Open in app

Sign in

Write

Sign in

Masking phone numbers to protect user privacy in a marketplace

By – Mayur Garg (Engineer, Communication Platform)

UC Blogger
Urban Company – Engineering
6 min readNov 20, 2019

--

In an online marketplace like UrbanClap, there are about 100k calls in a day between the customer and service partner. UrbanClap takes the privacy of their users very seriously and makes sure the original phone numbers of the customer as well as the service partner are hidden from each other.

How call masking works?

There are two ways to mask phone numbers in a marketplace -

  • Proxy numbers
  • Click to Call

We will go into each of them in detail and list down the implementation, advantages and limitations of both methods. We will also mention the challenges we faced particularly for UrbanClap as a marketplace in India.

Using Proxy numbers for Incoming Call Forwarding

In this method, a proxy number is allocated to every order. If the customer calls the proxy number, the call is forwarded to the service partner. If the service partner calls the proxy number, the call is forwarded to the customer. We share only the proxy number with the customer and service partner and the original phone numbers are always hidden.

Basic requirements and set up

  1. Pool of proxy numbers that can be rented from a telephony vendor
  2. Allocation system that takes two numbers and returns a proxy number
  3. APIs to get status details of calls made through these proxy numbers

What is Incoming call forwarding?

Lets say there is a customer named Kiran and a service partner named Sunil. Kiran has placed a request on UrbanClap for a washing machine repair service. And Sunil is the service partner assigned to this request. Kiran’s original phone number and Sunil’s original phone number are sent to the allocation system and it returns a proxy number from the regional pool. This proxy number is shared with both Kiran and Sunil through the App, SMS, Email or Whatsapp. When Kiran calls this proxy number, the telephony vendor forwards the call to Sunil. When Sunil calls this proxy number, the telephony vendor forwards the call to Kiran. At the end of the call, the telephony vendor posts the call status details to our API. After the service request is completed, we deallocate the proxy number for that request. There are some rules based on which allocation of proxy number happens -

  • A proxy number can be allocated to more than one service request
  • Same proxy number can NOT be allocated twice to a customer or partner
  • Theoretically, the number of proxy numbers we need = Maximum concurrent open service requests for a customer or partner
  • Maximum number of allocations on a proxy number depends on the telephony vendor and their infrastructure

Using Click to Call as a fallback to call forwarding

Incoming call forwarding has some limitations in connectivity which we will talk about shortly. But the advantage is that the user experience is very similar to regular calling and privacy is also protected by not sharing original numbers. There is another method “Click to Call” which is more reliable but the user experience is a bit different.

1. User taps or clicks a call button on the app
2. System calls the user’s original phone number
3. User answers the call on their phone and waits
4. System calls the receiver’s original phone number
5. Receiver answers the call on their phone
6. Receiver is connected to the same call on which user was waiting

Now the user and receiver can talk to each other. The experience is seamless for the receiver but for the user, it is not that intuitive. This method is very reliable though because the proxy number that calls the user and the receiver is not fixed. A healthy regional proxy number is allocated in real-time and the call is routed through that number. At UrbanClap, we use this method as a fallback to call forwarding on the service partner side. This helps us a lot when there is a major connectivity issue in one or more regions.

Challenges we faced at UrbanClap (with solutions)

We accept service requests even for a future date and hence we need to ensure connectivity between the customer and provider over a span of several days and also protect their privacy. This led to the following problems -

Problem — Behind every proxy number, there is a landline number of particular operator and region and intermittent issues are common with cross operator and cross region calls. If there is a connectivity issue between two mobile network operators or two geographical regions, either the incoming call to the proxy number can fail (Incoming failure) or the forwarded call to the end receiver can fail (Outgoing failure).

Solution — We maintain pools of regional numbers and allocate only a local regional number to a service request. For every service request, a back up number from same region and different telecom operator is also allocated along with the primary proxy number. If there is an outgoing failure, the telephony vendor tries forwarding the call again with the backup number. If there is an incoming failure, we switch to the backup number in the customer or partner app. It is therefore always advisable to make the call from the UrbanClap app.

Problem — Proxy numbers can become unhealthy at any time. While a proxy number may be healthy at the time of allocation, but it may stop responding anytime before the time of service. This will result in call failures.

Solution — Only healthy proxy numbers are allocated and the allocation is done by the telephony vendor itself for the given customer phone number and service partner number. If an allocated proxy number gets unhealthy, the telephony vendor calls our API to report that number and we reallocate a new healthy number for the same service request. Only the new number is now used for calling in the UrbanClap customer and partner app.

Problem — With Click to Call, UrbanClap has to pay twice the cost for both the outgoing calls to the user and the receiver. How do we optimise total cost of calling and maintain the reliability of Call masking system?

Solution — We analysed the calls data and found out that most calls are initiated by the service partner. So we used a combination of Incoming call forwarding and Click to Call on the partner side. The option for Click to Call is enabled for the partner only when there are consecutive call failures with call forwarding. We do not use the Click to Call option on the customer side.

Next steps

We are looking into the main reasons why the service partners feel the need to call the customer. Some common ones are related to the time, location and requirements of the service. We are going to handle these use cases through the customer app itself. We are also planning to provide a rich Two-way chat, especially for international markets.

About the author:
Mayur Garg leads the Communications and Trust-&-Safety Engg team. He is from IIT-D and has seen scale at Amazon Seattle. Mayur is also part of UrbanClap’s football club!

Sounds like fun?
If you enjoyed this blog post, please clap 👏(as many times as you like) and follow us (UrbanClap Blogger) . Help us build a community by sharing on your favourite social networks (Twitter, LinkedIn, Facebook, etc).

You can read up more about us on our publications —
https://medium.com/urbanclap-design
https://medium.com/urbanclap-engineering

If you are interested in finding out about opportunities, visit us at http://careers.urbanclap.com

Product
Infrastructure
Platform
Privacy
Security

--

--

UC Blogger
Urban Company – Engineering

Written by UC Blogger

1.2K Followers

The author of stories from inside Urban Company (owner of Engineering, Design & Culture blogs)

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams