Post on 27-Jan-2015
description
Telecom FraudLatest Trends and Combating
Ahmad Nadeem SyedDirector Revenue Assurance & Fraud Management
Mobilink
2
Who I am?
● Currently Working as Director Revenue Assurance & Fraud Management
in Mobilink
● Total Experience – 30 Years
● Telecom Experience – 22 Years
● Expertise- Revenue Assurance, Fraud Management- Billing & Collection- Financial Management- Business Planning and Budgeting- Interconnection and Cost Modeling- Process designing and Computerization
● Published articles in newspapers and international magazines, two books on Telecom & Internet acronyms
3
Telecom Sector is a Favorite
Playground For Fraudsters
Fraud Is A Universal Truth
4
How much are Telcos Losing?
● Rob Mattison of GRAPA estimated the loss upto $40 B (1%-30%) annually in 2005
No. Major Leakage Areas % ShareNetwork
1 New Product development and tariff configuration 13.0 2 Poor system integration from MSC, IN, Mediation & Billing system 12.0 3 Significant configuration changes in any network elements 14.0 4 CDR generation issues at MSC and incorrect usage data 8.0 5 Inteligent network charging failure 8.0
Total Network 55.0 Business & Fraud
6 Retail billing system errors 8.0 7 Interconnect partner payments 7.5 8 VAS partner payments 9.0 9 Credit Management 7.0 10 Frauds (internal & External) 8.5 11 International Roaming settlements 5.0
Total Business 45.0 Total 100.0
KPMG Survey 2009
● Juniper research figured out the loss at $58b (6%) for year 2011
● According to KPMG Survey 2009, bout 45% leakage
pertained to fraud
5
I Would Not Commit Fraud:
Because
● I do not have the opportunity
● My morals do not allow me
● I do not have a motive (May be too old to enjoy the money)
6
Fraud Types - GSMA
Technical1. Mailbox Hacking (CLI
Spoofing)2. IMEI Reprogramming3. Call Forwarding
Fraud4. Call Conference
/Multi -Party Calls5. HLR Tampering /
Switch Manipulation6. SIM Card Cloning7. False Base Station
Attack8. Spamming (SMS & IP
services)9. Phishing and
Pharming10. Mobile Malware11. GPRS Over-billing12. Voice over IP Fraud13. PBX Hacking
SUBSCRIPTION / PAYMENT FRAUD
1. Subscription Fraud2. Proxy Fraud3. Call Selling4. Direct Debit Fraud5. Credit Cards -
Stolen/Compromised
6. Credit Cards - Counterfeit
7. Credit Card-Not-Present Transactions
8. Cheque Fraud
DISTRIBUTION FRAUD
1. Dealer Fraud2. False Agent / Remote
Activation Fraud3. Theft & Handling
Stolen Goods4. Handset Subsidy Loss5. Mail Order Fraud
BUSINESS FRAUD1. Premium Rate
/Audiotext Service Fraud (PRS)
2. Roaming Fraud3. International
Revenue Share Fraud4. Interconnect Abuse
(GSM Gateways)5. Mobile to fixed
network Gateways Abuse
6. False Answer/False Ring
7. Social Engineering8. Internal Fraud9. Normal Business
Fraud & Crime10. Brand Name/Logo
Abuse11. M-Commerce
Provider Content Fraud
12. M-Commerce Provider PRS Fraud
13. Content Theft14. Wangiri
PREPAID FRAUD1. Prepaid Services
Fraud - General2. Prepaid HLR Profile
Manipulation3. Manual Recharging4. Generation of
Abusive Credits5. Scratch Card Abuse
7
New Dimensions Experienced
8
GSM Network/Systems Leakage/Fraud Points
Collection System
BSC
VLR
Other Mobile Networks
PSTNHLR AuC EIR
RBS
RBS
RBS
MSC
GMSCSMSC
Mobile Phone Subsystem
Base Station Subsystem
Core Network Subsystem
SIM + Hand Set
SIM + Hand Set
SIM + Hand Set
MediationIN
Platform
On Net Calls
On Net Calls
GSM Network
Bills
Invoices
Rejected events
Rejected events
Postpaid
Interconnect
Billing Systems
PrepaidRejected
User
User
User
$
$Bad Debt
Bad Debt
International calls
International Roaming
International Gatewy
Voucher Management
Voucher Management
Tariff Management
Adjustments
Customer Relation Management System
Sales and Distribution System
Billin
g, C
harg
ing &
Co
llecti
on Sy
stemTe
leco
m R
isk C
over
age
Sales and CRM
Voucher Management
Leakage
Fraud
9
Opportunity Syndrome
Fraud is all about● Availability of opportunity & ● The ability to avail the same!
The opportunities Could Occur By:● Executive Errors– flawed policies, processes and disintegrated
systems● Incidence – Mistake/Error● Collusion ● Design – Technological Advancement
10
Executive Errors
Flawed Policies● Your money my play – Check payment trickery● Fake Sales – Commission● Fake Mobile Number Portability – (Commission and lack of Regulatory Controls)
Flawed Processes● Bank reconciliation - Transactions Juggling● Fake Bank accounts● Defaulters Restoration ● Illegitimate Loyalty points redemption ● Illegal numbering series creation● Official phone package misuse
11
Incidental
● Tariff table mistakes in network & Billing systems– Masses get benefit
● “Local Prefix” International dialing - Masses get benefit
Design - Technological Advancements
● Bypass Traffic – New Methods
● International Roaming Fraud - Unauthorized Roaming
● Premium Rate Service (PRS) – Number Range Selling
12
What are by-passers doing?
● Using Moving objects like TV Van, Boat etc. with satellite dish
● Access to switch by connecting to OF main cable in collusion with
operator’s technical staff
● LDIs having LL licenses - Replacing “A” number with own LL’s No. and
terminating on national trunks
● Local Loop termination using LDI’s transit service after replacing “A”
No. with own No.
● Ditching controls by
- Avoiding high usage with regard to numbers or location
- Using numbers all over their/other’s licensed territory
13
Collusion
Unauthorized International Roaming ● Inbound Roaming● Outbound Roaming
Defining illegitimate GTs & numbering ranges in host network may be with collusion
14
Combating FraudA Multidimensional Activity
15
Fraud Management Framework
Investigation
Prevention
CorrectionDetection
Saved $ 8 M
16
Empowerment● FM department has requisite authority related to
investigation, prevention and correction● This authority must be:
* Endorsed by no less than CEO* Recognised by other departments
● SLAs need to be signed with other departments
Combating Fraud
17
Cross Functional Responsibility
● FM department can not fight it alone
● FM is dependent on other departments on provision of data and systems
● Detection is a joint responsibility – Outside tips are a major source
● Establishing incident reporting mechanism – (Short Code Portal)
● FM need to be involved in change management process (affecting
revenue) by other departments particularly technical,
● One POC in each department ensuring action
Combating Fraud Contd…
18
Combating Fraud
Real/Near Real time Data Availability● Must be sourced in directly and independently ● Must be both processed and unprocessed● Data includes transactions/CDRs and activity logs
Systems● High speed Data Processing● Varying formats readability● Flexible in terms of business rules definition and data● Administration within FM● Case management enabled● Equipped with Business Intelligence Tools ● Integrated to other financial and technical systems
19
Combating Fraud Contd…
Skill Set ● Forensic Analysts
● Process reviewing competence
One Umbrella● Fraud Management and Revenue Assurance under one chain of command
● Benefits of Synergies – Complementing each other
● Common Data Sourcing
20
Knowing and Ensuringthat
A minute in air is translated into cash in company’s hands
Maximum and In Time
Air to Cash Reconciliation Model
(ATCR)
An End to End Reconciliation Concept
Air to Cash Reconciliation Model
21
Total Traffic
Discounts/Free Minutes
Chargeable
Traffic
Post Paid Voice & VAS
Total Traffic
Discounts/Free
Minutes
Chargeable Traffic
Pre Paid Voice & VAS
ATCRPostpaid Billing System
IN Platform
Accounts
Receivable
Commission Calculator
Bank Recon System
Sales Management System
Customer
Service System
Inventory
Management
Front End Cash
System
OTAR Platfor
m
Voucher Manage
ment System
22
Combating Fraud Contd…Ethical Fraudster
● Job Description – Breaking the process & Systems
● Objective is: * Knowing the Weaknesses of Systems & Processes* Test detection Ability Fraud Management Department
● Planned and Ongoing Activity
● Management Consent Required
Process/System Evaluation● Identifying gaps in the processes and Systems
● Ensuring Fixing
23
Combating Fraud Contd…
Inter-operator Co-ordination● Sharing minimum information about fraudsters and fraud
without compromising confidentiality
● Black listing on all the networks
Regulators Role● Objective – protecting government losses and consumer’s interests
● Issuance of regulations and Systems installations
● Blacklisting fraudsters
24
Remember● Criminals continue to be ahead of law● Colluder continue to join hands● Mistakes continue to happen● You can
- Detect or even stop repetition of the past incidents
- Develop early warning indicators for any new occurrence
- Develop controls for new occurrence proactively but to an extent
● You can not guarantee “No” fraud situation
But ● You can guarantee being Alert 24/7
25
Ahmad Nadeem SyedAhmad.n@mobilink.netansyed56@gmail.com