Every year, telecoms fraud results in operator losses of over $28 billion. This was the sobering statistic with which BICS’ Head of Fraud Prevention Katia Gonzalez opened a panel discussion on Fraud and Security.
Part of BICS’ Future of Connectivity event, we hosted two expert- led sessions to help the telco community understand from their peers what the major threats are, and how they can best protect their businesses and safeguard their customers.
Here are our top three takeaways.
Joining BICS’ Expert Fraud & Security Panels were:
Katia Gonzalez, Head of Fraud Prevention and Security, BICS
Guillaume Lavernhe, Senior Product Manager, Fraud and Security, BICS
Alexandre De Oliveira, Telecom Security Expert, POST Cyberforce
Thomas Bwaley, International Voice Management Unit, Safaricom
Artem Okhrushchak, Head of Traffic Management Unit, Kyivstar
Carlos Belloso, Senior Director Product Management, Comcast
Sergey Razmakhnin, Network Cyber Security Manager, Navinfo
Oleg Yashkir, Cyber Security Unit Manager, Kyivstar
Technology: attack vs defence
As new technologies are implemented by operators, fraudsters find new opportunities. When new technologies are deployed to safeguard these assets, fraudsters find ways to exploit their weaknesses. This is the ongoing battle operators face in preventing fraud. “With new technology, fraudsters simply have more options to choose [from] when it comes to their techniques and tools,” commented Okhrushchak. Using ever-more sophisticated infrastructure, fraudsters can “adapt to detection methods,” continue to bypass fraud defences and mimic real-life end users. This enables them to infiltrate networks and exploit operators and subscribers.
But there are new ways that operators are leveraging technology to prevent fraud and the resources needed to safeguard their operations.
Take automation, for example. Fraudsters are launching robocalling campaigns with the goal of obtaining either money or personal data from subscribers. In fact, regulation has been brought in to try and mitigate automated attacks, as Belloso pointed out: “Computers making hundreds of thousands of calls per second have caused a growing wave of robo-dialing for years. This has generated a lot of nuisance and fraudulent calls which have become the number one complaint to the FCC in the United States for years. This year, the U.S. government mandated the implementation of Shaken and Stir in the effort to help authenticate the A-numbers as part of the broader effort to protect consumers from this.”
However, automation can also be harnessed by parties to prevent fraud, scaling the work traditionally done manually and protecting networks around-the-clock.
Alexandre of POST Cyberforce, the team of cybersecurity experts from POST Luxembourg, shared an example of technology and automation in action. Wangiri attacks – and in particular, the timing of attacks – have long been an issue. POST Cyberforce hoped to address this by implementing a new strategy and solution.
“These campaigns always start Friday night or weekends when teams are with their families,” he said, when human resources were not available to manually protect against the Wangiri threat. “We took the approach to say, ‘how can we automate 100 persons’ response to fraud?’” Using customer and call information from the past six months, Alexandre explained how the solution leveraged data analytics to automatically detect and block potential instances of fraud.
The solution also helps ensure that legitimate traffic isn’t blocked accidentally. “We have plenty of banks that are calling all over the world, so we cannot just pretend that because they’re calling in Africa, South America, Middle East, etc its fraud,” said Alexandre. Because “each customer is different and each customer could have really different patterns,” the data from traffic is analysed and scored, based on insight into the different rates and the usual times and locations that a customer is calling. Anomalies from the norm can be identified automatically and the risk of blocking legitimate traffic massively reduced.
Strength in numbers
At BICS, we’ve long advocated the importance of a collaborative approach to fraud prevention and reduction. This was strongly supported by our panellists. As a result, knowledge can be shared and information on incidences can be constantly updated, helping the industry to keep pace with fraudsters.
Carriers have a “critical role” to play, said Bwaley. These players have a wealth of customer data and deep insight into networks and as such, can “act as the bridge between different operators.” However, “it’s not just carriers; it’s all players across the ecosystem” that must work together to reduce fraud, Bwaley added.
Industry bodies such as the GSMA are also contributing to the fight against fraud. This can involve maintaining databases of fraudulent numbers, facilitating forums and working groups, funding research, and developing regulations. For instance, the GSMA has created “the ISAC community, to share information about telecoms security” without having to divulge confidential information, explained Alexandre. This is free for members of the GSMA, continued De Oliviera, and allows operators and others to share information confidentially.
In addition to inter-organisation collaboration, intra-organisation collaboration is needed. Traditionally, fraud and security were usually the responsibility of different departments within companies. As such, said Okhrushchak, “expertise in the organisation is split between different domains.” Things are changing, and where once “IT and telco were divided into two separate streams,” they’re now converging. This must be reflected in convergence of personnel and resources. “The key is collaboration between different departments. Between IT, Security, Antifraud and Network Operations and Engineering .” So that they can “exchange knowledge and propose how to contradict different types of fraud.” This is “how to beat different types of fraud,” Okhrushchak concluded.
We owe it to our customers and society
As our panellists described, fraudsters are adept at keeping pace with technological advances. Telco players must therefore never stop investing in – nor developing – their fraud defences. Fortunately, almost 60% of carriers expect to invest more in fraud monitoring/prevention infrastructure in the next 12 months, according to this year’s Fraud Report from the ITW Global Leader’s Forum.
Investment should be an ongoing commitment that evolves in line with technological changes. As telco and digital convergence, for instance, telco players must adopt strategies and tools that combine telecoms defence and IT defence. They must also develop means of protecting new network infrastructure – including next generation 5G.
By securing networks against fraud, telcos are protecting the quality of service they can offer end-users. “In the long run,” said Bwaley, “we want to provide the best quality of service for our customers as well as engagement across networks.” Ultimately, “we secure our returns which are our revenues.”
Despite this outlook, there was consensus from all of our panel that playing your part in the fight against fraud isn’t all about protecting revenue and realising ROI. While revenue is key, said Bwaley, “investing in fraud mitigation is to keep the industry with a sober level of integrity and ensuring that our customers are secure.” This was supported by Okhrushchak who spoke of the “social role of the operator.” This role, he said, is “to beat the fraud and to find the counter measures. It’s not always the case of [being motivated by saving] money or [having to adhere to] regulation.” Instead, “operators see them[selves] as responsible organisations and a responsible part of society.”
Events such as the Future of Connectivity are valuable opportunities for operators and others to come together, take stock of pressing issues and share knowledge and resources to overcome challenges. They enable participants to play their role as responsible organisations in a responsible global community, working together to fight fraud.