Email a colleague    

October 2018

Art of the Fugue: Bringing the Baroque World of Telecom Reference Data to Fraud Management

Art of the Fugue: Bringing the Baroque World of Telecom Reference Data to Fraud Management

bar-oque
adjective

a style of European architecture, music, and art of the 17th and 18th centuries featuring ornate, complex or intricate detail.  Examples in architecture are the palaces of Versailles and the work of Bernini in Italy.  Baroque music composers include Vivaldi, Bach, and Handel.

Telecom’s mission is to distribute voice, data, compute and other media by harmonizing and interconnecting lots of baroque (complex) things in the real world.

Let me expand on this “baroque” theme a bit by summarizing the ideas of Professor Robert Greenberg, an expert in music history:

Johann Sebastian Bach (1685-1750) was the most famous of Baroque composers, writing pieces for the harpsicord and the big pipe organ he regularly played at his local church in Leipzig, Germany.

Now Bach’s compositions were somewhat constrained by the instruments available in the Baroque era.  The harpsicord, for example, was a plucked-string instrument that could not sustain a tone.  Then in 1700, the Italians invented the piano, an instrument where the strings are struck by a felt hammer, enabling full control over of a tone’s length and volume — from soft (piano) to loud (forte).

This greater expressive quality of the piano revolutionized music.  Its popularity brought on the Classical age of music led by Mozart and Beethoven.

But we’ve still got to give Bach credit!  He optimized Baroque music, even though the instrument “technology” he had to work with was not that agile. 

For instance, he developed ingenious polyphonic techniques such as Counterpoint that layer multiple melodies on top of one another.  Even today, musicians are impressed by the intricate detail and ingenious techniques Bach used to compose his fugues.

OK, let’s now circle back to telecom.  Only telecoms are equipped to deliver a global comms network that harmonizes today’s digital tech with yesterday’s baroque or legacy tech — which isn’t go away.

And to marry those very different worlds requires the expertise of Bach-like minds — network engineers, system architects, and other experts skilled in managing enormous detail and very ugly processes.

Now one crucial such area is telecom reference data — keeping track of identifiers such as telephone numbers and other IDs whose status constantly changes.

One company who focuses on collecting and organizing this highly dynamic data for 50 operators around the globe is Biaas, a UK firm in business since 2006.

So the following is a conversation I had with Guy Howie, Managing Director of Biaas, who explains the role of telecom reference data in billing, revenue assurance, and pricing analysis.  He also gives details on four new reference databases they now offer specifically for fraud control.

Dan Baker, Editor, Black Swan: Guy, you are doing very unusual telecom work.  I’m curious how you got started in what looks like pretty painstaking data analysis.

Guy Howie: Dan, we’re a small team of data techs who kind of fell into this niche.  The three top experts here at Biaas come from different backgrounds.  I have a chemistry degree and became a Chartered Accountant.  George is a biologist, and Rohan got his university degree in mathematics.

Thirteen years ago Biaas came together to help British and European telcos to bill international voice more accurately.

I used to work in the cable industry at Telewest, a division of the U.S. based Liberty Media.  And in my job, which involved auditing international voice traffic, I could see how much money we were losing because we didn’t have an accurate database of international mobile phone number ranges in the billing system.  And this was during the heady days of mobile growth when new number ranges were popping up all the time.

Frankly there was no industry standard way of updating the telephone number databases.  Every telco was doing this on its own — and not doing it well.

So 12 years ago I broke out on my own to start Biaas with a mission to build a more accurate database than anyone in Europe had at the time.  It was called Global Number Range Management (GNRM™) database.

We designed the GNRM database for retail use, and so it had retail billing levels of granularity.  Operators in North America use the LERG database which supplies vital voice routing information across the US, Canada, Mexico and the Caribbean.  It serves a similar function.

Fortunately, over the first few years of offering the database, we gained some big customers like BT and Virgin Media, and so GNRM became integral to the billing processes of several top carriers.  We sell this vital data as an on-going, constantly updated managed service, and it includes all the allocated number ranges of operators around the world.

Now along the way we added services to our mix such as managing national pricing for several companies — not just international voice, but also national terminating voice for operators in France and the UK.  Another value add is the database stores more sophisticated configurations for billing.

So today our database service is vital for managing their international tariffs, and we also serve companies carrying international phone cards.

But recently you’ve started to offer a new database specific to IRSF fraud protection.  How did that come about?

Well, there was great interest from our customer base.  People were telling me: “Look, we’re using GNRM in billing, but you haven’t given us anything to help our fraud systems.”

So we spent 18 months developing a new database we call the Fraud Number Range Management (FNRM™) Database that identifies IRSF fraud at four levels:

  • Unallocated Destinations prevent IRSF fraud through calls sent to unallocated ranges;
  • IRSF Invalid Digit String Lengths identifies destinations with incorrect digit string lengths that are regularly routed to in IRSF frauds;
  • Higher Cost International Destinations allows an FMS to discover all the higher cost destinations that are a frequent target in IRSF frauds; and
  • IRSF Test Numbers which tracks the numbers fraudsters use just prior to running an IRSF campaign.
Biaas Fraud Analysis Flowchart

Guy, what’s the value of tracking the unallocated number side?

Well, the trouble with unallocated numbers is nobody has a list of them because they are not yet allocated to a user or service provider.  Regulators and operators only publish what’s been allocated.

For example, in the UK you cannot dial a number beginning with 4.  Likewise, when dialing International destinations to many countries you can’t type a number beginning with number 0 after the International Prefix.  For instance, I can’t dial a zero after the prefix +44 when dialing back to the UK from Overseas.

Generally, if you dial a zero when you dial internationally that’s not a valid destination.  However, interestingly, if you dial into the Ivory Coast, the zero is actually valid.

So this begins to show what a sheer headache it is to collect and organize rules for correct dialing of unallocated numbers.

Telcordia developed an unallocated number database.  As far as I know they are the only other party that supplies such a list.

From an IRSF standpoint, if an unallocated number is in our database, it’s another sure fire way of prioritizing the blockage of the number.  But having accurate reference data is crucial to knowing whether this is an unallocated number or not.

Having an accurate list of higher tariff destinations around the globe sounds like a no brainer.

It should be since most of the higher volume calls internationally are to higher tariff destinations.

Now there are certain exceptions that also fit in this category.  For instance, Caribbean countries like Jamaica have moved up in the ranking of fraudulent destinations, even though their tariff is not that high, so we include those.

Frequently a fraud analyst doesn’t know whether a destination is expensive or not.  They don’t have the reference data to do that.  They say, “Gee, do I need to be concerned about this destination or not?”

Famous destinations like Somalia, Gambia, and Liberia are known for their expensive prices, so if you see a spike in traffic there, you know you’re got a problem.

But if you’re a startup telco, say, in India, you don’t have this common knowledge, so having this data at your finger points saves analysis time.

So we update all the expensive — and some mid-range — destinations the fraudsters most commonly use, and put that into the reference data.

Having that data constantly refreshed and available allows you to prioritize your IRSF alerts, and enables the case management inside your fraud control engine to be used more efficiently.

Same goes with our reference data for IPRN test calls.  If someone calls a test number, that’s a very high level indicator that a fraud is about to occur.  But not all frauds are preceded by test number checks.

I think the key point is you need multiple data sets to keep up with the today’s fraudsters.  One control alone is not going to stop fraud.  So we intend to become a one-stop source for fraud reference data of various types.

How have you priced your fraud number database?

To be honest, Dan, it’s been much easier building a case for buying our billing database.  It’s been easy to show that without our database, the operator is missing a few dial codes and prefixes which costs them maybe $10,000 a month.

With fraud, it’s a bit harder to explain the ROI because it’s not as clear cut.  But we’ve brought the price down so it’s affordable to all operators.

The bottom tier cost for a smaller operator is $5,000 per year.  And for a bigger group of companies, we are looking at about $40-to-$50,000 per annum.

We are confident our pricing will be attractive to all operators.  And we have small customers who we sell our other database to already, so we know what the market can bear.

Why don’t the risk and fraud control software vendors get involved in supplying these databases?

Actually we are working with fraud vendors today.  Some of them have integrated our data into their system.  Subex, Neural, and Intrinsic Systems for example, have done a terrific job of integrating the FNRM™ data into ROC Fraud Management, Optimis Fraud, and iFraud-lab Fraud Management Systems respectively.

I think, though the software vendors are good at developing the analytic tools to fight fraud, they don’t have the experience and skillsets to be collecting this data from worldwide regulators and other sources.

The challenge we have is researching every single code change that happens internationally.  We monitor the regulator websites.  We’ve got web-enabled ways to notice when things change on those sites.  We also check carrier price lists that come out on a weekly basis.

We have change-control processes for all of this internally.  There’s an awful lot of checking we do to ensure accuracy: absolutely critical when it’s used for billing.

Guy, thanks for the fine briefing, Guy.  Relying on good telecom reference data makes the IRSF fight easier. 

Dan, actually many things must come together to do fraud protection well: trained analysts, software tools, and processes.  But another key pillar to doing good fraud control is accurate telecom reference data.  That’s what we do here at Biaas.  And I think every operator around the world deserves to look at how we can affordably solve that problem for them.

Copyright 2018 Black Swan Telecom Journal

 

About the Experts

Guy Howie

Guy Howie

Guy Howie, CEO of Biaas, is a Charted Accountant (CPA in the US) and Certified Information Systems Auditor.  Having read Chemistry at University, Guy started his career in Finance working for various companies including Ernst & Young in London.

Guy subsequently began his Telecoms career in 1999 within the Cable Industry (was known as The Cable Guy!), and after several years saving big bucks leading teams in Revenue Assurance and Business Intelligence, Guy found an opportunity to set up Biaas in 2006.

Guy has a family, loves to travel, and will be off windsurfing whenever the wind is blowing hard.   Contact Guy via

Recent Articles