|
Fraud
Coming up with a clear definition of the dividing line between what
is legitimately a “fraud” operation , and what is a “revenue
assurance” operation can be difficult to do.
Clearly, any situation where fraud occurs, there are revenue
assurance consequences.
For many reasons, some telcos treat fraud as just another part of
revenue assurance, and others consider it a separate function.
Fraud management is the process of identifying, stopping
and or preventing situations where customers, employees or
professional
thieves set out to make use of telecommunications services with the
intention
of avoiding full or partial payment. With such a broad definition,
it is clear that
several different types of fraud can occur, this include:
 |
Outright theft of bandwidth–
where parties actually tap into
existing telecommunications circuits and make use of capacity
without any form of registration or identification of themselves
as customers. This can be done in many ways including:
 |
Unauthorized physical invasion of
the network |
|
Employee assisted physical invasion
of the network |
|
Employee executed sabotage of
billing and metering mechanisms |
|
Employee executed unauthorized
adjustments to accounts |
|
|
Misrepresentation of
identity– where
parties use false identities and credit references in order to gain access to
services which they will not pay for. This can include:
|
People who create false identities
|
|
Those who “steal’ the identity of
real persons or companies) |
|
Contracting services for which you
do not intend to pay – in these cases the person does not
misrepresent their identity, but does misrepresent their ability
of intention to pay |
|
Obviously, fraud can
occur anywhere within telco operations (from the physical security
of switches and cables, to the integrity of the revenue collection
mechanisms to the integrity of the call center, sales and back
office personnel themselves).
Fraud Management Processes
 The basic job of the fraud management group is
to review everything that the revenue assurance group already does,
and identify those areas where the intentional circumventing of the
processes can or has happened, and to build mechanisms that insure
that it won’t happen again.
While cases of fraud have been found in almost
all areas that we have mentioned as part of revenue assurance, there
are certain areas where the fraud management group will focus. These
include:
|
Detection and prevention of the theft of
services - Since the biggest cash exposure that any Telco faces,
after that of overdue collections, is the money owed to other
carriers for inter-carrier and roaming traffic, making sure that
fraudsters have not figured out how to run up large long distance
bills is usually the first job of any fraud management group. |
|
The prevention of long distance services theft is usually managed
by sophisticated fraud detection systems that accept real time
feeds of switching activity CDRs and make use of data mining and
other predictive and modeling techniques to identify the usage
patterns that most typically represent fraud, and then send up
alarms to the fraud management team, which then responds to the
warning. |
Back to top
Fraud
Management Systems
Within the area of telecommunications fraud,
there is a special subset of software known as Fraud Management
Systems. Although there are many things that these systems may do in
relation to fraud, the principle function of most of them is the
real time monitoring (or near real time monitoring) of
telecommunications traffic, in order to detect and alert the Telco
to telecommunications traffic patterns that might indicate that
fraud activity is underway.
The basic way that this software works is as
follows:
|
A direct (or near direct) feed of call
detail records (and/or other traffic information) is fed into the
fraud management system. |
|
The fraud management system software then
scans the traffic activity, and looks for different patterns of
activity that historically have indicated a high probability of
fraudulent activity. |
|
When the system detects these patterns , it
generates what is known as alarm. An alarm is simply a message to
the fraud management team alerting them to the fact that a
suspicious pattern has been noted. |
|
The team then performs an analysis of the
alarmed pattern, through the use of tools that allow them to
understand the customers usage history, the companies policies and
other pertinent aspects of the traffic. |
|
If the team determines that the probability
of fraud is high, they will take appropriate action and cancel the
account and services until the customer can explain the behavior.
|
Back to top
Credit Exposure Minimization
Some telcos have actually taken their fraud management systems and
modified them to provide credit risk exposure prevention jobs, along
with the formally defined fraud detection mission.
Under this scenario, the fraud management
system is utilized to help detect when the customer has gone often a
predefined number of minutes of service (based upon their credit
history, payment history and credit risk).
The system will then send out alarms when the
customers credit limit is surpassed, and the customer will either be
called, or the account might just be turned off until some kind of
partial payment is made
Back to top
Customer Identity Verification
Making sure that the subscriber has a valid name, address and credit
history. Usually performed as a part of normal credit processing.
Integ rity
Audits of :
|
Network physical plant |
|
Network revenue information collections mechanisms |
|
Mediation |
|
Billing |
|
Collections |
|
Dunning |
|
Sales and Activations |
|
Call Center and Service Order Processing |
|
Account adjustment process |
Back to top
There are many
ways that leakage can occur within the fraud space. A partial list
includes
|
Stolen
minutes / capacity |
|
False identity –
|
|
Identity theft
|
|
Misrepresentation of ability or intention to
pay |
|
Unauthorized physical invasion of the
network |
|
Employee assisted physical invasion of the
network |
|
Employee executed sabotage of billing and
metering mechanisms |
|
Employee executed unauthorized adjustments
to accounts |
Back to top |
