The exact figures are not available but experts believe that telecom fraud
across the globe costs telecommunication companies between $4 and $8 billion
every year. This fraud eats away into the final profits of telecom companies by
as much as three to five percent. One starts appreciating the magnitude of the
problem when one realizes that most of these companies have annual returns of
less than ten percent.
Fraud
in telecom networks has been a problem that has always plagued the bottom line
of operators. The lure of easy money turns many a man into a fraud. There are
many ways to defraud and abuse telecom networks–especially wireless networks.
Ingenuity and innovation are the hallmarks of this tribe of modern-day bandits.
Telecom companies have a long history of fighting fraud but the imaginative
methods employed by frauds call for continuous innovation of the solutions
deployed to check fraud. Telecom fraud may have grown in sophistication from the
days when pay phones were jammed with foreign coins and telephone wires were
tapped. But in some ways, telecom fraud is as simple and low-tech as ever. Fraud
used to be accompanied by great risk of detection but little risk of
prosecution; now perpetrators can avoid both. Today, as rapid advances in
technology have reduced the risk of detection and increased the number of
exploitable loopholes, telecom fraud is more attractive than ever.
Unaware or Ignorant?
In spite of the fact that many telecom companies worldwide have lost
significant amounts of money due to fraudulent activity in their networks, a
large number of operators are still not addressing this crucial issue. In many
cases, they still feel that fraud does not exist. Even though one wishes that
this be the case, this is never true. Losses due to fraud often get swept under
the carpet as bad debt. A recent study has proved that the portion of revenue
lost due to fraud could form forty to fifty percent of the bad debt component!
Another aspect is the belief that networks based on digital technologies are
secure. The networks that were rolled out earlier used analog technologies that
had several technical loopholes. Frauds exploited these opportunities to make
money. The advent of digital technologies like GSM put a damper on most of the
technical frauds. Perhaps this could be the reason why many GSM operators feel
that they are safe from fraud. However, innovative frauds soon managed to find
simple, non-technical ways to continue their nefarious activities even in
technically advanced digital networks. Catching the offenders is both difficult
and expensive. Most telecom providers prefer to cut their losses by removing
service rather than spending money on the uncertain process of criminal
prosecution.
How does Fraud Happen?
There are many methods employed by unscrupulous elements to defraud telecom
networks. Technical frauds like cloning and tumbling were the major cause of
worry for analog network operators. Such technical frauds cannot be perpetrated
in digital networks (even though there are unconfirmed reports that cloning
could be possible in GSM). A rollout of digital networks, in countries like
India, has resulted in the evolution of non-technical frauds.
Analog phones provide a striking example of how a technology can present an
open invitation to fraud. With relatively inexpensive and readily available
equipment, a perpetrator can monitor signals between analog phones and the
network; picking off phone identity codes and reprogramming or cloning stolen
phones to imitate legitimate identities. A cloner can make thousands of dollars
renting the phone (or selling calls) before the fraud is discovered and the
identity shut down. In that time, hundreds of thousands of dollars in call
revenue may be lost. The prevalence of analog networks in the US may partly
explain the technology-driven nature of many US providers’ responses to fraud
prevention: sophisticated, real-time detection systems that analyze network
traffic. For example, such systems can flag as fraud an identity making a call
from one location and two minutes later making a call from another location on
the other side of the country.
Digital technology is more robust than analog. Nevertheless, GSM service
providers are vulnerable to people who use airtime with no intention of paying
for it. They simply move on to the next network and/or change their identities
when their service is removed. Extensive background checks on new customers are
often impractical and in many countries almost impossible. Iceland, for one, has
online links to a government registry of householders, but data protection
regulation and consumer pressure in many other countries rule out such
investigations. Furthermore, if service providers can’t give customers
near-instant connection, they risk losing business. So providers who have
invested heavily in GSM networks have a high exposure to risk, because they
cannot easily check whether the customers they are signing up are genuine. This
acquires gigantic proportions in a roaming scenario due to the delay in
accessing call detail records and subsequent detection.
Common Types of Fraud
-
Subscription fraud:
Subscription fraud is the most damaging amongst the non-technical frauds.
The methodology adopted here is simple with the fraud obtaining a connection
from the company using the normal, accepted procedure of the company. The
fraud has no intention to pay, and rings up huge bills in very short time
frames. The company comes to know of such high usage only after sometime
(Orange, the cellular service provider in Mumbai, checks customer usage
patterns every week), and by then it becomes impossible to trace the
fraudulent subscriber. Ultimately, all the money that was to be recovered
from this subscriber will have to be written off. -
Call sell
fraud: A variation of subscription fraud, here, the fraud misuses the
call-forwarding feature of the networks and uses his connection to set up
multiple, simultaneous calls for his "clients". The
"clients" pay a less amount of money than they would normally pay
the company. The fraud can, of course, afford to offer such
"subsidy", as he has no intention of ever paying any money. By the
time the bills are raised and the company comes around to collect the money,
the fraud would have made a significant amount of money and got away. Call
selling is one of the major contributors to losses due to subscription fraud
and could account for more than fifty percent of the total fraud loss. -
Internal fraud:
Employees within the operator or associates of the company aid outsiders in
defrauding the network in this kind of fraud. Employees have access to all
parts of the network and are sufficiently knowledgeable to know where to
play dirty. This is one of the difficult to monitor frauds, as employees of
the companies are themselves involved in the act. -
Social
engineering: Here, thieves con someone into giving up their telephone
calling card number by claiming to be from a law enforcement agency, the
phone company or any number of other organizations. Social engineers also
attempt to persuade company telephone operators to give them an
"outside" line, even though they’re calling in on an outside
line. -
Shoulder
surfing: It is an unsophisticated and simple method of fraud where the
thieves look over someone’s shoulder and memorize the calling card number
as it is punched into the phone. More sophisticated hackers sit at airport
terminals, with telephoto-equipped video cameras, and collect bunches of
calling card numbers from afar. -
Toll free
fraud: This is becoming a growing problem as the use of 800 and 888 toll
free numbers is increasing. Thieves call into a company’s toll free number
and hack around the phone system until they get connected to an outside
line. This only works when a computer and not a person answers the line.
Operators in new markets such as India are gullible to such
practices, as the knowledge about fraud fighting is just being developed. Price
Waterhouse Coopers (PWC) recently conducted a study and reported that Asian
mobile operators lose about thirty percent of their revenue to fraud and bad
debt. There have been several reports about huge losses by Indian cellular
operators and it is assumed that operators are losing about ten percent of their
total revenue due to fraudulent activity in their networks. This is quite high
as compared to the worldwide average of three to four percent.
Detection Strategies
Europe has led the world in prepaid cards and services on GSM
networks. Prepaid cards are also popular in the US. European providers believe
that prepaid services reduce their exposure to risk and maximize profitability.
However, the primary motivation for prepaid cards and services is growing market
share, not preventing fraud. The new payment options are aimed at attracting
transient customers who cannot afford high connection fees or who do not want
subscription services.
But
encouraging more people to go mobile may result in more fraud unless steps are
taken to monitor and control prepaid cards and services very tightly. Those
steps need to be taken at the interface between the network that captures call
information and the operational systems that process it. Clearly, the longer it
takes call records to reach the billing system, the greater a provider’s
exposure to risk. If, for example, a customer has a $50 prepaid card, the
provider needs to be able to disable the card the moment that the customer has
used $50 of airtime–not a week or even a day later, when the customer may have
made $5 to $20 worth of free calls. Call records need to be released to a system
that can monitor spending as close to real time as possible, whether this is an
intelligent network platform or the billing system itself. Todays best companies
can process call traffic information for possible fraudulent use within fifteen
minutes of receiving it, reducing their risk factor on each phone to that
quarter of an hour–a considerable blow to those intent on fraud.
Good management processes will also stop insider fraud in its
tracks. Some providers have experienced large-scale fraud when detection systems
are out of service, e.g., during a switch software upgrade that delays call
records from being released to administrative systems for three or four weeks.
Such situations can be avoided if upgrades are planned and tightly controlled,
allowing the ability to roll back the change process if all does not go
smoothly.
Airtime fraud is a concern for service providers, and there
is a strong link between stolen equipment and attempts to use that equipment for
free. Although providers may not feel responsible for the theft of handsets
(many of them do not sell equipment, only network services), they are caught in
a difficult position. If they do not appear to be taking steps to combat theft,
they are viewed as contributing to the problem. But the steps they need to take
may conflict with their own interest–monitoring spending as close to real time
as possible.
A model has been developed for the GSM community where, when
a phone is stolen or taken out of service, the provider informs a central
register operated by the GSM Memorandum of Understanding (MoU) and the
information is distributed to all the MoU signatories. Ideally, each provider’s
administrative systems will evaluate the equipment identity from call records
and check it against the register to determine whether the equipment status is
valid. There are two downsides to this process: It imposes a huge transaction
overhead on the administrative systems, slowing down call data processing; and
no manufacturer can guarantee that each handset has a unique identification
code. In India, implementing this is even more difficult since more subscribers
purchase phones from the grey market, than from the company.
The high demand for mobile services in parts of the world is
also fueling equipment theft. The rapid growth in call volume in Asia has made
it difficult for providers to monitor usage, resulting in the need for large
cash deposits by subscribers as well as expensive service charges. However, the
argument is circular. The higher the value of the service, the greater the
incentive for fraud. Prepaid cards and services in this market will only prevent
fraud if the monitoring systems are in place to enforce them.
Today, many telecom service providers are still unaware of,
or unresponsive to, the level of exposure to serious business risk that telecom
fraud represents. They need to institute management processes and administrative
systems to limit this risk. This means integrating a range of technologies–switches,
intelligent network platforms, billing systems and fraud systems–in ways that
suit their particular business requirements.
There are systems for fraud detection that use artificial
intelligence capabilities to detect ‘abnormal’ usage behavior, which
indicates that fraud is being committed. The system creates a profile of each
individual subscriber’s ‘normal usage behavior.’ This profile is based on
an analysis of Call Detail Records received from the switch. These individual
usage profiles are continuously updated and analyzed on a call-by-call basis.
Behavioral deviations fall into different patterns, which are indicative of
specific types of fraudulent activity. Any deviation from the normal usage
behavior of an individual subscriber is closely monitored. When a specific type
of fraudulent activity is determined to be probable, a prioritized fraud alert
is generated for review by telecom fraud investigators. In addition to
individual subscriber behavior monitoring, these systems have the ability to
monitor the behavior of any network-related entity such as lines, switches, etc.
This ‘network entity’ monitoring capability significantly expands the scope
of fraudulent activities that can be detected by the system.
Although such systems help to combat fraud to some extent,
providers need to understand fraud prevention not merely as a technological
challenge, but as a risk management issue and a strong aid for turning bad debt
into profit.
The Indian Scenario
In December, the CBI unveiled a Rs 400-crore telecom scam
where an operator had leased international lines from VSNL on the pretext of
software exports. Instead, he was using these, as well as over twenty MTNL lines
in Mumbai and Delhi, to provide people with lower cost telephone calls to the US
using the call back facility.
It is very clear from the above that the task of curbing
fraud in telecom networks is a daunting one. The first and foremost task is for
operators to take a hard look at what they are writing off as bad debts and
separate the loss due to fraud from this. Unless fraud is acknowledged, it will
never be fought. Unfortunately, many operators, especially in developing markets
like India, are on an overdrive to attract more and more subscribers to the
network. Some operators are just starting to realize that more subscribers could
as well mean more fraud generation and not necessarily revenue. The next item on
the agenda is to develop a corporate fraud fighting strategy that defines all
the policies and the approach of the organization to this issue. All departments
within the organization will have to be committed to this strategy, as this is a
critical requirement for its very success. The strategy should be complete and
should address all issues like policies to be adopted while signing on new
subscribers, approach to employees, defining security aspects within the
organization, procedures to be adopted when fraud is detected, etc.
A fraud management system has then to be implemented to
detect and curb the fraudulent activity in the network. This is typically a
sophisticated software solution that intelligently profiles each subscriber and
alerts operators of possible fraudulent activity in a timely fashion. It is very
critical to understand the peculiarities of the market and the behavior of
frauds within the network before the solution is selected. An intelligent
selection has to be made after a thorough study of the various options. This
will lead to a steep decline in loss due to fraud.
A country like India does not have a strong system for
establishing personal identity and credit histories or ratings are also not
available. These are very crucial aspects in fraud fighting as the lack of such
systems makes it a lot easier for frauds to have lucrative operations. So, a
fraud management system, to be effective in India, must address these issues of
checking identity and providing credit ratings. Cellular operators like BPL-US
West are initiating a group where all members would contribute the names,
identity and details of defaulters for the reference of other members. Other key
issues are scalability, platform independence for the software, real-time
operation, user friendliness, etc. Support from the government is also
important, and unless the government has a tight procedure for punishment in
place, more and more companies would continue to write off the fraud losses as
bad debts instead of pursuing the offenders in the court of law.
The bottom line is that fraud accounts for a large amount of
money being lost by telecom companies and is an issue that warrants close
attention. It is very important that it be curbed to improve the profitability
of telecom companies and to ensure smooth, hassle-free operations. Ultimately,
it is the responsibility of operators to provide fraud-free services to genuine
customers, through the implementation of efficient fraud management policies and
systems.
The article is written under the guidance of Professor V
Sridhar, by Deven Shah, Vishal Kaul, Vivek Bajpai and Vivek Shah, all second
year MBA students at IIM Lucknow