, though less effectively due to latency or infrastructure constraints.

Telstra’s Implementation of Aduna

Timeline and Context

Telstra joined Aduna as a founding member in September 2024, with operational integration starting in early 2025, aligning with its 5G SA network upgrades announced in February 2025 in partnership with Ericsson. Aduna’s APIs were showcased at Mobile World Congress 2025, indicating Telstra’s active deployment. This supports Telstra’s T30 strategy, which focuses on network leadership, programmable interfaces, and autonomous networks for real-time customer needs.   

How Telstra Implements Aduna











  • Integration with 5G SA: Telstra connects Aduna to its 5G core network, which supports advanced features like network slicing (allocating specific network resources for apps) and low-latency communication. This enables APIs like Quality on Demand to prioritise bandwidth for specific users or apps.
  • Technical Setup:
    • Ericsson’s Platform: Telstra likely uses Ericsson’s Global Communications Platform as middleware to link Aduna’s API gateway to its 5G core and OSS/BSS systems (for operations and billing).   
    • Cloud-Native Approach: Aduna’s APIs are integrated using microservices (via Kubernetes) and REST/gRPC protocols, ensuring scalability and fast responses.   
    • Security: Telstra employs OAuth2 authentication and encryption to secure API transactions, complying with Australia’s Privacy Act. The management layer handles billing, charging developers per API call (e.g., $0.01 for Number Verification).   

Why 5G Over FTTP or LEO

  • Programmability: 5G SA’s network slicing and low latency (<10 ms) support dynamic APIs like Quality on Demand, unlike FTTP’s static bandwidth or LEO’s higher latency (20-50 ms).
  • Control: Telstra fully controls its 5G network, enabling seamless API integration, unlike NBN’s FTTP or Starlink’s LEO, which are externally managed.
  • Market Fit: 5G’s mobility suits enterprise use cases (e.g., banking, IoT), which Aduna targets, while FTTP is consumer-focused, and LEO is niche for remote areas.
  • Example: Telstra uses Aduna’s Quality on Demand API to boost 5G bandwidth for a live sports streaming app, ensuring smooth video for users during peak events.

Alignment with Network Leadership Vision

  • Sustain Best Network: Telstra’s 5G network, covering over 100 regional towns with speeds up to 2.5 Gbps, supports Aduna’s high-performance APIs, maintaining its mobile coverage lead.
  • New Tech (6G, Satellite-to-Mobile): Aduna’s 5G focus lays the groundwork for future 6G APIs, while satellite-to-mobile trials (e.g., with Starlink) could extend APIs to remote areas.
  • Autonomous Networks: Aduna’s data and analytics layer uses AI to monitor API usage, supporting Telstra’s goal of predictive, self-healing networks.   
  • Programmable Interfaces: Aduna’s APIs enable intent-driven optimisation, allowing Telstra to tailor services (e.g., low latency for gaming) and capture new revenue.

How Telstra Uses Aduna with CBA

Telstra and CBA have a deep collaboration through their joint venture, Quantium Telstra (launched in 2022), focusing on AI-driven solutions and API-based fraud prevention. The search results confirm two key API-driven initiatives—Fraud Indicator (launched February 2025) and Scam Indicator (launched 2023, expanded 2024)—which likely leverage Aduna’s CAMARA-based APIs, given Telstra’s role in Aduna and the APIs’ alignment with fraud prevention.   

1. Fraud Indicator (Launched February 2025)

  • What It Is: A technology developed by Quantium Telstra and CBA, using a Telstra API (likely Aduna’s SIM Swap API) to detect identity theft by analysing unusual mobile service usage patterns, such as frequent SIM swaps or abnormal call activity.   
  • How It Works:
    • CBA’s fraud systems send a request via Aduna’s API gateway to check for suspicious mobile activity on Telstra’s 5G network.
    • Aduna’s network integration layer queries Telstra’s 5G core for SIM status or usage data, and the data and analytics layer uses AI (via Quantium Telstra) to identify fraud patterns.
    • If a risk is detected (e.g., a recent SIM swap), CBA flags or blocks the account opening.
  • Example: A scammer swaps a customer’s SIM to access their CBA account. The Fraud Indicator API, routed through Aduna, detects the swap and alerts CBA, preventing a £50,000 fraudulent loan.
  • Impact: Improves fraud detection by over 25% for joint Telstra-CBA customers, protecting against identity theft affecting 200,000 Australians in FY23.

2. Scam Indicator (Launched 2023, Expanded 2024)

  • What It Is: An API-based tool developed by Quantium Telstra and CBA to detect phone scams in real time. It likely uses Aduna’s Connected Network Type API or a custom predecessor to identify if a customer is on a call during a high-risk transaction, a common scam tactic.   
  • How It Works:
    • When a CBA customer initiates a transaction, the API checks Telstra’s network (via Aduna’s aggregation layer) to see if they’re on a call.
    • If a call is active, CBA’s systems flag it as a potential scam and may send an SMS warning or block the transaction.
    • The management and security layer ensures user consent and compliance with privacy laws.
  • Example: A scammer calls an elderly CBA customer, pretending to be from the bank, and asks for a $10,000 transfer. The Scam Indicator API flags the active call, and CBA sends a warning, saving the customer from the scam.
  • Impact: Has prevented millions in losses (estimated $15-20 million annually) and expanded to cover landlines in 2024, protecting vulnerable users.

3. Potential Aduna API Usage

While the search results don’t explicitly name Aduna APIs, Telstra’s Aduna membership and CAMARA API focus suggest additional APIs are used or planned for CBA:

  • Number Verification API: Verifies phone numbers during account setup or transactions to ensure legitimacy.   
    • Example: CBA uses the API to confirm a customer’s number is active before approving a credit card application, reducing fraud risk.
  • Device Location API: Tracks device locations to detect suspicious activities (e.g., transactions from unusual locations).   
    • Example: A transaction from overseas triggers a flag via Aduna’s Device Location API, prompting CBA to verify the customer’s identity.
  • Customer Insights API: Provides anonymised data for analytics, helping CBA predict fraud patterns.   
    • Example: CBA uses aggregated location data to identify high-risk areas for scams, adjusting fraud detection strategies.

Technical Integration with CBA

  • Aduna’s Role: Aduna’s API gateway and aggregation layer route CBA’s requests to Telstra’s 5G network securely. For example, a SIM Swap API call from CBA goes through Aduna’s gateway, queries Telstra’s network, and returns a response in seconds.
  • 5G Advantage: Telstra’s 5G SA network, with low latency (<10 ms) and real-time processing, ensures fast API responses critical for fraud prevention. FTTP lacks dynamic programmability, and LEO’s latency (20-50 ms) is too high for real-time use cases.
  • Quantium Telstra’s Role: The joint venture uses AI and data analytics to process API data, identifying fraud patterns (e.g., unusual SIM activity) and enhancing CBA’s detection models. This aligns with Telstra’s data and analytics layer in Aduna’s architecture.
  • Security and Privacy: Aduna’s management and security layer ensures OAuth2-based authentication and compliance with Australia’s Privacy Act. Customers can opt out of data sharing (e.g., for Scam Indicator), balancing privacy and security.

CBA’s Infrastructure Support

  • CBA’s multi-provider cloud model (using AWS, among others) supports API integration by enabling scalable, secure processing of Aduna’s API responses. This aligns with CBA’s Omnia data lake (upgraded with Cloudera in 2024), which handles massive data pipelines for fraud analytics.
  • CBA’s AI Factory (with AWS) accelerates fraud detection by 4x, complementing Aduna’s AI-driven analytics layer for processing API data.

Layman’s Explanation of Telstra-CBA Collaboration

Think of Telstra’s 5G network as a super-smart security guard who can instantly check if something’s fishy with a phone. Aduna is like a high-tech walkie-talkie that lets CBA talk to this guard. For example:

  • When someone tries to open a CBA account, CBA asks Aduna, “Is this phone number safe?” Aduna checks with Telstra’s 5G network to see if the SIM card was recently swapped (a scam sign). If it were, CBA blocks the account.
  • If a customer is on a call while trying to transfer money, Aduna’s API flags it as a potential scam, and CBA sends a warning text to stop a fraudulent transfer.

This keeps banking safe, saves customers from losing millions, and lets Telstra make money by charging CBA for each API check. It’s like Telstra renting out its network’s superpowers to make banking more secure.

Pros and Cons of Telstra’s Aduna Implementation with CBA

Pros

  • Enhanced Fraud Prevention: APIs like Fraud Indicator and Scam Indicator boost detection by over 25% and prevent £15-20 million in annual losses, protecting joint Telstra-CBA customers from identity theft and scams.   
  • Revenue for Telstra: Telstra earns fees per API call (e.g., £0.01 for Number Verification), creating a new income stream. ABI Research estimates telco APIs could generate £13.4 billion globally by 2028.
  • Customer Trust: Enhanced security strengthens CBA’s reputation, encouraging more digital banking use, which increases Telstra’s network traffic.
  • Scalability: Aduna’s standardised APIs let CBA extend fraud prevention to other Aduna partners (e.g., Vodafone), enhancing global reach.   
  • Alignment with T30 Strategy: Aduna’s APIs support Telstra’s vision of programmable, intent-driven networks and autonomous systems, using 5G’s real-time capabilities to meet customer needs instantly.

Cons

  • High Implementation Costs: Integrating Aduna with Telstra’s 5G network requires significant investment in cloud infrastructure, AI analytics (via Quantium Telstra), and security systems.
  • Privacy Challenges: APIs accessing mobile data (e.g., SIM status, call activity) must comply with Australia’s Privacy Act. Customers can opt out of Scam Indicator, limiting its reach.
  • 5G Dependency: APIs rely on 5G SA’s low latency, which is still rolling out. Rural areas with 4G or no coverage may not fully benefit.
  • Adoption Hurdles: CBA’s developers need training to use Aduna’s APIs, and slow adoption could delay Telstra’s revenue growth.   
  • Competition: Other Aduna partners (e.g., AT&T, Deutsche Telekom) or non-Aduna telcos could offer similar APIs to CBA, reducing Telstra’s share.

Examples in Action

Fraud Indicator in Banking

A scammer swaps a customer’s SIM to access their CBA account. Aduna’s SIM Swap API, integrated with Telstra’s 5G network, detects the swap and alerts CBA, which blocks a £50,000 fraudulent transaction. This has improved detection by over 25% since February 2025.

Scam Indicator for Vulnerable Customers

An elderly customer receives a scam call urging a £10,000 transfer. The Scam Indicator API flags the active call via Aduna, and CBA sends an SMS warning, preventing the loss. This has saved millions since 2023, with landline coverage added in 2024.

Number Verification for Account Setup

A new CBA customer signs up online. Aduna’s Number Verification API confirms the phone number is active on Telstra’s network, ensuring the account isn’t opened by a fraudster.

Device Location for Fraud Detection

A transaction from an unusual location (e.g., overseas) triggers Aduna’s Device Location API, which uses Telstra’s 5G data to flag it, prompting CBA to verify the customer’s identity.

Why 5G Over FTTP or LEO for CBA’s Use?

  • 5G’s Real-Time Advantage: APIs like Fraud Indicator require instant responses (e.g., detecting SIM swaps in seconds), which 5G SA’s low latency (<10 ms) supports. FTTP lacks dynamic programmability, and LEO’s latency (20-50 ms) is too high for real-time fraud detection.
  • Mobile-Centric APIs: Aduna’s APIs (e.g., SIM Swap, Number Verification) rely on mobile network data (SIM status, call activity), making 5G ideal. FTTP uses IP-based identifiers, and LEO lacks SIM integration.
  • Telstra’s Control: Telstra controls its 5G network, enabling seamless API integration, unlike NBN’s FTTP or Starlink’s LEO, which are externally managed.

Conclusion

Aduna’s architecture comprises API gateway, aggregation/orchestration, network integration, data/analytics, and management/security layers, built on cloud-native microservices (e.g., Kubernetes, REST/gRPC) and Ericsson middleware. It exposes CAMARA-based APIs like Number Verification, SIM Swap, Device Location, and Quality on Demand, optimised for 5G SA networks. Telstra began implementing Aduna in early 2025, integrating it with its 5G core to support its T30 strategy for programmable, autonomous networks. Its collaboration with CBA, through Quantium Telstra, leverages APIs like Fraud Indicator (February 2025) and Scam Indicator (2023, expanded 2024) to combat fraud, improving detection by over 25% and saving millions. 5G’s low latency and control make it the preferred technology over FTTP or LEO. Challenges include high costs, privacy compliance, and 5G rollout limitations. For updates, visit Telstra or Aduna’s API portal.

Labels:

Comments

Post a Comment