|© 2016 Black Swan Telecom Journal||•||protecting and growing a robust communications business||• a service of|
|Email a colleague|
I’ve just returned from an excellent conference in London — the Wholesale Fraud Forum 2015, put on by Capacity Magazine.
The conference shed some much needed light on the key role large wholesalers play in keeping a lid on international telecom fraud.
Through the big data study of suspicious traffic, the careful screening of suppliers, and the mentoring of its retail carrier customers, the wholesaler not only closes fraud leaks but makes the telecom market a more efficient and profitable place to do business.
One of the leading practitioners of wholesale anti-fraud operations is Tata Communications, the largest international transit carrier worldwide, carrying about 20% of the international wholesale voice traffic.
And the conference featured a great presentation by Tata Communications’ Robert Benlolo, Senior Product Manager Product and Business Strategy and head of overall fraud management. Robert joins us in the discussion below to explain Tata Communications’ highly organized and multi-threaded approach to wholesale fraud prevention. Lots of useful tips for both retailers and wholesalers are here. Enjoy.
|Dan Baker: Robert, the title of your talk at Wholesale Fraud Forum 2015 was on the “Arsenal of Tools” Tata Communications has built up to combat fraud. What anti-fraud tools have you acquired and what motivated you to make that investment?|
Robert Benlolo: Actually, Dan, for 10 years we have been investing heavily in fraud management tools, people and processes. And one of the key reasons we did that is to support our growing managed termination and outsourcing business.
For customers who get managed services from us, we take on their entire transit and international traffic. So when you have a great responsibility like that, you feel compelled to do more.
In our first managed termination deals, for instance, we didn’t have the elaborate fraud systems we have in place today. Customers at the time were happy with our price and voice quality, but they started asked questions about fraud issues that were recurring month over month.
So as a wholesaler we decided to take the problem head on. Our decision to invest was a very rationale one because if you lose the trust, you lose the traffic.
Now we have many solutions in our anti-fraud arsenal. For instance, there’s a Subex hosted solution that filters all the traffic: 100 million minutes a day go through that system to spot strange patterns and alert us.
We also have the IPSoft, the industry leader in False Answer Supervision (FAS) detection and removal. We tried to detect this problem ourselves, but it was impossible because suppliers who commit FAS use some sophisticated blending and commit FAS fraud randomly. So if you don’t have tools like this, then it’s impossible to detect. But when you do detect FAS, the suppliers are automatically removed and then we send them the CDRs to prove the FAS traffic.
On the testing side, we have CSG, the former Ascade, who does testing to make sure our suppliers are giving us the right quality.
Then we have our own internal secret sauce for routing and customized alerts. Every managed service customer has its own set of requirements and this we build in-house. This is the reason why Tata Communications recently came up with the Fraud Protection toolkit offering, a complete managed solution to protect service providers against several forms of potential fraud.
|What about your internal processes and people fighting fraud?|
Of course, we have dedicated resources within Tata Communications trained to pursue fraud issues vigorously. If there’s a hacker convention somewhere trying to improve their hacking methods, we are probably aware of it: we go to great lengths to keep current.
Now we also widely sell our anti-fraud strategy within the Tata Communications organization. In the past we had groups within the company who tended to take on more risk. For instance, people in sales and marketing would sometimes sign up a new customers or supplier who was more risk-prone.
What we’ve done is make the organization more accountable. So whenever there is a fraud case with a supplier, for example, we engage everyone who was involved in signing them up as a supplier. And it’s their job to help us fix the issue.
So it’s a deterrent for them because it’s not a friendly process: lots of questions get asked internally about due diligence, etc.
|How exactly do you perform due diligence on suppliers?|
Honestly, ten years ago it was fairly easy to make the cut and become an industry wholesale Tata supplier. Today it’s not so easy. For example at Tata Communications now, a supplier needs to answer a few long questionnaires because we emphasize “know your supplier”. We ask ourselves tough questions: why should they be in-route? What’s their competitive advantage? In short, we want to know the carrier’s strength before doing business with them.
For suppliers we have little historical information on, we require them to sign an active anti-fraud amendment that says if they commit fraud or FAS, we withhold payment. Then, when a supplier is caught engaging in FAS, they are automatically removed and not put back in-route until they sign an anti-fraud amendment.
We also have a team that focuses on pre-testing. For example, we go so far as to test unallocated numbers on a prospective supplier to see what kind of release code they send back to make sure they have the proper numbering plan. And once a supplier is in-route, we do random testing because a supplier can give you great service in the beginning, but some have a tendency to degrade their service over time.
|What are the telltale signs that a prospective supplier is a potential fraud risk?|
Dan, a lot of this is common sense. And there’s plenty of fraud expertise and common sense within our company. The challenge is sharing this good information and intelligence with those who need to know.
But some potential suppliers wave a big red flag. For instance, if the supplier is incorporated in Gibraltar, uses equipment in Liechtenstein, banks in Australia, and offers low A-to-Z rates, they are not going to make the cut.
But our most potent weapon perhaps is the thorough analysis we do on a supplier’s rate sheets. We have a dedicated team who does exactly that.
For instance, looking at a rate sheet we recently receive from an operator, we noticed several discrepancies. Number one: they advertise a Premium route when we know from our long relationship with the carrier that a Premium route does not exist in that country.
Analyzing other codes in the rate sheet, we find those codes don’t exist or are unallocated code ranges. They even sell “Country X Mobile” at sub-market rates. All this evidence points to one thing: the supplier is out to make a fast buck. They would never pass through our rigorous filter.
|What measures do you take to protect your wholesale customers?|
We have many programs, and the key to it all is good prevention.
When a new customer first comes onboard, they get a “Welcome to the Family” package that includes access to a private portal that allows them to check their traffic and discover variances.
Another part of that welcoming kit is our Customer Security Checklist — in two pages. The first page scares them a bit, explaining the telecom fraud cases and common problems. Then on the second page is a detailed list of configuration and IP configuration mistakes. So we sensitize them to fraud issues right from the start.
Another thing we do is have our salespeople engage with these new customers. One of our chief concerns is they may have hundreds of price breakouts they probably don‘t need. Paring down that list takes some time and effort, but it saves a lot of trouble later on. We approach them and say, “Let’s go over your past year’s (or past two-year’s) traffic to see what destinations you’ve never had traffic to.” And we urge them to block those destinations. Worse case, we’ll open the route for them later on. But by blocking at the outset, we save many headaches.
Now if a customer is reluctant to block destinations, we have a second option: limit their capacity to those risky regions. Why have your entire interconnect capability available for these routes on weekends, for example? So this is a very popular option with our customer base because it limits their exposure.
Working from the retail side, we also have subscriber traffic management and blocking — basically a monetary threshold for each A number (or subscriber). For example, our retail customer can say: “I don’t want my subscribers to make more than $250 a month on international calls.” So as soon as that limit is reached, we block the calls.
This is especially useful in preventing PBX hacking fraud where you see one A number doing $10,000 in fraud. It’s a blend of credit control and fraud prevention. And, of course, the customer can easily reset the monetary threshold any time.
|How do you manage and block number ranges that are a fraud risk?|
Well, we firmly believe that a number plan strategy is critical. If you don’t have one, you’re going to become a victim. Luckily there are some fantastic vendors out there who have numbering plan tools.
Our team is tuned into industry resources such as the GSMA Fraud Forum and many internet sites. To date there are more than 22,000 ranges we block — and each range translates to many more actual numbers. We are adding code ranges every week and as soon as one of our customers has an issue with a number, we block the number for all.
Daily we block about 400,000 attempts on these fraud ranges. We also go to the high fraud destinations and focus on blocking the unallocated numbers within these ranges because there’s a whole sub-industry of resellers who specialize in distributing unallocated numbers.
|Thank you, Robert, for this illuminating look at how wholesale fraud works at Tata Communications. It’s impressive.|
It’s my pleasure, Dan. Happy to get this information out into the marketplace. When you think about it, perhaps the biggest fraud threat is carrier complacency. The right attitude is be paranoid about the fraud threat.
And yet, lots of carriers out there don’t have robust fraud management systems. Plus there are lots of “easy carriers” who will connect with anybody, and they’ll make short-term gains. When we spot them and see the trend, we discretely remove them from the route because we know their strategy is to fleece the inexperienced operators out there.
Without some visibility, you are surely going to see mid- to long-term loss of traffic. I would urge both wholesale and retail carriers to keep their fraud program simple and make incremental improvements. There are a lot of industry groups you can join and they are very helpful. Finally I think you need to engage suppliers or customers when stuff happens because you need to put them on notice.
It comes back to Tata Communications’ anti-fraud motto: if you lose the trust, you lose the traffic.
Copyright 2015 Black Swan Telecom Journal