Email a colleague    

May 2015

Automatically Stopping Fraud Traffic: iBasis Raises the Bar for Wholesaler Protection of Retail Carriers

Automatically Stopping Fraud Traffic: iBasis Raises the Bar for Wholesaler Protection of Retail Carriers

Ten years ago, who would have thought that protecting customers from fraud would become a major differentiator among global wholesalers?  But it has, and that’s a sign of the times.

A decade ago, telecom fraud losses were considered a mere drop in the bucket because our industry was booming and international voice service was highly profitable.

But the ramp up of Voice over IP (VoIP) service in the mid-2000s fundamentally changed telecom’s profit equation: it led to cheaper rates and an explosion in international voice traffic.

In turn, the success and visibility of VoIP providers like Vonage in the US encouraged many more VoIP providers to enter the game.  Cable operators also leaped on VoIP as the third leg of their triple play strategy to combine video, high speed internet, and voice service.

So the net effect has been to make the retail voice business a highly competitive one where the margins are so tight that many operators fail to make a vital investment in fraud protection.

So what invariably happens?  Well, here’s a very common scenario.  The operator’s customer is an enterprise with a PBX, and a computer located halfway around the world launches a brute force attack on that PBX.  Once it discovers the PBX’s password, on an opportune Friday night, it hijacks the PBX to make hundreds of phone calls to an IVR machine in Senegal at a $10-a-minute premium rate.

Monday morning, the enterprise customer arrives at its office to get a bill for $50,000.  And to save the customer account, the operator often pays that bill.  This scheme, called International Revenue Share Fraud (IRSF), robs telecoms of $4 billion in revenue each year according to the CFCA fraud association.

Fortunately some sharp minds have been thinking about how best to solve IRSF and other fraud issues.  One such person is Daan Kleijnen, Product Manager for Fraud Solutions at global wholesaler, iBasis.  Daan is here to tell Telexchange Journal readers about a new service iBasis has just announced, an automated solution for protecting its 500+ global carrier customers.

Dan Baker: Daan, before we discuss the details of your new fraud protection service, please tell us about your view of the fraud issue, and why you’ve now launched this new fraud protection service.

Daan Kleijnen: Dan, we created our FraudAlert™ solution for KPN and a few other large customers.  Having proven its effectiveness, we decided to develop it further so it could serve the broader set of customers we work with.

Our customer base at iBasis actually varies quite a bit.  We serve carriers from the very small to the extremely large.  And the needs vary greatly across that spectrum.

Take the smaller customers.  Many of them have zero fraud coverage over the weekend.  Some have little visibility into fraud concerns at all: they don‘t know when they’ve been hit with fraud.  And when it does occur, they are always too late to take the right action.

The larger carriers are concerned about revenue loss, too, but they are just as concerned about their public image.  When the end customer of a large carrier gets hit with a large case of fraud, the carrier is almost always blamed and so its reputation can get tarnished because of it.

Our FraudAlert solution solves these problems.

Can you walk us through your solution and tell me how it works?

Absolutely.  The FraudAlert service begins on the principle that the retail carrier must remain in complete control of its traffic.  And through alerts that we send them when certain thresholds of fraud traffic are detected, iBasis can take action based on customer wishes — either automatically disconnecting the traffic or redirecting it back to the customer and allowing them to decide.  Either way, the customer remains in control.

The fraud protection service starts when the customer sets up threshold for three different types of alerts in our system.  The alert categories are: information, warning, and critical alerts.  Those thresholds can be set for either U.S. dollars or minutes of fraudulent traffic.

Once iBasis detects that thresholds are reached, we send the customer an email or an SMS alert, and our customer takes whatever action they have determined to take, which may include pre-set actions for us to take on their behalf.  Or they have to call us to do something with that traffic.

So how is this new service different from the typical protection a wholesaler provides to retail carriers?

Well, the state-of-art in wholesaler fraud control today is that when fraud is detected, the traffic is sent back to the customer where it is automatically redirected to the next vendor in the customer’s routing plan.

Now, merely redirecting the traffic like that means the carrier is not really protected from revenue loss.

So we have added the capability to automatically disconnect the fraudulent traffic.  Our customers actually have two options:

  • Automatically disconnect the fraud traffic. For example, our customer can set in our system the rule, “If I get hit by fraud and it goes over a $200 threshold in a 12-hour time limit, then block this traffic.” Then when that threshold is reached, we will automatically disconnect the traffic and it will not be re-directed to the next vendor in the routing lineup; or,
  • Manually instructing us to disconnect the traffic. Automatically ending calls sounds scary for lots of carriers, especially the bigger ones because it means they are giving us the authority to disconnect their traffic streams.  That’s why we have a second option which is to wait for the carrier to specifically tell us to discontinue the traffic by clicking a “block” button on their portal or mobile app.  Once they’ve done that, we disconnect the traffic and stop redirecting it to their next vendor in the lineup.
What kind of impact do you feel this service will have on your retail customers?

Number one, operators are going to save a lot of money, especially the smaller ones.  Even if they only opt to use this service for nights and weekends, that’s very convenient because the traffic will be disconnected automatically when people are no longer in the office.

There’s another key aspect of this: fraud problems are being addressed much quicker.  Now, when you think about the time delay there is between getting an alert, evaluating it, making a decision, and either blocking the traffic yourself or getting us to block it for you — there’s a lot of manual steps involved there.

But with automatic operation, the time saved can add up to a substantial amount of money.  Our new system moves the bar for blocking fraud from a matter of hours to a few minutes.

Daan, this sounds like what the market has been waiting for.  Please tell us more about how your overall fraud control program differs from those of other players?

What differentiates us from competitors in this solution is that we have developed very sophisticated proprietary fraud management algorithms.  So, with the billions of CDRs going through our systems, we are capable of constantly improving that code base.

Fraud management solutions on the open market contain a lot of intelligence about fraud in general, but not about the traffic patterns of our customers.  And when you start with a third-party vendor, it takes time before they can adjust their own algorithms to your needs.

As a wholesaler, being smart about where traffic streams are coming from and flowing to is very important to our core business.  So, having an in-house fraud alerting and control system made a lot of sense for us.  It also allows us to be flexible enough to respond to a customer’s special needs.  For instance, if a customer sees fraud coming from a particular destination, we can tailor a solution to their needs.

But looking at the larger picture of fraud management, the blocking or disconnecting of fraud traffic is merely the last leg of a more comprehensive fraud management program that every wholesaler has in place.  We think of the process in three steps:

  1. Digital analysis — When traffic comes in, we run it through digital analysis.  This is where we check the A and B numbers of the traffic and make sure it’s not on our black list of numbers we maintain and know are fraudulent.
  2. Vendor selection — Second, we do a thorough background check on our vendors to make sure we have the right ones in place.
  3. The Fraud Catching Algorithms — Finally once the traffic starts flowing, we have algorithms to catch everything we haven‘t stopped through digital analysis and good vendor selection.
Thanks, Daan.  It’s a service that’s much needed.  Good luck with it.  And I think it’s also a great strategy for iBasis to get out in front of this big issue.

Dan, this new program will certainly bring some efficiencies to iBasis and substantial savings to our customers.  The international voice business is challenging — consumers are demanding high quality and low costs.  As one of the largest voice carriers in the world, we work hard to deliver both quality and revenue assurance for our customers.  When we do that, we both succeed.

Copyright 2015 Telexchange Journal

 

About the Expert

Daan Kleijnen

Daan Kleijnen

After a few years within KPN mobile, Daan Kleijnen joined the iBasis product management team, located in the iBasis Headquarters in Burlington, Massachusetts.

Daan is now responsible for the management of the iBasis fraud system, from developing new product and features to worldwide launches and implementation.  He’s also tasked with turning key customer requirements into advanced capabilities and enhanced solutions and has been instrumental in developing iBasis‘ FraudAlert product.

An active participant in industry forum such as i3 forum and GSMA fraud groups, Daan holds a Bachelor and a Master’s degree in Organizational Science from Tilburg University, The Netherlands.

Related Stories

  • Automatically Stopping Fraud Traffic: iBasis Raises the Bar for Wholesaler Protection of Retail Carriers interview with Daan Kleijnen — The margins in the retail voice business are so tight these days that many operators fail to make a vital investment in fraud protection, making them easy targets for IRSF and other frauds.  A leading wholesaler explains a new fraud control program that automatically disconnects a retailer’s fraud traffic.
  • False Answer Supervision Fraud: Applying Advanced Statistics to Find Needles in the CDR Haystack interview with Steve Heap — Fraud management solutions have made great technical advances via automated threshold setting, big data, and DPI.  Now this expert interview explains how a new breed of advanced statistics-based solutions is tackling very hard-to-detect fraud types such as the call signal spoofing of False Answer Supervision.
  • Fraud Management Collaboration: From “Great Idea” to Real Software & Intelligence Sharing interview with Katia González — Without effective multi-operator collaboration in fraud management, each operator ends up merely reacting to fraud threats on its own rather than building up a proactive defense.  In this interview, a leading wholesale provider explains its innovative program to enable the automated and expert-to-expert sharing of fraud intelligence and techniques.
  • Recruiting Smartphone Users as Partners in Telecom Fraud & Security Control by Chris Hill — Premium Rate Service (PRS) fraud and spyware on a mobile phone can ruin an operator’s relationship with a  subscriber.  The attacker uses malware to automatically generate phone calls, SMSs and data sessions to high cost (premium) phone numbers.  This article discusses a new crowd sourcing mobile app that addresses the problem and helps operators better manage the threat.
  • International Revenue Share Fraud: Are We Winning the Battle Against Telecom Pirates? interview with Colin Yates — International Revenue Share Fraud (IRSF) is one of the telecom industry’s most enduring problems.  Yet many of us have only a foggy notion of how IRSF works and how operators around the globe are coping with the issue. This interview covers the bases: the origins of IRSF, typical fraud scenarios, efforts to get international cooperation on the issue, and the future outlook of IRSF.
  • Converging Criminal and Technical Intelligence: Secret to Combating the Explosion in Telecom Fraud and Security Threats interview with Mark Johnson — A fraud and security expert gives a big picture talk on why industry convergence is driving the need for a broader “revenue risk intelligence.”  His prescription?  Yes, telecoms surely need to excel in technical  infrastructure such as traffic usage data, IP intrusion appliances, and physical barriers.  But just as important is the need to pair that knowledge with the real-life lessons of fighting criminals in general.

Related Articles

  • The Race to Serve Enterprises with Revenue-Generating IT Services Virtualized by SDN & NFV interview with Gal Ofel — The SDN/NVF movement is giving telcos a new revenue-generating play in the cloud: virtualized network and IT services to enterprises in areas like security, enterprise service assurance, enterprise application prioritization and content caching.
  • Lifecycle Service Orchestration: Enterprise Ethernet & Cloud Exchange Meet OSS & SDN/NFV interview with Marie Fiala Timlin — SDN and lifecycle service orchestration are key to the next generation of telco-to-enterprise services.  In this interview, an expert explains how lifecycle service orchestration adds value to SDN, cloud exchanges, enterprise Ethernet, and mobile backhaul.
  • Automatically Stopping Fraud Traffic: iBasis Raises the Bar for Wholesaler Protection of Retail Carriers interview with Daan Kleijnen — The margins in the retail voice business are so tight these days that many operators fail to make a vital investment in fraud protection, making them easy targets for IRSF and other frauds.  A leading wholesaler explains a new fraud control program that automatically disconnects a retailer’s fraud traffic.
  • False Answer Supervision Fraud: Applying Advanced Statistics to Find Needles in the CDR Haystack interview with Steve Heap — Fraud management solutions have made great technical advances via automated threshold setting, big data, and DPI.  Now this expert interview explains how a new breed of advanced statistics-based solutions is tackling very hard-to-detect fraud types such as the call signal spoofing of False Answer Supervision.
  • Fraud Management Collaboration: From “Great Idea” to Real Software & Intelligence Sharing interview with Katia González — Without effective multi-operator collaboration in fraud management, each operator ends up merely reacting to fraud threats on its own rather than building up a proactive defense.  In this interview, a leading wholesale provider explains its innovative program to enable the automated and expert-to-expert sharing of fraud intelligence and techniques.
  • Sharing Intelligence, Services, and Infrastructure across the Telecom Galaxy interview with Gary Zimmerman — The telecom industry is an industry of sharing.  In fact, the rise of mobile broadband is driving a greater reliance on real-time intelligence, services trading, and infrastructure exchange.  In this article, a leading info exchange provider explains the value of its services portfolio and points to other interoperability and sharing ideas under development.
  • Recruiting Smartphone Users as Partners in Telecom Fraud & Security Control by Chris Hill — Premium Rate Service (PRS) fraud and spyware on a mobile phone can ruin an operator’s relationship with a  subscriber.  The attacker uses malware to automatically generate phone calls, SMSs and data sessions to high cost (premium) phone numbers.  This article discusses a new crowd sourcing mobile app that addresses the problem and helps operators better manage the threat.
  • International Revenue Share Fraud: Are We Winning the Battle Against Telecom Pirates? interview with Colin Yates — International Revenue Share Fraud (IRSF) is one of the telecom industry’s most enduring problems.  Yet many of us have only a foggy notion of how IRSF works and how operators around the globe are coping with the issue. This interview covers the bases: the origins of IRSF, typical fraud scenarios, efforts to get international cooperation on the issue, and the future outlook of IRSF.
  • Converging Criminal and Technical Intelligence: Secret to Combating the Explosion in Telecom Fraud and Security Threats interview with Mark Johnson — A fraud and security expert gives a big picture talk on why industry convergence is driving the need for a broader “revenue risk intelligence.”  His prescription?  Yes, telecoms surely need to excel in technical  infrastructure such as traffic usage data, IP intrusion appliances, and physical barriers.  But just as important is the need to pair that knowledge with the real-life lessons of fighting criminals in general.
  • Real-Time Network Intelligence: The New Way to Read Telecom Tea Leaves by Suren Nathan — Real-time network intelligence is the key to deciding which products to launch, whose facilities to lease, and where to route traffic.  The article explains why telecoms — and especially enhanced service providers --  should ideally be equipped with both a fine-grained margin analysis solution and a SaaS platform, offering an upgrade path that requires no internat IT support.