Email a colleague    

September 2014

Fraud Management Collaboration: From “Great Idea” to Real Software & Intelligence Sharing

Fraud Management Collaboration: From “Great Idea” to Real Software & Intelligence Sharing

Over the years, commercial software -- in billing, OSS, and assurance -- has brought telecoms big benefits in productivity, customer satisfaction, and cost savings.

However those benefits rarely extend beyond the boundaries of the operator, which is only natural considering the software is designed to solve internal company problems.

Yet certain problems, such as fraud management and service abuse, would demand software that enables operators to share things with each other, for instance: fraud alerts, defensive techniques, blacklisted phone numbers, signatures, and other data/intelligence.

Fraudsters, of course, love the fact that operators don‘t collaborate well: if a fraud scheme works in AsiaPac, they can easily expand the scheme to Europe and the Americas.  And they know full well that if an operator develops a good defense for the scheme, the solution probably won’t be shared immediately with other operators so fraudsters can keep on exploiting the same mechanism again and again.

So the need for cross-operator software and inter-carrier processes clearly exists in fraud management, but there’s a big gap because software firms can‘t find the business model to support it.  What’s more, each operator on its own ends up merely reacting to fraud threats rather than building a proactive defense, which would take the fight against fraudsters to a completely different level.

Well, fortunately, there are companies willing to step up and run with great industry ideas that are not so easy to implement.  Early this year, BICS, the 700-customer strong wholesale carrier, pioneered a new and innovative program called FraudGuard.  It’s a fraud collaboration service for its customers.  FraudGuard may well serve as the model for future fraud cooperation across wholesale -- and even retail telecom.

Here to discuss the program with us is Katia González, Head of Fraud Operations at BICS.

Dan Baker: Katia, I’m curious what motivated BICS to get the FraudGuard program rolling?  I imagine it’s a great way to differentiate BICS‘ service in the marketplace.

Katia González: In the beginning it was an answer to customer and industry needs.  We have been hearing for quite some time that operators were investing a lot of money in fraud detection systems and controls.

And we also keep on hearing all these customers still complaining about fraud and service abuse; so we thought: there’s some kind of role BICS can play here, as transit carrier leader, taking advantage of our privileged position that grants a global helicopter view both on traffic trends but also on fraud trends

After all, BICS is also active in industry initiatives such as the i3 Forum where I chair the fraud workstream and our aim is to bring awareness to the market — on both the retail and wholesale side -- about fraud, about the role wholesale carriers can play and how we can develop ways to collaborate and get more efficient in fighting fraud.  Through the i3 Forum, we also interact with established organizations like the GSMA fraud forum, the FIINA, etc.

And so our FraudGuard product is another way of serving our customers and a way to immediately share valuable fraud information for any operator worldwide.  So yes, to some extent, it is a way to differentiate BICS and provide a higher quality service, a more end-to-end service, but we also believe we can really do something to make a difference and actually cut the fraud losses for our customers.

I think it’s important to be clear about what this service is.  This is not the simple resale of commercial fraud management system.

Yes, I’m glad you clarified that, Dan.  BICS wanted to add value in the marketplace, so yes, merely reselling the solution developed by our privileged partner cVidya or other commercial solution would not be enough.  In particular, we wanted to capitalize on our “big helicopter” view of the telecom scene.

This is why we chose to offer a crowd-sourcing service.  It made sense to us because it’s a way to increase the productivity of the fraud defense teams at our operator customers.

Fraud teams are truly helping each other out through this service.  For instance, if an operator, say in Pakistan, discovers how to defeat a fraud scheme in their country, then any member of the FraudGuard family can use that intelligence.  They can use it to build out some sort of firewall, or block numbers, or build specific detection algorithms based on that example.

So this can be a big boost to fraud management.  Rather than be merely reactive by looking at your traffic and waiting for fraud to hit, you can be truly proactive.  You can take action before you are hit.

FraudGuard Community

How is the FraudGuard system being managed behind the scenes?

Well, our fraud department is continuously working on the system, and any kind of fraud pattern we discover we immediately share with our members.

We realize we are in a very privileged position.  Being one of the biggest transit carriers of SMS and voice in the world gives us a high level view of fraud trends.  We see traffic coming and going from one region to the next, from one country to another.  In some cases we clearly see how fraud kind of ripples around the world.  Maybe a large operator takes action and closes a block of numbers or subscribers, but then we see the same trend reappear somewhere else.  This is particularly the case with IRSF and some other aggressive fraud threats like the Wangiri scheme.

So FraudGuard gives us the opportunity to share our global fraud defense intelligence with our customers.

Now because of the huge volume of traffic we manage, it’s a lot of work to analyze that traffic and also do related investigations such as scanning the internet and discussing issues with suppliers and customers.

It’s a well-documented case in the U.S. market that small operators have gone out of business because they had a serious fraud hit over the weekend when nobody was monitoring the traffic.

Yes, absolutely.  But you know what is still very strange to me to see is that we have smaller operators, of course not Tier 1 or Tier II, that still don‘t regularly check their traffic.  And sometimes we notice a huge traffic peak in one hour, and when you promptly inform the customer of this, they haven’t seen anything and they won‘t see anything until the end of the month.

Our commitment behind the product is to deliver near-real time detection, reaction, and information to the users.  Trouble is: sometimes the customers are extremely slow.  Just today I tried to reach out to people in one company — one that is not so small — because everybody seems to be out of the office for the holiday.  But I can tell you that in a few hours there has been a lot of traffic.  Not all operators are fully aware of how dangerous it really is.  Once a hacker finds a loophole, there are going to exploit that opening as fast as possible.  I mean, PBX hacking is a pretty old scheme, but it’s still quite successful for hackers.

How is the market reacting to FraudGuard?

We started the service at the beginning of the year and interest is picking up.  The market is gaining awareness on how wholesale carriers could make a difference when it comes to some fraud schemes.  FraudGuard would definitely set the collaborative layer to bring proactivity in fighting fraud.  And this proactivity is essential as any fraud event you can avoid converts directly into positive operator results.

We started by installing the system within BICS.  And we’ve been busy expanding FraudGuard and its database with fraud intelligence over the months, so that our crowdsourcing platform offers the latest and most complete information.  But obviously, this is a dynamic platform that will continue growing.

What sort of wholesale customers are signing up.

I think you’d be surprised.  FraudGuard is certainly a great value for operators who do not have a fraud system yet, because it allows them to quickly get a system up and running on the spot.  However, even operators who have very mature systems (such as cVidya’s, our partner to build FraudGuard) are looking at the solution as an add-on, something that can enrich their existing system.

It is gratifying to see our customer base is in general aiming to share information and explore new ideas to fight fraud more efficiently.  It seems clear that people are willing to share and that there’s a real demand for this kind of crowd-sourcing service.

Sounds like a great program, Katia.  Good luck in the rollout.

Thank you, Dan.  Yes, a lot of times ideas like these don‘t work out because people either don’t see the value or the concept is too hard to explain.  But in this case the timing looks right.  The financial impact of fraud schemes is such that the industry must tackle the issue.

We even have some wholesale fraud conferences that are starting to be organized.  The interest is there because people recognize there’s something missing in the chain.  And we at BICS are quite happy to be a part of the path forward.

Copyright 2014 Telexchange Journal

 

About the Expert

Katia González

Katia González

Katia González is Fraud Manager at BICS, a leading global wholesale carrier in telecom.  With more than 10 years of experience in the Mobile and Wholesale Telecom industry, Katia has held various positions in the Wholesale Carrier Business (i.e. trading manager, pricing manager and now fraud operations manager.

Katia chairs the i3 Forum Fraud WorkStream, which brings together the communications expertise of more than 50 telecom providers across a combined retail base of over 1.5 billion customers and 100+ countries.

The Fraud WorkStream aims at developing collaborative recommendations for a secure and fraud-less industry-wide transition of voice and related services to Internet Protocol (IP).

Katia holds a Computer Science Engineer Degree from Deusto University in Spain and started her career as consultant in the Supply Chain industry where she worked for leading software editors, such as RedPrairie and Manhattan Associates, before moving on to the Telecommunication sector.  She speaks English, Spanish and French.   Contact Katia via

Related Stories

  • Automatically Stopping Fraud Traffic: iBasis Raises the Bar for Wholesaler Protection of Retail Carriers interview with Daan Kleijnen — The margins in the retail voice business are so tight these days that many operators fail to make a vital investment in fraud protection, making them easy targets for IRSF and other frauds.  A leading wholesaler explains a new fraud control program that automatically disconnects a retailer’s fraud traffic.
  • False Answer Supervision Fraud: Applying Advanced Statistics to Find Needles in the CDR Haystack interview with Steve Heap — Fraud management solutions have made great technical advances via automated threshold setting, big data, and DPI.  Now this expert interview explains how a new breed of advanced statistics-based solutions is tackling very hard-to-detect fraud types such as the call signal spoofing of False Answer Supervision.
  • Fraud Management Collaboration: From “Great Idea” to Real Software & Intelligence Sharing interview with Katia González — Without effective multi-operator collaboration in fraud management, each operator ends up merely reacting to fraud threats on its own rather than building up a proactive defense.  In this interview, a leading wholesale provider explains its innovative program to enable the automated and expert-to-expert sharing of fraud intelligence and techniques.
  • Recruiting Smartphone Users as Partners in Telecom Fraud & Security Control by Chris Hill — Premium Rate Service (PRS) fraud and spyware on a mobile phone can ruin an operator’s relationship with a  subscriber.  The attacker uses malware to automatically generate phone calls, SMSs and data sessions to high cost (premium) phone numbers.  This article discusses a new crowd sourcing mobile app that addresses the problem and helps operators better manage the threat.
  • International Revenue Share Fraud: Are We Winning the Battle Against Telecom Pirates? interview with Colin Yates — International Revenue Share Fraud (IRSF) is one of the telecom industry’s most enduring problems.  Yet many of us have only a foggy notion of how IRSF works and how operators around the globe are coping with the issue. This interview covers the bases: the origins of IRSF, typical fraud scenarios, efforts to get international cooperation on the issue, and the future outlook of IRSF.
  • Converging Criminal and Technical Intelligence: Secret to Combating the Explosion in Telecom Fraud and Security Threats interview with Mark Johnson — A fraud and security expert gives a big picture talk on why industry convergence is driving the need for a broader “revenue risk intelligence.”  His prescription?  Yes, telecoms surely need to excel in technical  infrastructure such as traffic usage data, IP intrusion appliances, and physical barriers.  But just as important is the need to pair that knowledge with the real-life lessons of fighting criminals in general.

Related Articles

  • The Race to Serve Enterprises with Revenue-Generating IT Services Virtualized by SDN & NFV interview with Gal Ofel — The SDN/NVF movement is giving telcos a new revenue-generating play in the cloud: virtualized network and IT services to enterprises in areas like security, enterprise service assurance, enterprise application prioritization and content caching.
  • Lifecycle Service Orchestration: Enterprise Ethernet & Cloud Exchange Meet OSS & SDN/NFV interview with Marie Fiala Timlin — SDN and lifecycle service orchestration are key to the next generation of telco-to-enterprise services.  In this interview, an expert explains how lifecycle service orchestration adds value to SDN, cloud exchanges, enterprise Ethernet, and mobile backhaul.
  • Automatically Stopping Fraud Traffic: iBasis Raises the Bar for Wholesaler Protection of Retail Carriers interview with Daan Kleijnen — The margins in the retail voice business are so tight these days that many operators fail to make a vital investment in fraud protection, making them easy targets for IRSF and other frauds.  A leading wholesaler explains a new fraud control program that automatically disconnects a retailer’s fraud traffic.
  • False Answer Supervision Fraud: Applying Advanced Statistics to Find Needles in the CDR Haystack interview with Steve Heap — Fraud management solutions have made great technical advances via automated threshold setting, big data, and DPI.  Now this expert interview explains how a new breed of advanced statistics-based solutions is tackling very hard-to-detect fraud types such as the call signal spoofing of False Answer Supervision.
  • Fraud Management Collaboration: From “Great Idea” to Real Software & Intelligence Sharing interview with Katia González — Without effective multi-operator collaboration in fraud management, each operator ends up merely reacting to fraud threats on its own rather than building up a proactive defense.  In this interview, a leading wholesale provider explains its innovative program to enable the automated and expert-to-expert sharing of fraud intelligence and techniques.
  • Sharing Intelligence, Services, and Infrastructure across the Telecom Galaxy interview with Gary Zimmerman — The telecom industry is an industry of sharing.  In fact, the rise of mobile broadband is driving a greater reliance on real-time intelligence, services trading, and infrastructure exchange.  In this article, a leading info exchange provider explains the value of its services portfolio and points to other interoperability and sharing ideas under development.
  • Recruiting Smartphone Users as Partners in Telecom Fraud & Security Control by Chris Hill — Premium Rate Service (PRS) fraud and spyware on a mobile phone can ruin an operator’s relationship with a  subscriber.  The attacker uses malware to automatically generate phone calls, SMSs and data sessions to high cost (premium) phone numbers.  This article discusses a new crowd sourcing mobile app that addresses the problem and helps operators better manage the threat.
  • International Revenue Share Fraud: Are We Winning the Battle Against Telecom Pirates? interview with Colin Yates — International Revenue Share Fraud (IRSF) is one of the telecom industry’s most enduring problems.  Yet many of us have only a foggy notion of how IRSF works and how operators around the globe are coping with the issue. This interview covers the bases: the origins of IRSF, typical fraud scenarios, efforts to get international cooperation on the issue, and the future outlook of IRSF.
  • Converging Criminal and Technical Intelligence: Secret to Combating the Explosion in Telecom Fraud and Security Threats interview with Mark Johnson — A fraud and security expert gives a big picture talk on why industry convergence is driving the need for a broader “revenue risk intelligence.”  His prescription?  Yes, telecoms surely need to excel in technical  infrastructure such as traffic usage data, IP intrusion appliances, and physical barriers.  But just as important is the need to pair that knowledge with the real-life lessons of fighting criminals in general.
  • Real-Time Network Intelligence: The New Way to Read Telecom Tea Leaves by Suren Nathan — Real-time network intelligence is the key to deciding which products to launch, whose facilities to lease, and where to route traffic.  The article explains why telecoms — and especially enhanced service providers --  should ideally be equipped with both a fine-grained margin analysis solution and a SaaS platform, offering an upgrade path that requires no internat IT support.