Email a colleague    

June 2012

Converging Criminal and Technical Intelligence: Secret to Combating the Explosion in Telecom Fraud and Security Threats

Converging Criminal and Technical Intelligence: Secret to Combating the Explosion in Telecom Fraud and Security Threats

Fraud threats in the circuit switched world of only 15 years ago were relatively tame.  Phone hackers stealing voice minutes were a minor annoyance.  The biggest threat was probably on the credit side: a seemingly promising startup business racking up 30 to 60 days of long distance minute charges then skipping town before paying the bill.

But those sleepy days of “small town” fraud are gone forever.  Today, the fraudsters have long since packed their smartphones, routers, and fake IDs for the Big City.

Threats are exploding, in part, because today’s communications world is a candy store for the fraudster — so many mouth-watering opportunities to steal a fortune: errant SIM cards, on-line banking accounts, mobile banking, and hacking into a VPN when an employee logs on at Starbucks.

The new threat gateways are so numerous that we can no longer afford to develop technical solutions for every threat.  And understanding where to focus a telco’s fraud and security energies and resources is no easy task.

Making the right choices requires a broader intelligence: an understanding of fraud and security infrastructure such as traffic usage data, IP intrusion appliances, and physical barriers, but also real-life experience in fighting criminals and devising strategies to anticipate their next moves.

Mark Johnson, chairman of The Risk Management Group (TRMG), is a guy who cuts across these very different knowledge domains and in this exclusive Black Swan interview, he gives us a preview of the insights he delivers in the consulting and training services he brings to worldwide clients.

Dan Baker: Mark, I understand you came into the telecom risk business from a non-traditional path?

Mark Johnson: Dan, my entry into fraud and security didn‘t come from the technical side at all.  I was originally an intelligence officer in drug enforcement with my first assignment being on the island of Jamaica.  It was at that time I realized how key the intelligence activity is to crime fighting of all types.  And intelligence is really about collecting data and looking for patterns.  It could be the pattern of enemy patrolling, or the pattern of vessel movement, or the pattern of containerized cargo movement, or the pattern of phone calls, or the pattern of data packages coming in through the firewalls.  The basic concepts are essentially the same.

You can take those principles and apply them across the board to all facets of security and fraud.

One of the things that struck me when I finished TRI’s latest research study was that the subjects of insider fraud, revenue assurance, and cyber security are very related, but you would never know that by looking at the sales literature of the vendor companies.

Revenue assurance and fraud vendors rarely pay any attention to cyber security, and I don‘t think they fully recognize just how far convergence is going to push things -- how hard it’s going to be to make a distinction between different types of security incident.  We need to get beyond the silos and look at the total picture.

A good example: many fraud cases involve changes to rules or activating accounts on a platform somewhere.  So the revenue assurance guy will reconcile and find 5.3 million people activated on the HLR, when the billing system says there should only be 5.25 million.  But what’s often never explored are the platform security and cyber security issues that may be the root causes of those particular issues.  They often just focus on the revenue leakage and the reconciliation rather than the true root cause.

Likewise, the cyber security guys focus on authentication, access rights, and data classification, but don‘t seem to address the question: what are the revenue assurance implications of these cyber breaches?  So a stronger business case needs to be built to understand the end-to-end issues, root causes, and costs.  And I think they are really missing a trick there.

The only company I can think of that made the leap from usage analysis to cyber security is the mediation vendor Narus, who had Japan’s KDDI as a mediation customer.  Narus was ultimately acquired by Boeing Information Systems.

Yes, unfortunately, people want to remain in their comfort zones, and they fear, once you start using acronyms that they are not familiar with, that it sounds like too much hard work or it’s not “core business” for them, so they avoid it.

I suppose one indicator that things are converging is that assurance professionals increasingly struggle with industry terminology.  Now with the “Risk Management” term in your organization’s name, I’m curious what you mean by the term “risk management”.  Is it the traditional corporate use of the term that looks at issues like: what business are we in? and where should we go next?  Or conversely, are you referring to more systems-, IT- and threat-oriented kinds of risk management?

I find the best term to clarify things is “revenue risk management”.  If you lose a dollar through fraud or through revenue leakage, and you are making a 20% profit, it cost you 4 dollars to make that one dollar.  But if you can lock down the fraud and revenue leakage, you are making a direct contribution to the bottom line, which means cutting the level of investment required.  That’s a very tangible financial benefit, but I find that argument is very often not articulated well by the fraud and revenue assurance team because they haven‘t got the confidence to express it, but it is very real.  Revenue risks are strategic business risks if they occur frequently and involve big numbers.

Mark, when you consult with or provide training to clients, what are some of the things you focus on at the outset.

The most important starting point is always an assessment of how risks and controls map against each other — where are the main gaps today.  Personally, I usually end up talking to my clients about the future of risk, which is really where I like to be personally, as opposed to dealing with today’s risks.  After I understand the big picture and provide visioning inputs, my team comes in to cover current operational fraud and revenue assurance topics.  I am happiest working in the blue sky area, because that’s more exciting.

Another one of the first things we look at is how risks are going to map onto a client’s business model.  So, for example, if the business model is evolving towards more data and less voice traffic, then controlling monthly or fixed payments for data services, or looking at new charging options in the pipeline, will become more important than examining current transaction-based charging accuracy.  A changing business model implies that your risks are going to take on a different form very soon.

A key point I make to them is that 50% of risk management is about user awareness — having an aware group of users, both employees and customers.  If you have that, a lot of your problems are going to be dealt with very early on.  But here’s the challenge: as the number of users on the network of networks — all the networks combined — grows, the mean level of education, competence, and awareness of those users falls.

I also use a diagram that illustrates the observation that as the number of different devices and users grows and as the number of vulnerabilities grows because the service mix gets more complex, the overall risk is sure to rise overall.  It really is primarily a function of the lack of the awareness and lack of education multiplied by the rising number of unaware consumers and employees.

So risk is very much a part of our future and we have to understand it and how it’s evolving.  If we don‘t do that, we’re wasting our time.

You’ve been involved with many of the fraud software vendors over the years, How would you characterize the kind of solutions being offered today versus those in the past?

The biggest shift, I think, has been away from the sort of subscriber centric, CDR centric view which is great if you looking for a guy in a phone booth.  Today the picture has moved far more towards enterprise-level fraud -- somebody setting up a bypass operation or international revenue share — plus all the data challenges.  So, while you still need to keep a lid on the older cases, the general trend is towards more sophisticated cases where the fraudster looks more like a professional businessman than a teen hacker.

As everything moves to IP and IP is accessible to everybody, you can set up a fraud operation in a garage with fairly cheap, high-tech equipment.  That’s what I envision for the future and so the vendors have to move in that direction as well.  It’s away from CDR-based analysis of individual records towards much more of a trending, profiling and macro-level statistical analysis approach.

A big issue in fraud solutions today is in-house vs. a service bureau or managed services solution.  The service bureaus argue you can lower costs and leverage off-premises expertise while the in-house champions figure it’s better to build and maintain an in-house expertise in fraud.  Now an operator can certainly straddle both worlds, but what’s your take on this issue?

That’s a difficult question.  And it kind of runs parallel to the whole discussion around cloud and security in the cloud.  Regulation is an important consideration as well.  If you go with a service bureau, then questions come up about protecting sensitive, personalized data.  You also need to ensure the service bureau is going be effective in fraud control and that may be a challenge where different cultures are involved — just look at the consumer push back against call centres that has been going on for a while now.  So, there are many facets to this question.

I think both options are valid however.  I don‘t think that there’s any one-size-fits-all solution in this market.  There will be operators who don’t have the headcount or the budget to run a proper fraud team, but they still recognize their risks and they will opt to outsource.  And they will do that in a way that makes them compliant with local law.  On the other hand, there are other operators who have the budget and see internal fraud expertise as part of their operating model, so they will want to maintain and keep an in-house team.

What about insider fraud?  Do you feel that threat has increased?

The insider as a risk has always been predominant, though not always recognized as such.  Even in the retail market, in the pre-cyber days, it was a big threat.  I remember at the conferences I attended in the 1980s when experts were saying that 70% to 80% of all losses stemmed from insider activity.  I don‘t know what the percentage is today, but I suspect it hasn’t changed dramatically.

And this isn‘t all malicious-insider activity either.  Much of it has to do with neglect, ignorance, a lack of appropriate training, or awareness.  So, there is a sort of 50/50 split between an insider deliberately stealing something and someone just facilitating theft through sheer ignorance or disinterest.  But as we get more and more technical and everything moves to a platform somewhere — almost every aspect of life these days is controlled by an electronic system somewhere — the opportunity for the people who control or have access to management systems to do bad things will continue to increase.  And because there are more and more boxes, it all becomes more and more complex and thus more risky — it’s Murphy’s Law writ large.

But the other side of the coin we have to consider the democratization of access and control — the whole Web 2.0 idea of managing customers and giving them access rights.  Any way you look at it, lots of power is in the hands of users right now, inside and outside the business.

Right, the Bring Your Own Device or BYOD issue.  In many cases, I understand the iPhone is being brought into a company and it isn‘t necessarily supported by the IT department or overseen.

People have traditionally viewed security as a series of layers like an onion.  And you can imagine you’ve got your assets in the center, and then around that you have many concentric rings of defense.  Some of those will be virtual, others will be things like awareness.  Still others will be physical fences and gates; and some will be electronic barriers.  But you’ve got these rings of defense around the main assets and the whole psychology behind the onion analogy is that you perceive the threats as being external and the assets as being internal.

That’s the traditional view and many people still have that view — a good example of that is the firewall or intrusion detection system, or antivirus software.  But now there’s a shift where we have the Cloud or Web 2.0, social media, outsourcing and so forth, which means the assets are no longer always internal — many of the key ones are external.  On the other hand the threats themselves are not solely external: many of them are internal which could as simple as an employee leaking something through Twitter -- or malicious activity.

So the whole idea of likening security to an onion has been turned inside out.  Yes, we still have the traditional threats from external sources, but the threats are bi-directional now instead of being in a single direction as was previously conceived; assets are internal AND external, while the threats are external, AND internal.  It’s a 360 degree, real time picture viewed through 4D glasses!

I think a botnet is a good example of that.  It penetrates a company and starts gathering intelligence, then starts feeding the information to outside people.

Yes, and you can include in that list: worms like STUXNET and FLAME — all those sorts of things.  I read that the STUXNET worm was possibly inserted into the Iranian nuclear facility by people who left USB sticks lying around that employees innocently used for storage.  That’s how one commentator thought the infection spread.

In another interesting case, a GSM operator had a trial which involved putting GSM SIM cards into traffic lights for remote management purposes.  The SIM cards were not locked down and when hundreds of them were stolen, the fraudsters were able to make thousands and thousands of free calls, costing the operator a fairly significant amount of money.

So, that is a good example of how there is disconnect really between the technology guys and the fraud/risk guys.  One meeting would have revealed that risk and sorted the problem out.  In other words, in this complex world you can easily lose a few million dollars overnight through a failure to have a 30-minute discussion between risk control and the product development teams.

And in our training courses, we have dozens of examples of fraud, and many of them can be traced to this lack of internal communication and follow up.  But while cross-departmental communications is key, assurance people must learn to communicate up the executive chain as well.  And if you can go to a telecom CEO and show him how he can increase his shareholder value or his market cap by merely one percentage point, that’s a huge strategic benefit that he is likely to become very, very focused on.  Unfortunately, the fraud and revenue assurance teams -- and the vendors, too -- have struggled to get that message across.

Copyright 2012 Black Swan Telecom Journal


About the Expert

Mark Johnson

Mark Johnson

Mark Johnson is a former drug enforcement operative and a corporate fraud manager for several major international communications firms, including Ericsson and Cable & Wireless.  He is the author of two books on communications and cyber security, and another two on Second World War history.

Mark now provides training and consultancy for UK Police forces, the UK Home Office, the financial services sector and a number of global compliance and risk training organisations.   Contact Mark via

Related Stories

  • Insider Fraud: How to Create an Anti-Fraud Culture in Your Telecom Organization interview with Mark Yelland — Thirteen years after the WorldCom scandal, experts generally agree that insider fraud remains a massive problem in telecom.  In this article you’ll learn the outlines of building a program to instill an anti-fund culture at your telecoms organization.
  • Converging Criminal and Technical Intelligence: Secret to Combating the Explosion in Telecom Fraud and Security Threats interview with Mark Johnson — A fraud and security expert gives a big picture talk on why industry convergence is driving the need for a broader “revenue risk intelligence.”  His prescription?  Yes, telecoms surely need to excel in technical  infrastructure such as traffic usage data, IP intrusion appliances, and physical barriers.  But just as important is the need to pair that knowledge with the real-life lessons of fighting criminals in general.
  • Insider Fraud: Detecting Criminal Activity in the Telecom Sales Process interview with Tal Eisner — One of the biggest problems telecoms now face is fraud done inside their offices, dealer stores and firewalls.  This type of fraud is especially dangerous because it’s performed by people fully authorized to transact for the company.  The story dicusses the major causes of insider fraud, presents a case study, and explains basic techniques that software uses to detect insider fraud.

Related Articles

  • Art of the Fugue: Bringing the Baroque World of Telecom Reference Data to Fraud Management interview with Guy Howie — A tutorial on the role of telecom reference data in billing, revenue assurance, and pricing analysis.  The interview includes details on four new reference databases in fraud control.
  • Share, Educate & Tighten Controls: How to Instill a Strong Telecom Risk & Anti-Fraud Culture interview with Luke Taylor — Learn the steps operators should take to: educate staff/customers in fraud prevention and assure against mobile service abuse.  The interview also dives deep into risk issues that affect the African continent.
  • How IRSF Predators are Evolving their Fraud Attacks on the Weak and Unprotected of the Telecom Serengeti interview with Colin Yates — Fraud fighter Colin Yates shares some startling research data and facts on how fraudsters are using automation and other techniques get around the recent success operators have had in blocking fraud, particularly to high-revenue destinations.
  • NuData Shines Digital Behavior Light on Operating Telecoms Securely in a World Darkened by Identity Fraud interview with Ryan Wilk — A tutorial on digital behavior analysis and how it drives value for telecoms in: greater fraud protection and intelligence to improve the digital customer experience.
  • Fraud Management in Music City: The 2017 Equinox Protector User Group Meeting by Dan Baker — Program details of an upcoming fraud management conference in Nashville, Tennessee in November 2017.  It’s the Equinox Protector User Group Meeting.
  • Mobileum Brings Analytic Scans & Minimally Invasive Treatment to Fraud Removal interview with Jason Lane-Sellers — Advanced analytics-driven fraud detection has arriving.  It enables targeted treatment of fraud cases, lessening customer experience mistakes such as blocking calls to legitimate businesses.
  • Stealth Test Calls: A Powerful New Weapon in the Fight to Block SIM Box Bypass interview with Kenneth Mouton — SIM Box bypass is a highly challenging interconnect fraud to detect.  An expert explains the benefits of a new hybrid test call and CDR profiling systems.  Also discussed is a major anti-fraud breakthrough: stealth test calls.
  • Telecoms Need to Step Up their Game in Subscription Fraud and Customer Onboarding Control interview with Luke Taylor — Know your customer and subscription fraud systems critical investments for telcos today.  An expert discusses: delivering first-class onboarding controls; selecting risk mitigation priorities; and integrating back end systems.
  • WeDo Offers Fraud Detection via a New Cloud Platform interview with Thomas Steagall — A leading vendor introduces a cloud fraud control solution to serve the low cost, easy-to-deploy-learn-and-support requirements of many new operators, OTTs, and MVNOs.
  • Bypass Fraud Evolves: New Threats from Outgoing SIM Box Bypass & Spikes in CLI-Tampering interview with Philippe Orsini — An overview of explosive fraud threats like outgoing SIM box call dumping and CLI spoofing.  What roles do human experts play and technical platforms in battling SIM box via electronic warfare?
  • A Herculean Task: Battling Fraud in an Increasingly Complex Comms World interview with Michalis Mavis — A fraud control expert walks through some interesting cases, gives us his advice on FMS software, and offers four key lessons on the path to fraud management excellence.
  • The Race to Develop Cross-Industry “Know Your Customer” Biometrics to Verify Identity Remotely interview with Shankar Palaniandy — ground-breaking cross-industry ID verification software. India’s 1 billion-people-strong national identity database could become the model for cross-industry ID verification worldwide.  An expert trialing visual biometrics at several Indian banks explains the latest in Know Your Customer technology.  
  • The Early Warning Power of IPRN Test Call Detection in Blocking IRSF Fraud interview with Colin Yates — Detecting the test calls made to International Premium Rate Numbers (IPRN) is helping telcos block IRSF fraud.  An expert explains fraudster methods and the value of IPRN databases.
  • How Regulators can Lead the Fight Against International Bypass Fraud by Dan Baker — As a regulator in a country infected by SIM box fraud, what can you do to improve the situation?  A white paper explains the steps you can and should you take — at the national government level — to better protect your country’s tax revenue, quality of communications, and national infrastructure.
  • Global Interconnect Specialist iconectiv Ramps up its Fraud & Identity Solutions in Bypass & A2P Messaging interview with Bojan Andelkovic — Today’s IRSF, SIM Box, and SMS A2P frauds call for coordinated and broadly conceived FM programs.  A leading interconnect specialist explains the benefits of its managed services approach.
  • A Real-Time Packet-Based Solution to Detect & Block any Hijacked OTT Call interview with Paul David & Andy Gent — Two veterans of the SIM Box call bypass wars describe a new solution for stopping OTT bypass.  Get vital intel on the call hijacking of VIBER and other OTTs.  Learn why the revenue threat to roaming is as serious as it is to international calls.
  • Calculating the Fraud Risks of the Digital Era by Dror Eshet — Digital and mobile technology are an integral part of our daily lives.  Not only is the technology evolving at a frantic rate, but a leading fraud expert explains how fraudsters now team with one another to commit their crimes and magnify the risks to users, companies, and global infrastructure.
  • SIM Box Bypass: The Damage to Developing Nations and the Actions Regulators Must Take interview with Lex Wilkinson — Bypass fraud via the SIM box causes great revenue loss and poses many other dangers, especially in developing nations.  An expert discusses the regulator issues and recommended actions in the fight to control bypass.
  • Protecting the Roaming Cash Cow: Using a Global Test Network for LTE Deployments & Beyond interview with Florian Leeder — International is a premium service that operators must ensure the roaming business is reliable and optimized.  This article makes the case for a global roaming test service.  It explains the problems operators face in contracting with roaming partners, maintaining quality, and rolling out LTE.
  • Nine Simple Strategies for Protecting an Operator or MVNO from Telecom Fraud interview with Jim Bolzenius — An expert in telecom fraud management explains essential strategies for aiming a carrier’s or MVNO’s fraud prevention program in the right direction.
  • A Sweeping 239-Page Research Report on Fraud Management Solutions & Strategies by Dan Baker — TRI has released a comprehensive  analyst report on fraud management solutions.  The study is based on interviews with three dozen leading FM consultants and solution experts.  Download the free Executive Summary.
  • SMS Bypass Blocking: A Service that Protects & Maximizes A2P Revenue for Mobile Operators interview with Claire Cassar — A2P messaging is a multi-billion dollar revenue stream that mobile operators need to protect.  In this interview, you’ll learn how a managed service solution blocks bulk marketing messages and other bypass fraud in enterprise-to-operator SMS traffic.
  • Device Intelligence and Big Data Linkage: Guarding Consumer Access Points from the Fraudsters interview with Matt Ehrlich — Preventing subscription fraud today means supplementing traditional identity checks with a host of new processes, technology, and big data analytics.  A credit and fraud risk expert explains the roles of predictive scores, device risk assessment, and linkage analysis.
  • Mapping the Interconnect Resale Routes of Fraudsters: How a Global Robot Network Detects Voice and SMS Bypass interview with Xavier Lesage — SIM box voice bypass is a persistent problem, but now, bypass is spreading to SMS, OTT apps on the smartphone, and ghost trunks.  This interview explains the fast evolving bypass scene, highlights the strategy of fraudsters, and provides case studies.
  • Law Enforcement & Security in a World Where Industry and National Boundaries are Blurred interview with Mark Johnson — Are we destined to be forever reactive over security, fraud, and risk issues?  Or will we put wise standards, regulations, and frameworks in place that allow us to deliver technology that’s relatively secure and fraud-resistant? 
  • Thinking Outside the Comms Box: A New, Cross Industry Fraud Check Service that Telecoms can Leverage interview with Jim Rice — For decades, telecoms have done fraud and identity checks using comms industry data.  This interview explains the power of using cross-industry data to pinpoint known fraudsters and suspicious individuals in finance, retail, and other industry data sets.
  • Integrated Test Call & CDR Analysis: A New Tool in the Fight Against SIM Box & OTT Bypass Fraud interview with Kenneth Mouton — Why not combine the virtues of FMS CDR analysis and test call generators to create a single integrated tool for bypass fraud control?  The benefits of that idea, a tutorial on test call systems in SIM box detection, and OTT bypass via mobile services like VIBER are all discussed in this interview.
  • White Paper: How to Defend Your Network Against the New SIM Server Threat by Dan Baker — SIM box bypass is a very stubborn fraud problem: fraudsters are succeeding despite carriers‘ best efforts to defeat the fraud.  This white paper explains the impact of SIM Servers as a powerful stealth weapon of the fraudsters.  In turn, the paper discusses new technologies and strategies that can defeat the more sophisticated types of SIM box fraud emerging.
  • Intelligent Routing: The Case for Blocking IRSF Fraud at the SIP Session Border Controller interview with Jim Dalton — A bad fraud event can be a huge loss, especially to OTT players who provide a VoIP service.  In this interview, you’ll learn about an anti-fraud solution that works in concert with  intelligent routing.
  • A Privacy-Enabled Data Exchange that Expands Analytics Uses in Fraud, Credit Risk and Beyond interview with Michelle Wheeler — Analytics data today is managed in a privacy-negligent way.  This interview discusses an ingenious privacy and analytics exchange that allows telecoms, banks, and money lenders to trade fraud, credit risk and other data with each other in complete confidence and control.
  • From Rules Design to Adaptive Learning Systems in Telecom Fraud Control interview with Shankar Palaniandy — Adaptive and behaviorial learning systems are at the forefront of R&D in telecom fraud management systems.  Here an expert developer explains their usefulness in use cases such as IRSF detection, subscription fraud, application fraud, and voice biometrics.
  • Protecting 900+ MVNOs around the Globe from IRSF Fraud Pirates interview with Colin Yates — Telecom fraudsters are seeking a new, more vulnerable path to riches.  Their target: 900+ MVNOs around the globe who generally own no mobile networks, but sell mobile service virtually.  This interview with a fraud control expert explains what steps MVNOs must take to protect themselves from IRSF fraud.
  • Insider Fraud: How to Create an Anti-Fraud Culture in Your Telecom Organization interview with Mark Yelland — Thirteen years after the WorldCom scandal, experts generally agree that insider fraud remains a massive problem in telecom.  In this article you’ll learn the outlines of building a program to instill an anti-fund culture at your telecoms organization.
  • IRSF Protection: Software that Blocks Telecom Fraud at the Enterprise PBX interview with Roger Ansin — The richest criminal path to International Revenue Share Fraud (IRSF) goes through the enterprise PBX.  Hijacking the PBX has cost businesses and telecoms countless billions of dollars in the past 15 years.  In this interview you’ll learn about this industry challenge and an affordable and proven tool that blocks IRSF at the enterprise.
  • Combating SIM Box Fraud: Network Protocol Analysis to the Revenue Rescue interview with Lex Wilkinson — International call bypass is fraud perpetrated through SIM boxes equipped with dozens to hundreds of SIM cards that disguise international calls as local domestic phone calls.  This article give a backgrounder on SIM box detection techniques and talks about a new, rapid-detection technology based on network protocol analysis.
  • Making the Retail Operator Case for Anti-Fraud Protection via Wholesalers interview with Jan Dingenouts — Small retail operators are highly vulnerable to fraud, so enlisting the anti-fraud assistance of wholesalers is a great idea.  This interview explains useful negoiating tactics for retail operators and shows how wholesalers can lend support and grow their business at the same time.
  • A Wholesaler’s Fraud Prevention Creed: If You Lose the Trust, You Lose the Traffic interview with Robert Benlolo — Large wholesalers play a major role in keeping a lid on international telecom fraud.  In this interview, a wholesale voice and fraud management expert explains the role of its vendor systems and multi-threaded internal processes in protecting customers from fraud losses and shady wholesale suppliers.
  • Telecom Fraud & Credit Protection: A Desperate Need in Unbanked Regions of the World interview with Luke Taylor — Mobile money plus related fraud and credit protection are crucial to the prosperity of developing nations where most “unbanked” people live.  This article discusses the special issues of the unbanked market as well as broader revenue protection challenges and opportunities.
  • The Grey Market in Prepaid: Tactics to Combat International Bypass via the SIM Box interview with Ahmad Nadeem Syed — SIM box fraud is one of the toughest revenue threats that telecoms face.  It is the redirection of international calls via the internet to drop illegal VoIP traffic onto mobile networks.  This interview with an expert RA and fraud manager provides a detailed overview of the threat scenario, current SIM box tactics, and some creative ideas for bringing this problem under control.
  • Why Deep Packet Inspection Analysis is Essential for Detecting IP Fraud by Dror Eshet — The IP and mobile broadband revolution is in full swing: time for fraud managers to totally rethink their existing controls and areas of exposure.  In this article, a fraud expert discusses the power of DPI technology and the key impact its analysis is having in an FM world where knowing what’s inside the packets is as important as figuring out where those IP packages are going.
  • Flexibility & Fraud Management Systems: 8 Questions for Luke Taylor of Neural Technologies interview with Luke Taylor — Meeting today’s fraud threats is not just about technology, but also the speed of threat detection, the scanning of data outliers, and being enormously flexible.  A leading fraud management vendor takes a bead on current FM issues and points to where software is headed.
  • Recruiting Smartphone Users as Partners in Telecom Fraud & Security Control by Tal Eisner — Premium Rate Service (PRS) fraud and spyware on a mobile phone can ruin an operator’s relationship with a  subscriber.  The attacker uses malware to automatically generate phone calls, SMSs and data sessions to high cost (premium) phone numbers.  This article discusses a new crowd sourcing mobile app that addresses the problem and helps operators better manage the threat.
  • Roaming — if Managed Correctly --  Can Be a Spark to Revenues by Brian Silvestri — Major analyst firms are predicting that roaming revenues will almost double in five years.  What’s more, roaming remains at the pivot point of Wireless Carrier strategy.  Drawing lessons from the incredible rise of AT&T’s Digital One Rate Plan, this article points to future challengtes and raises key  questions about how mobile operators will ultimately come to terms with smartphone market profitability, service quality, and data roaming.
  • What Makes Good Fraud Management Software?  9 Questions for Tal Eisner of cVidya interview with Tal Eisner — How do you know if the fraud management software you own or are considering is a good one?  That’s the starting point of a conversation Black Swan had with a product strategist of a leading FMS vendor.  The article discusses everything from maturity and customer collaboration... to PBX hacking and enabling the FMS to actually enhance the relationship a telco has with its enterprise customers.
  • International Revenue Share Fraud: Are We Winning the Battle Against Telecom Pirates? interview with Colin Yates — International Revenue Share Fraud (IRSF) is one of the telecom industry’s most enduring problems.  Yet many of us have only a foggy notion of how IRSF works and how operators around the globe are coping with the issue. This interview covers the bases: the origins of IRSF, typical fraud scenarios, efforts to get international cooperation on the issue, and the future outlook of IRSF.
  • Fraud Management at Kyivstar in Ukraine interview with Anton Pivala — Kyivstar from Ukraine is a leading mobile operator in both  voice service quality and consumer value.  This case study gives details on Kyivstar’s fraud control program, reveals some of the unique operator challenges faced in Eastern Europe, and explains how Kyivstar is successfully winning the battle against  IRSF and SIMbox fraud.
  • Converging Criminal and Technical Intelligence: Secret to Combating the Explosion in Telecom Fraud and Security Threats interview with Mark Johnson — A fraud and security expert gives a big picture talk on why industry convergence is driving the need for a broader “revenue risk intelligence.”  His prescription?  Yes, telecoms surely need to excel in technical  infrastructure such as traffic usage data, IP intrusion appliances, and physical barriers.  But just as important is the need to pair that knowledge with the real-life lessons of fighting criminals in general.
  • Gratifying Ghana: Why Listening to Operators Trumps Vendor Technology and Size interview with Ludvig Lindqvist — The value of technically excellent software is negated if the solution is not implemented right.  This article makes a strong case that vendors need to focus on first things first — get in full synch with a service provider’s business, capabilities and unique needs before you recommend or implement any software.  Topics discussed include: the benefits of retaining in-house expertise, implementation challenges in Africa, and the meaning of “thorough engagement” with the client.
  • Roaming Fraud: The Importance of Real-Time Data Exchange and Analysis interview with James Stewart — The Near Real Time Roaming Data Exchange (NRTRDE) is a GSM standard allowing operators to gain fast access to the roaming records of service providers half way around the world.  The article explains how 65 carriers are using this data to combat fraud through a service bureau.  Learn about the dangers of international roaming fraud and the value a roaming service bureau brings to the table.
  • Is the M2M Device in Your Refrigerator a Telecom Fraud Threat? interview with Simon Collins — Machine to machine (M2M) technology is being applied in hundreds of monitoring apps, such as smart metering and health diagnosis.  It’s even being used to monitor driving patterns tied to auto insurance rates.  But this article shows the serious M2M fraud and security threat that stem from the theft of the SIM/USIM device used in every M2M device.  The article discusses the RA and fraud strategies operators need to employ to manage the risks that will come from wider M2M deployments.
  • “Fraud Is a Wind that Always Blows” and Other Wisdom From a 28-Year Old Software Firm interview with Gary Beck — Here’s the amazing story of how Beck Computers was pulled out of a Tier 1 account only to be brought back in a few months later.  The article explores software vendor service and support challenges, real-time computing requirements, advanced fraud management functions, and ways to educate management on the value an FMS investment.
  • Insider Fraud: Detecting Criminal Activity in the Telecom Sales Process interview with Tal Eisner — One of the biggest problems telecoms now face is fraud done inside their offices, dealer stores and firewalls.  This type of fraud is especially dangerous because it’s performed by people fully authorized to transact for the company.  The story dicusses the major causes of insider fraud, presents a case study, and explains basic techniques that software uses to detect insider fraud.
  • Fraud & Credit Risk Software: Setting the Client Free to Innovate interview with Luke Taylor — Not every operator wants the freedom to configure its own fraud management solution, but certain providers wouldn‘t live without such a “framework” approach .  This article discusses: the reasons why operator choose this strategy as it covers many other fraud and credit software implementation issues.
  • Why Selling to Business Customers Makes You a High Risk Target for Fraud by David West — There’s a saying in the fraud business: “It’s not a question of whether you’ll be hit by fraud — only when, how bad, and from which direction.“  Citing four recent cases where operators were hit by fraud, this article explains why investing in a fraud soluiont — and keeping up-to-date — are so critical.  The article gives several examples of vulnerability points that fraudsters commonly exploit.