Email a colleague    

January 2013

What Makes Good Fraud Management Software?  9 Questions for Tal Eisner of cVidya

Is Your Fraud Management Solution a Good One?  9 Questions for Tal Eisner from cVidya

You, me and everyone who works for a living is a “product expert”.  And if we don’t manage an actual product that’s sold to a customer, then the product we manage is ourselves, the value of the services we provide to our employer.

Now putting that product’s value into words is not easy.  I mean, when you meet up with friends and family at a class reunion, party, or wedding, how do you explain to them what you do for a living?  For me, it’s never easy, especially when my friend’s knowledge of telecom is limited to the cell phone in his hand.

So that’s what this interview is about.  At the TM Forum in Orlando, FL, I met up with Tal Eisner, Senior Director of Fraud Management Solutions and Strategy in cVidya.  Then I peppered him with questions to tease out the most important features of his software product — and more broadly, of any Fraud Management System (FMS).

So here you go: some highly edited Q&A that hopefully crystallizes many of the software features a buyer should consider when selecting any FMS.

1 Fraud management solutions have been around for a long time, but there are still a lot of small operators out there who view an FMS solution as optional.  What do you say to them?

Tal Eisner: Dan, I’d say they are gambling at the casino.  Many people compare fraud management to buying auto or life insurance.  I agree with that and I would add that an FMS is a unique kind of insurance, the kind that has a very short shelf life, because if you don’t keep it updated, it loses its value very quickly because the fraudsters are coming up with new threats all the time.

2 What are the most important requirements for good fraud management software?

I guess the short answer is that good fraud management software needs to continuously evolve and mature over many years.

An FMS is a living and dynamic thing because the threats are ever-changing.  Our adversaries are technically savvy and well-funded criminal organizations who have targeted telecom as an ideal place to steal money.  Yet as soon as you plug one fraud hole, they are finding other places to penetrate our defenses.

So the collective intelligence in the software and the operator-to-vendor partnership required to make it all come together makes a huge difference.

The scalability of the FMS solution also matters greatly to some clients.  For instance, we have an operator customer in Brazil with more than 90 million subs and a footprint in mobile, fixed, cable, and broadband internet Even the fraud management staff is big at this operator — more than 60 analysts working 24/7 shifts.

3 How do you manage to keep your FraudView software up to date and synchronize the many rules changes and the need to constantly address new threats?

An expertise in fraud management doesn’t come from sitting in a lab or reading articles on the internet to find out what threat feature to add to the suite three months from now.

On the product side, we work hard to ensure the software is as flexible as possible.  For instance, the FraudView “ad-hoc reports” capabilities enable non SQL experts to easily generate queries and reports from free format text.

The number, size, and variety of data sources has greatly expanded over the years too.  Call detail records are still key, but today our customers are taking in feeds from a wide array of sources — even things like financial platforms supporting Mobile Money and malware detection mechanisms in security.  And these new interfaces and new patterns are then embedded back into the product.

4 How do you get customers involved in improving the FMS product and getting new fraud scenarios into the suite?

Our predefined controls library is key here.  FraudView’s built-in controls library is constantly being written and updated with input from fraud managers and analysts around the world.

Let me give you an example.  Bypass fraud is one of the most damaging fraud types worldwide.  The customers that we have in Asia Pacific suffer huge losses because of bypass traffic.  Fortunately we now supply them with a dedicated bypass module based on the experiences of our other customers.

One particularly helpful addition in this bypass area came from a customer’s ability to detect the activation of SIM batches — firing up multiple SIM cards at the same time.  This batch detection capability was a real breakthrough and it is now embedded in our FraudView baseline software, so all our customers can share and benefit from our experience.

In the mobile money area we are often getting daily inputs from operators in Africa and Asia where that service is on the rise.  In fact, a tier 1 operator in Africa (22 million subs) launched its mobile payment service only after we provided them with the proper controls to monitor this new service.  This set of controls are now offered as part of FraudView.

5 What performance and scalability issues do fraud managers need to be concerned about in the future?

With the rise of mobile broadband in particular, we expect FMS performance and scalability issues will spike in importance in the years ahead.

By the way, you can’t just plug in these systems and expect them to scale.  It often takes years to stabilize such large systems.  This is key aspect of so-called “product maturity”.  Without that scalability, you’re not going to succeed with Tier 1 operators, such as one Asia Pacific client of ours who now processes over 10 billion records a day on our solution.

The need for real-time detection is another driver of high performance and scalability.  Real-time detection can minimize financial damage because you are detecting it that much faster.  In services such as PRS calling and PBX hacking this is definitely the case.  When you are detecting illegal attempts to hack into IVR’s, it’s also key.

6 Over the last decade, a number of software firms have dropped out of the fraud management market.  Why did those companies fail?

Fraud management is a constantly evolving space and fraud departments at the telcos have become more sophisticated.  The challenge for fraud departments to keep up with evolving technology has never been greater.  So I think the fast paced nature of the fraud business is what’s made it hard for the small vendors to keep up.

Being in the fraud management space for many years, I remember certain niche players who launched big marketing campaigns, but in the end had a too-narrow product offering, so they could not stay in the game over the longer term.

7 What will the impact of Mobile Money and LTE be on fraud?

You’re right to identify LTE and the Mobile Money as the two biggies.  I would say we are all still learning.  There are still a lot of unknowns here.

Now Mobile Money has been established in several areas around the globe for more than two or three years in Africa and in the Far East.  We have 2 customers that launched Mobile Money services a year and a half ago and we work closely with them on detecting new fraud patterns in this domain.

Regarding LTE, we recently showed our capabilities in a Catalyst project that was presented in the TM Forum Management World Americas event in Orlando.  The project was championed by operators such as Digicel, Etisalat Misr, MTS Allstream, and Rogers Communications, and it demonstrated detection and analysis of the vulnerabilities related to LTE.

8 Is fraud management forever destined to be a cost to the business?  Can it be turned into something that will enhance the telecom's relationship with its customers?

I think the secret to turning an FMS into a business enhancer is to focus on protecting the enterprise customers who are affected by fraud threats.  One particular area of promise here is feeding vital intelligence about PBX hacking.

PBX hacking is a headline topic with telecom operators these days.  The CFCA says PBX hacking is the number one fraud issue around the world with 4.6 billion U.S. dollars of damages worldwide.

Early in 2012 we launched our enterprise fraud management package which goes a long way to containing PBX hacking issues.  Once again, this solution was the result of a customer contribution.

Actually, a fraud manager at one of our customers worked with an enterprise customer of theirs who owned a PBX.  A reporting relationship was created where the fraud department would alert the enterprise PBX owner whenever there was a suspected case of PBX hacking.

Little-by-little, this relationship got tighter as the enterprise manager came to view the operator’s fraud report as a valuable service.  So this is how we came to build the enterprise fraud management module into FraudView.  Today, some of our operator customers resell the solution to their enterprise customers as a service.

Not only does this fraud alert service increase the stickiness of an enterprise customer, it also boosts the reputation of the fraud department within the larger telco organization because fraud management is no longer a mere cost center. 

9 Tal, thanks for these insights.  To close, are there any other factors we’ve not yet discussed you view as important?

Dan, the final thing I think buyers need to be mindful of is the actual business model of the FMS supplier.  An FMS will generally gravitate to one of two poles: either a product-heavy or services-heavy solution.  In the services-heavy model, the vendor sells a base software product, but makes most of its money on add-on professional services such as consulting and making configuration changes.

FraudView, by contrast, is a product-heavy solution.  We throw as much intelligence as we can into the product itself, realizing that the client gets the freedom and flexibility to configure the product on its own with very little handholding required from us.

So how do we accomplish that?  Well, many vendors will offer you additional consulting services around best practices, but to us, best practices is often a matter of simply embedding more pre-defined controls in the product.  Similarly, rather than sell consulting around fraud rule creation or the setting of thresholds and filters, we embed those rules into the product itself and let you decide which rules you want to activate.

To be honest, it’s the expert users and managers at our clients who supply many of the innovations in FraudView.  Listening to our clients’ suggestions and studying their problems gives us valuable input on new features we need to add to FraudView, whether it’s to detect new threats , add new controls, or improve other aspects of the product.

In a sense, we maintain two monitoring systems for fraud.  The first is a our FMS product that detects fraud through rules, controls, and analytics.  But our second — and equally important -- monitoring system is our own eyes and ears.  It’s about being close enough to customers that when they have an issue, we can respond quickly to protect them, then add these new capabilities to the product so that the benefit can be shared with our greater family of customers.

NOTE: Are you a product manager or expert whose solution serves the business assurance or telecom analytics market?  Then contact Black Swan’s editor Dan Baker to explore conducting a similar Q&A interview.

Copyright 2013 Black Swan Telecom Journal

Tal Eisner

Tal Eisner

Tal Eisner, Senior Director Product Strategy as cVidya Networks, has been active in the telecom arena for over a decade in several fraud management roles.

Tal started as a fraud prevention team leader at Cellcom, the largest mobile carrier in Israel, then served as Director of global consultancy services atCtel Ltd.  In 2008 Tal became Fraud Prevention Department Manager for Partner Communications Ltd (Orange Israel) until mid 2010.

At cVidya he manages fraud management products, strategy, road map and developments.  Tal is a graduate of the Tel Aviv University and earned his BA in political science.   Contact Tal via

Black Swan Solution Guides & Papers

cSwans of a Feather

Related Articles