TUTORIAL ChanSpy: Listen in and interrupt certain calls

[JFrost]

I'd like to know if I can set up an extension such that another (trainer or supervisor) can listen in whenever they want and can enter the call (3 way) or take it over (transfer it away) whenever they want.

Is this possible?

Thanks.

 

[Halea]

You don't need an extension for that. You can do it with the "ChanSpy" (channel spy) features code.
Once you do the following as described here, you would simply dial 2468 followed by 4 (listen only) or 5 (listen and talk to the pbx side) or 6 (listen and talk to both sides), then the extension that you want to spy on and the # sign to make things go faster.

Edit your /etc/asterisk/extensions_custom.conf file and add the following lines at the bottom:

; ----------------------------------------------------------

[ext-local-custom]

;listen 24684
; Dial 24684<PBX-EXTENSION># to spy on the PBX extension
; and its current conversation. Neither party can hear the
; spy's audio, so this is very safe real spying!
exten => _24684x.#,1,Macro(user-callerid,)
exten => _24684x.#,n,Answer
exten => _24684x.#,n,NoCDR
exten => _24684x.#,n,Wait(1)
exten => _24684x.#,n,ChanSpy(sip/${EXTEN:5},q)
exten => _24684x.#,n,Hangup

;whisper 24685
; Dial 24685<PBX-EXTENSION># to spy on the PBX extension
; and its current conversation. The PBX-EXTENSION can hear
; the spy, but the other party can't.
exten => _24685x.#,1,Macro(user-callerid,)
exten => _24685x.#,n,Answer
exten => _24685x.#,n,NoCDR
exten => _24685x.#,n,Wait(1)
exten => _24685x.#,n,ChanSpy(sip/${EXTEN:5},qw)
exten => _24685x.#,n,Hangup

;barge 24686
; Dial 24686<PBX-EXTENSION># to join into the conversation
; of the PBX extension with the other party. Both parties
; can hear the spy. So this is really for barging-in!
exten => _24686x.#,1,Macro(user-callerid,)
exten => _24686x.#,n,Answer
exten => _24686x.#,n,NoCDR
exten => _24686x.#,n,Wait(1)
exten => _24686x.#,n,ChanSpy(SIP/${EXTEN:5},qB)
exten => _24686x.#,n,Hangup

; ----------------------------------------------------------

Make sure that ChanSpy in features code is set to 2468. (you can select a different value as long as you also adjust the same in /etc/asterisk/extensions_custom.conf)

This will allow you to listen only (24684+extension), talk to the pbx side aka "whisper" (24685+extension), or talk to both sides aka "barge-in" (24686+extension) of the conversation.

 

[atsak]

FOP2 lets you easily do this. Install it, nice GUI, click to listen.

 

[JFrost]

You don't need an extension for that. You can do it with the "ChanSpy" (channel spy) features code.
Once you do the following as described here, you would simply dial 2468 followed by 4 (listen only) or 5 (listen and talk to the pbx side) or 6 (listen and talk to both sides), then the extension that you want to spy on and the # sign to make things go faster.

Edit your /etc/asterisk/extensions_custom.conf file and add the following lines at the bottom:


Make sure that ChanSpy in features code is set to 2468. (you can select a different value as long as you also adjust the same in /etc/asterisk/extensions_custom.conf)

This will allow you to listen only (24684+extension), talk to the pbx side aka "whisper" (24685+extension), or talk to both sides aka "barge-in" (24686+extension) of the conversation.

Thanks, this sounds about right. I've searched but I didn't even know the terms to search "whisper", "barge in" etc.

Is there a way to restrict who has access to these functions by user or by extension? (ie. managers can and trainees can't)

Thanks.

 

[Halea]

Thanks, this sounds about right. I've searched but I didn't even know the terms to search "whisper", "barge in" etc.

Is there a way to restrict who has access to these functions by user or by extension? (ie. managers can and trainees can't)

Thanks.

To the best of my knowledge the only way to "restrict" the use of this feature is by making the "channel spy" code more complicated (more digits and hard to guess combination, all of which is kept confidential within a small group of users). I actually use an 11 digit code (like a US phone number).
Consider looking into FOP2 as suggested by @atsak . I didn't know that it had that functionality built in. Maybe they also worked in some security mechanism.

 

[kenn10]

You can install the custom-contexts module. It allows you to set specific permissions to contexts for extensions or groups of extensions. It takes a bit of study to figure out but it works quite well.

 

[mainenotarynet]

OK, FOP2 -- does have Listen and Whisper. I have not know (nor is there a button for Barge-in that I know of)

FOP2 has groups and permissions where you can set per-extension so your 'restriction' can be done -- If they haven't got the permission to spy/whisper they won't see the buttons for them on their panel. And I do not believe you can transfer a call away from one extension that is not yours to another extension (again that is not yours) -- You may be able to (do a conference call where when 'Trainee' hangs up the call still goes on with the other parties.

FOP2 has a limit of 15 buttons, unless you pay a very reasonable license fee of $40.00 (IM upgrade and Voicemail upgrade are $20 each) or buy the whole kit and kaboodle at once $80. Want it White Label (does not show copyright line at botton)? That's only $20 more and a yearly maintenance fee of $20 for updates to the version is reasonable as well.

There is another panel called ISymphony but that is a LOT more $$

 

[JFrost]

OK, FOP2 -- does have Listen and Whisper. I have not know (nor is there a button for Barge-in that I know of)

FOP2 has groups and permissions where you can set per-extension so your 'restriction' can be done -- If they haven't got the permission to spy/whisper they won't see the buttons for them on their panel. And I do not believe you can transfer a call away from one extension that is not yours to another extension (again that is not yours) -- You may be able to (do a conference call where when 'Trainee' hangs up the call still goes on with the other parties.

FOP2 has a limit of 15 buttons, unless you pay a very reasonable license fee of $40.00 (IM upgrade and Voicemail upgrade are $20 each) or buy the whole kit and kaboodle at once $80. Want it White Label (does not show copyright line at botton)? That's only $20 more and a yearly maintenance fee of $20 for updates to the version is reasonable as well.

There is another panel called ISymphony but that is a LOT more $$

Thanks man appreciate. I was looking at FOP2 and could not find anything for "barge in" so I think you're right that it's missing.

This is a need for a very small outfit. It's in fact for a small biz owner to monitor and assist on certain phone calls. I think I may go with the simple functions @Halea posted and just keep the info "secret" and/or rotate it periodically.

Thanks

 

[atsak]

Thanks man appreciate. I was looking at FOP2 and could not find anything for "barge in" so I think you're right that it's missing.

This is a need for a very small outfit. It's in fact for a small biz owner to monitor and assist on certain phone calls. I think I may go with the simple functions @Halea posted and just keep the info "secret" and/or rotate it periodically.

Thanks

Barge in is there. We use it; I can't remember which button it is as I don't use it day to day, but it works

 

[Halea]

...
This is a need for a very small outfit. It's in fact for a small biz owner to monitor and assist on certain phone calls.
...

Also make sure that you or your client is in full compliance with the federal and state wiretapping statutes - if you are in the States (as a minimum "your call may be monitored or recorded for quality control" announcement to outside callers and blanket phone tapping acceptance/consent from employees involved).

 

[JFrost]

Also make sure that you or your client is in full compliance with the federal and state wiretapping statutes - if you are in the States (as a minimum "your call may be monitored or recorded for quality control" announcement to outside callers and blanket phone tapping acceptance/consent from employees involved).

I'm aware of the requirement to tell employees but if user is in a one-party state (eg NYS) and this has no legal use purpose/value (never need to be presented in court as evidence for example) is there still a requirement for the "your call may be recorded" messaging?

It is strictly for internal training/coaching.

Thanks.

 

[Halea]

My company is headquartered in NY City and we addressed this issue 8 or 10 years ago, so my memory is a bit sketchy. But I recall that our attorney(s) reached out to FCC and were told to have that announcement on our PBX for calls to or from a number of US states (for which I have a list somewhere - if I can find it I'll post it). But with the proliferation of all the new area codes we simply decided to have the announcement for all US calls.
This might sound funny, but the penalty of illegal phone tapping/recording over traditional phone lines (regulated by FCC) can be so high (in contrast to blanket/bulk intercepting all your private data through the social media) that I wouldn't take the chance of exposing my company to any wrongdoing, even unintentional, in this area.
In the vacuum, what people tend to overlook is that, paying the bill of a given (traditional) phone line doesn't give you the right to tap/listen to the conversations on that line. It only gives you the right to access the metadata, not the content of the communication. So, most employers believe that by paying for the cell phone of their employees or by forcing them to use a corporate phone line (cell or land) they are entitled to listen to the communication, but it isn't so.

 

[kenn10]

I would play the stock recording ("This call may be monitored...") in the queue/ring group prior to any calls being delivered to a user who can/may be monitored. Why run the risk? In general practice, it is always appropriate to notify the caller that they may be recorded or monitored. Employees should also be aware that their calls (regardless of how they access your system to make or receive a call) are subject to be monitored or recorded. I would recommend a signed notification sheet from employees.

 

[JFrost]

I would play the stock recording ("This call may be monitored...") in the queue/ring group prior to any calls being delivered to a user who can/may be monitored. Why run the risk? In general practice, it is always appropriate to notify the caller that they may be recorded or monitored. Employees should also be aware that their calls (regardless of how they access your system to make or receive a call) are subject to be monitored or recorded. I would recommend a signed notification sheet from employees.

I agree with the employee notification. The problem with playing the notification is it's a challenge when they are originating the calls, sometimes to clients, sometimes to more mundane destinations like calling the bank for A or calling the ISP or a vendor for B, etc.. Seems very weird (and maybe even jarring) to play the receiver of a call such a message wehn the pick up. Further, sometimes that will be an IVR or hold que so who would it play to? Do the emps now need to learn a way to manually trigger such a message?)

My company is headquartered in NY City and we addressed this issue 8 or 10 years ago, so my memory is a bit sketchy. But I recall that our attorney(s) reached out to FCC and were told to have that announcement on our PBX for calls to or from a number of US states (for which I have a list somewhere - if I can find it I'll post it). But with the proliferation of all the new area codes we simply decided to have the announcement for all US calls.
This might sound funny, but the penalty of illegal phone tapping/recording over traditional phone lines (regulated by FCC) can be so high (in contrast to blanket/bulk intercepting all your private data through the social media) that I wouldn't take the chance of exposing my company to any wrongdoing, even unintentional, in this area.
In the vacuum, what people tend to overlook is that, paying the bill of a given (traditional) phone line doesn't give you the right to tap/listen to the conversations on that line. It only gives you the right to access the metadata, not the content of the communication. So, most employers believe that by paying for the cell phone of their employees or by forcing them to use a corporate phone line (cell or land) they are entitled to listen to the communication, but it isn't so.

I understand the urge to simply blanket cover everything because "why not?" but in this case I think it's overkill so I'm just wanting to understand the actual "edges" and not just "cover everything".

I'm not overly worried about employees - they can be asked to sign acceptance and also most cases the calls will not be silently listened but more often barged in or whispered so the emp will be well aware someone's on the line. This is a very small, personal office not a call center (as this purpose is normally applied.)

The issue with playing the message on the call to callers I laid out above to Kenn10 - I can play something for incoming (though they don't ALWAYS hit an IVR - Calls get answered on a first or second ring oft times, ) it's the outgoing that's a little weird. How do you time the message so it knows when the CSR at Comcast or some vendor finally picks up or how does a client feel about hearing that play EVERY TIME you call them?

Appreciate the discussion. As I said, trying to find the actual edges of this box.
Thanks.

 

[kenn10]

On outbound calls, you simply need to have the employee notify who is called that the call may be monitored or recorded for training purposes. Pretty standard message now when you call someone or they call you. Even my account manager at Fidelity Investments reads his script when he calls me.

 

[Halea]

... it's the outgoing that's a little weird. How do you time the message so it knows when the CSR at Comcast or some vendor finally picks up or how does a client feel about hearing that play EVERY TIME you call them?

I agree that the outgoing call part is a bit more difficult to address. In our case all our calls get recorded and archived on project, customer, vendor/contractor/supplier basis, and probably 90% of our counterparts do the same, so nobody is really surprised nor offended.
For the outgoing calls, we hacked our PBX with some custom code which plays a system recording (stating that we may record the conversation) through barge-in chanspy. It's like an audio watermark. It starts with a little chime, reads out the announcement and ends up with another chime. The whole thing is under 5 seconds. It's first played 60 seconds into the call and then every 5 mn.

Appreciate the discussion. As I said, trying to find the actual edges of this box.

Same here.

 

[JFrost]

On outbound calls, you simply need to have the employee notify who is called that the call may be monitored or recorded for training purposes. Pretty standard message now when you call someone or they call you. Even my account manager at Fidelity Investments reads his script when he calls me.

Your experience does not match mine. I can think of a dozen vendors I deal with that I *know* record calls "for quality assurance" and I've never once been notified of them recording on the occasions that they have called me. Literally not one time I can think of and some of these are sizeable vendors.

I did once tell a CSR that I had called (who was behaving poorly) that I was recording the call and was told that they "don't allow recording the call because" they already record it and she tried to hang up. I backpedaled saying like "yes, I know, YOU record the call". Frankly I think she was just tossing me a line but who knows. Maybe there are companies that actually have this policy?

Regardless, while I appreciate your view and input, I don't think this manual approach is the right one here and also, I'm more interested in understanding if that's actually necessary or it's just a CYA because "why not" that a lawyer or similar told you.

I agree that the outgoing call part is a bit more difficult to address. In our case all our calls get recorded and archived on project, customer, vendor/contractor/supplier basis, and probably 90% of our counterparts do the same, so nobody is really surprised nor offended.
For the outgoing calls, we hacked our PBX with some custom code which plays a system recording (stating that we may record the conversation) through barge-in chanspy. It's like an audio watermark. It starts with a little chime, reads out the announcement and ends up with another chime. The whole thing is under 5 seconds. It's first played 60 seconds into the call and then every 5 mn.

Same here.

I admire the technical prowess of PBX Twister there but as I said to Kenn10 above - more then technical adaptations of how you've done it, I'm interested if it REALLY is necessary (or it's just some extra layer of CYA that a lawyer or whoever advised.)

It is out of character for this client's use case (and following, I want to do it for myself) so I'm wanting to understand if it's really a necessity or just an extra safety blanket originating from "why not cya" type thinking.

Thanks and again, I appreciate the discussion.

 

[kenn10]

For a definitive answer, I'd recommend you contact an attorney knowledgeable in the subject. Opinions on this forum really aren't important when it comes down to your individual needs assessment or any legal outcomes.

 

[dallas]

more then than technical adaptations of how you've done it,

Then again the FBI prosecuted the Rajneeshees for recording their own calls, although they were out to get them.
Not being an American I don't know what the real situation is in the US. Here, every time a business calls me the CSR tells me the call is being recorded. Every time I call them I get an announcement.