Telecom top priorities : Fighting fraud from the Cloud


Combating fraud is an important issue for
every communications service provider (CSP). Experience shows that lack of
effective fraud control can land the CSP in a major fraud problem. With a
growing number of subscribers, an increasing number of distribution channels, a
more complex service environment and more complex tariff structures, effective
fraud management is necessary for CSPs to minimise potential losses from
fraudulent activity.


Effective fraud detection means finding fraud quickly
and accurately Fraudsters typically strike hardest when people are asleep or on
holiday, so fraud departments are required to provide a 24×7 coverage service
that never lets its guard slip.

It is for these reasons that more CSPs than ever are
now considering outsourcing their fraud protection arrangements. Outsourcing
can take various forms, including the following:


Partial outsourcing of one or many individual
parts of the overall fraud process, such as roaming fraud and NRTRDE
processing.


Full outsourcing, whereby all human and
system resources are managed by a third party outsourced fraud management
service provider. This involves the outsourcing service provider taking on all
of the tasks associated with fraud detection and prevention. 


Cloud models. New models of cloud-based SaaS
options using in-house staff to continue to manage the processes using these
systems. The CSP’s own staff continues to manage the fraud processes, while the
systems they actually use to detect fraud are provided via SaaS from a third
party provider.


Hybrid models.  A CSP may at times send
its data to the outsourcing service provider’s own premises via secure VPN for
immediate analysis by the outsourcing service provider’s own team of fraud
analysts. Alternatively, the CSP may choose to deploy a fraud system on local
hardware in its own data centre, which is then remotely accessed by the
outsourcing service provider’s own fraud analysts to perform their duties.

 

Conventional models are giving way to the
realisation that it is probably easier to pursue either the pure SaaS route or
one of the hybrid routes described above. In the past, concerns about
networking technology speed and security prevented these types of approaches
from being adopted. Now CSPs can access comprehensive fraud management
functionality over a secure VPN connection, with robust security and business
continuity protection to ensure that a 24×7 service is provided.  Through
these models, CSPs can dramatically reduce their implementation timeframes and
accelerate the adoption of new approaches to fraud protection. Configuration
changes or the addition of new fraud detection features and functionalities can
now be done quickly and efficiently.

Beyond cost, there are other benefits
associated with SaaS for fraud management, depending on the level of engagement
that a CSP requires. CSPs can benefit from access to specialist fraud vendors,
who have built up a strong knowledge base about the structure of fraud attacks. 


Evolving Fraud Detection


Almost every CSP starts fraud detection activity by manually processing
reports. High spender reports generated from billing systems or the -Interim
Fraud Prevention Procedure’ (IFPP) for wireless roaming, are examples of
starting points for many CSPs. Using such simple reports yields basic, but
often insufficient, information for proper fraud-control activities. Manual
processing is both slow and expensive, and very often, correlation data for
specific types of fraud is lost. Fraud is becoming increasingly sophisticated,
particularly in conjunction with new IP-based services that are becoming an
integral part of the service mix.

Fighting Fraud from the Cloud

So exactly how can cloud-based fraud
detection and prevention work? The answer to this is dependent on the type of
model that is employed. Using one of the hybrid models referred to earlier, it
is possible to build a fraud detection scenario.

 

Within a SaaS or outsourcing environment,
depending on the service level that a CSP subscribes to and the severity of the
alert, there needs to be close interaction between the CSP and the outsourcing
service provider. As flexibility is important, it might be an option to make
use of a 24×7 surveillance service and only agree to be alerted if a defined fraud
incident arises.

 

Once an alert does come through, it should be
possible to make a provisional determination about whether or not an incident
is fraudulent. As the CSP will have access to the same information as the SaaS
service provider, it is possible for both parties to work together to determine
appropriate reaction to incidents.

 

One of the many advantages associated with
the SaaS and outsourcing model is that subscriptions can be tailored to
individual circumstances. 

It is clear that traditional methods of
fighting fraud are changing fast. A combination of SaaS delivered over the
cloud and outsourced services holds a promise of new and effective ways to
fight increasingly sophisticated fraud. The possibility of deploying hybrid
models that make use of an outsourced service provider’s resources and skills
offers a particularly exciting opportunity for CSPs to rid themselves of the
necessity of having to purchase, install and maintain expensive fraud
management systems. Additionally, CSPs now have options as to how to structure
their own fraud management departments, possibly using SaaS models to eliminate
CAPEX, but also deploying hybrid SaaS and managed service models for optimum
effect in the fight against telecoms fraud.   

 

By Raghunatha Chary, regional vice president,
Sales India, MACH
[email protected]