SIP and CDR comparison

Many telecom billing and fraud analysts are experts on Call Detail Records (CDRs) but might be less familiar with Session Initiation Protocol (SIP) records. This blog post provides a quick introduction to SIP records and compares them to CDRs.


CDRs are created after call completion by the telecom network software that processed the call. They are typically transferred to other systems for billing and reporting.

SIP records are created as each call is being set up. They are used by telecom network components to initiate the call.

TransNexus software uses SIP records to provide value-added services including blacklisting, least cost routing, fraud and robocall prevention, LRN lookup, reputation and high-risk number assessment, and CNAM caller ID name lookup.

The data available in CDRs and SIP records is similar, with a few differences. You can think of them as packets of call data before and after each call. Here’s a comparison.

Data dictionary

The following table lists common data elements used by billing and fraud analysts and compares availability of these elements in CDRs and SIP records.

Data elementAvailable in CDRsAvailable in SIP records
Calling numberyesyes
Called numberyesyes
Billing numberyesyes
Start timeyesyes
Was answeredyesno
Call originatoryesyes
Routes assignedsometimesyes, in SIP 302
Route out usedyesno
Call typeyesyes
Diversion headernoyes
P-source devicenoyes
User agentnoyes
SHAKEN tokennoyes
SHAKEN certificate linknoyes
IP address of audionoyes

This table shows that most call information is found in both record types, with differences related to timing and purpose. There are some exceptions: some telecom network software generates CDRs with more information. But these are the most typical cases.

Check out our whitepaper on SIP INVITE header fields for further details on these SIP elements.


CDR formats vary by manufacturer of the telecom network equipment and software. Using CDRs in other systems requires data mapping.

Although the contents of SIP records can vary by manufacturer and features used, formatting follows standardized conventions. This makes it easy for other computer services to use SIP records without custom data mapping.

Timing and telecom fraud prevention

This is the main difference between using either CDRs or SIP records for telecom fraud prevention:

  • SIP records are created before the call begins
  • CDRs are created after the call ends

Because of this timing difference, telecom fraud attacks can be detected and blocked much faster using SIP records than with CDRs. Would you rather lock the barn door after the horse is stolen, or before?

The first TransNexus telecom fraud prevention software products used CDRs. This was considered the standard approach at the time. But from our experience using SIP records for least cost routing, we realized that these records also have all the information needed for telecom fraud prevention.

We developed SIP Analytics, a fraud prevention algorithm using SIP records, and began providing it to customers. The results: much faster telecom fraud prevention and happier customers.

Ease of integration

SIP Analytics integrates easily with any SIP network. The SIP Analytics system is simply added as a SIP device on the network, just like a trunk group or telephone.

And the integration is robust and standardized. There’s no need to create complicated custom integration that requires extensive testing and debugging.

Once integrated, SIP Analytics can easily instruct the network to block or divert calls in a fraud attack. There’s no easy way for a CDR-based fraud management system to instruct the network to block or divert calls related to a fraud attack.

Case studies

  1. This provider had a CDR-based fraud solution, yet they lost $15,000 over a weekend.
  2. This carrier went from a CDR-based fraud detection system to SIP Analytics. Fraud losses dropped dramatically.
  3. This carrier uses SIP Analytics. Look at the call data and the incredibly rapid response during two attacks. Customers never even noticed there was an attack.

No TransNexus customer who used CDR-based telecom fraud detection and then switched to SIP Analytics has ever gone back to using CDRs for fraud prevention. Not one.

We’re big fans of using CDRs for billing and reporting. But when it comes to telecom fraud prevention, the results speak for themselves: SIP Analytics is simply better. And customers who’ve used both agree.

Contact us to learn how SIP Analytics can help your company dramatically improve telecom fraud prevention.

Request information

* required

This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.