Telco Fraud: Are We Winning the Wrong War?

Categories: Analytic Database Security

 

Dr. Ian Howells, CMO, Argyle Data

Dr. Ian Howells, CMO, Argyle Data

Fraud is responsible for losses of approximately U.S. $38 billion a year from global communications providers’ revenues, but the telco industry is concerned that losses from undiscovered crime attacks are even greater. Harnessing the power of native Hadoop applications, real-time machine learning and big data, Cloudera and mobile revenue fraud analytics provider Argyle Data have teamed to create a fraud analytics platform for communications service providers (CSPs) that allows them to uncover and shut down fraud attempts as they are happening. Million dollar scams can be pinpointed and deflected within minutes. Today, the platform is being used by some of the leading mobile operators across the globe.

Let’s take a look at recent reports by the Communications Fraud Control Association (CFCA) to uncover the threat trends beneath the statistics. The CFCA released its “2015 Global Fraud Loss Survey” results last quarter. After comparing the data to CFCA’s 2013 report, there were two high-level differences that stood out to me.

Reclassification of Roaming Fraud

In the 2013 study, roaming fraud was listed as a fraud type that was defined as “all types of fraud and abuse involving roaming”.

When you look at how fraud types can occur, there are three common scenarios:

  • Home subscriber on a home network
  • Roaming subscriber on a home network
  • Home subscriber on a roaming network

Many fraud types, such as premium rate service fraud or international revenue share fraud (two major fraud types), can occur either on a home network or when roaming. However, in the 2013 report, roaming fraud was just another fraud type sitting next to premium rate service fraud and international revenue share fraud (IRSF). The 2015 survey has fixed this. Fraud types are now analyzed separately in “roaming” and “in-network” buckets. So, for example, IRSF is analyzed on a global basis as:

  • Roaming: IRSF $7.1 billion
  • In-Network: IRSF $3.7 billion
  • Total/Combined: IRSF $10.8 billion

This reclassification provides far more clarity into where and how fraud is actually occurring.

Supposed Reduction in Fraud Losses

The second thing that stood out to me was that the overall reported cost of fraud was down from $46 billion in 2013 to $38 billion in 2015, even though the survey respondents overwhelmingly felt that fraud was on the increase.

When the survey asked, “Over the past 12 months, do you think global fraud losses have trended up, trended down, or stayed the same?” the results were as follows:

  • Trended Up: 55.6%
  • Stayed the Same: 33.3%
  • Trended Down: 11.1%

When the survey asked, “Over the past 12 months, has fraud in your company trended up, trended down, or stayed the same?” the results were as follows:

  • Trended Up: 50.0%
  • Stayed the Same: 23.7%
  • Trended Down: 26.3%

So in summary, 88.9% thought that fraud had either gone up or stayed the same globally and 73.7% thought that fraud had either gone up or stayed the same within their company – even though the reported total cost of fraud reduced by $8 billion over the past two years.

It didn’t make sense to me at all that the overall cost of fraud could have decreased so dramatically while most of those on the front lines in the fight against fraud believe that fraud is actually on the rise. It is a commonly held belief that cybercrime is at an all-time high and an all-time level of sophistication.

Conclusion

I believe we are at a turning point in fraud and revenue threat analytics:

  1. Known fraud attack techniques (the known knowns) are reducing.
  2. Fraud that we suspect but can’t codify with rules (the known unknowns) is a growth area.
  3. Fraud that we don’t know about/are not looking for (the unknown unknowns) is a growth area.

Sophisticated criminals are focusing on the growth areas as they have a cloak of invisibility. The question I have is this: Are we winning the wrong battle on fraud? The world is moving to the use of big data and machine learning and that includes organized crime and governments using sophisticated attack patterns. The next phase in the battle will be for mobile operators to fight back in an equally sophisticated way:

  1. Use existing rules and rules-based systems to identify known fraud attack techniques (the known knowns).
  2. Use machine learning to identify fraud that we suspect but can’t codify with rules (the known unknowns).
  3. Use machine learning to identify fraud that we don’t know about/are not looking for (the unknown unknowns).

In summary, the new mantra for defending subscribers and networks will be to use machine learning against vast data lakes to discover the known unknowns and unknown unknowns. Only then will we see a true reduction in the real cost of fraud.

If you are interested in learning more about how the world’s largest mobile operators are using Hadoop and machine learning to fight fraud, please visit Argyle Data at the Cloudera booth at Mobile World Congress (Stand 6M30, Hall 6) and get a copy of the book “Fighting Future Fraud: A Strategy for Using Big Data, Machine Learning, and Data Lakes to Fight Mobile Fraud” that was written with colleagues who previously worked at AT&T and Vodafone.

facebooktwittergoogle_pluslinkedinmail

One response on “Telco Fraud: Are We Winning the Wrong War?

Leave a Reply