It’s still quite early in the year but by now I’m sure you’ve already read more than you thought necessary about IoT ecosystems, 5G slice billing and AI/ML leveraging. That’s not to say it’s not interesting (I myself have written about these topics a few times already!), but it does reflect a tendency for people to focus on the new.
Whether it’s telecoms or transportation, there is always an irresistible urge to view old problems through new prisms. The obvious problem here though is that you’ll be updating you’re frameworks every time a new disruption or paradigm comes to market. So if you’re like us here at WeDo Technologies, you might find it useful every now and then to think about fraud detection and prevention in a way that future-proofs you against the new and unknown. Here we’ll explain what telecom fraud managers need to be thinking about in order to prepare your networks for any kind of new threat - known or otherwise. After all, at the frontlines of fraud you only need to make a mistake once to undo all the hours of good work that goes largely un-noticed!
What do fraudsters see as our weakest link?
People working inside telecom fraud teams have access to the kinds of data and inside info that fraudsters can only dream of. The advantages are obvious, but the downside is that you might end up focusing on the privileged data you have and making decisions based on this hypothetical threat, at the expense of what is actually happening. Or put more simply, fraudsters don’t know what you know. So why bother second-guessing them when you can just look at what they’re doing in real-time?
This means you need to be asking yourself what forms of fraud are most pervasive on your network? Which ones lead to the biggest losses? And how are they executing it? If you don’t know (a problem unfortunately quite common among MVNOs) then it’s about time you look at tools to help you. If for example you could see definitively that pre-paid fraud was a huge source of losses, then you might be able to identify a rogue call-centre operator. If you notice a problem with IRSF, then with the right software you might be able to trace it back to an original source of subscription fraud.
You should also consider whether these have purely financial consequences or if there is a lasting impact on brand/customer experience. When you have a firm grasp on what is happening, who is affected and the full costs involved, developing an adequate framework becomes a lot easier.
Will we only ever be reactive to these problems?
Now you’ve identified the problem, the next step is control. Each operator will have a different financial reality, so getting the right formula for cost, innovation and reliability is tricky. But whether you decide on a pure solution-based approach or a more comprehensive framework, these should still be the guiding ideas.
Costs: Is your investment proportionate to the problem (assuming you are confident that you are accurately measuring the problem. Fraud is a problem in that so much goes hidden)?
Innovation: Given the constantly changing landscape, will the fraud solution be truly effective in the long term, or does long term only mean the length of the license?
Reliability: Does it actually work? And in the almost near-certain circumstance you’ll need additional help, will you receive it? Can you automate aspects of the process and include an easy-to-follow audit trail?
Telecom fraud is something of a rare-beast in business as you need things to go wrong to truly understand the value of what you’re doing (although it probably doesn’t always seem that way to people in other departments at the time). A truly innovative and reliable approach would use tools like AI and ML to collect all the relevant data, monitor it real-time, and then notify you to problems before they become a problem.
Are these controls actually working though?
If you had 1000 fake subscribers on your network committing IRSF and you stopped them, then you deserve some recognition. But if your boss says “clearly IRSF is the big problem here, and our numbers are down, so everything is great” then you’re going to run into problems. Those 1000 fake subscribers can still get access to your network and they’re not stupid enough to try the same scam twice.
This is where it’s essential that your system doesn’t stop at collecting and monitoring data to notify you of things you find important. You need to be confident that it can discover and learn about new patterns and threats, and act autonomously when needed. Customizable dashboards also work fantastically alongside this to provide a simple and visual interpretation of the huge numbers of data you generate to make sure you’re not acting in a static environment.
Do you want to be doing this again next year?
The final piece in the jigsaw is accepting that success is fleeting, both in terms of fighting external fraudsters and in terms of demonstrating your internal value to your organisation. As mentioned before, the landscape is changing with new technologies and fraudsters have access to new tools and techniques. With that in mind, would you be confident with your fraud management framework next year? What about in 5 years? If there is action you can start taking now to make sure your fraud solution/framework will be able to properly evolve with the times, then you should start acting on it. If you strongly feel that you’ll probably need to buy whole new fraud solutions and whole new licenses, then why bother waiting? Get at least some groundwork laid in and adopt some modules from whichever vendor you think is going to help you better next year.
Too long; Didn’t read
Fraud teams will be constantly challenged by outside forces, and also subject to intense internal scrutiny. It might be tempting to double-down on what is currently working, but all too often that thinking is dangerous as it’s based on the assumption that your threats stay the same, and that everything is being measured.