Telecom FraudLatest Trends and Combating

Ahmad Nadeem SyedDirector Revenue Assurance & Fraud Management

Mobilink

2

Who I am?

● Currently Working as Director Revenue Assurance & Fraud Management

in Mobilink

● Total Experience – 30 Years

● Telecom Experience – 22 Years

● Expertise- Revenue Assurance, Fraud Management- Billing & Collection- Financial Management- Business Planning and Budgeting- Interconnection and Cost Modeling- Process designing and Computerization

● Published articles in newspapers and international magazines, two books on Telecom & Internet acronyms

3

Telecom Sector is a Favorite

Playground For Fraudsters

Fraud Is A Universal Truth

4

How much are Telcos Losing?

● Rob Mattison of GRAPA estimated the loss upto $40 B (1%-30%) annually in 2005

No. Major Leakage Areas % ShareNetwork

1 New Product development and tariff configuration 13.0 2 Poor system integration from MSC, IN, Mediation & Billing system 12.0 3 Significant configuration changes in any network elements 14.0 4 CDR generation issues at MSC and incorrect usage data 8.0 5 Inteligent network charging failure 8.0

Total Network 55.0 Business & Fraud

6 Retail billing system errors 8.0 7 Interconnect partner payments 7.5 8 VAS partner payments 9.0 9 Credit Management 7.0 10 Frauds (internal & External) 8.5 11 International Roaming settlements 5.0

Total Business 45.0 Total 100.0

KPMG Survey 2009

● Juniper research figured out the loss at $58b (6%) for year 2011

● According to KPMG Survey 2009, bout 45% leakage

pertained to fraud

5

I Would Not Commit Fraud:

Because

● I do not have the opportunity

● My morals do not allow me

● I do not have a motive (May be too old to enjoy the money)

6

Fraud Types - GSMA

Technical1. Mailbox Hacking (CLI

Spoofing)2. IMEI Reprogramming3. Call Forwarding

Fraud4. Call Conference

/Multi -Party Calls5. HLR Tampering /

Switch Manipulation6. SIM Card Cloning7. False Base Station

Attack8. Spamming (SMS & IP

services)9. Phishing and

Pharming10. Mobile Malware11. GPRS Over-billing12. Voice over IP Fraud13. PBX Hacking

SUBSCRIPTION / PAYMENT FRAUD

1. Subscription Fraud2. Proxy Fraud3. Call Selling4. Direct Debit Fraud5. Credit Cards -

Stolen/Compromised

6. Credit Cards - Counterfeit

7. Credit Card-Not-Present Transactions

8. Cheque Fraud

DISTRIBUTION FRAUD

1. Dealer Fraud2. False Agent / Remote

Activation Fraud3. Theft & Handling

Stolen Goods4. Handset Subsidy Loss5. Mail Order Fraud

BUSINESS FRAUD1. Premium Rate

/Audiotext Service Fraud (PRS)

2. Roaming Fraud3. International

Revenue Share Fraud4. Interconnect Abuse

(GSM Gateways)5. Mobile to fixed

network Gateways Abuse

6. False Answer/False Ring

7. Social Engineering8. Internal Fraud9. Normal Business

Fraud & Crime10. Brand Name/Logo

Abuse11. M-Commerce

Provider Content Fraud

12. M-Commerce Provider PRS Fraud

13. Content Theft14. Wangiri

PREPAID FRAUD1. Prepaid Services

Fraud - General2. Prepaid HLR Profile

Manipulation3. Manual Recharging4. Generation of

Abusive Credits5. Scratch Card Abuse

7

New Dimensions Experienced

8

GSM Network/Systems Leakage/Fraud Points

Collection System

BSC

VLR

Other Mobile Networks

PSTNHLR AuC EIR

RBS

RBS

RBS

MSC

GMSCSMSC

Mobile Phone Subsystem

Base Station Subsystem

Core Network Subsystem

SIM + Hand Set

SIM + Hand Set

SIM + Hand Set

MediationIN

Platform

On Net Calls

On Net Calls

GSM Network

Bills

Invoices

Rejected events

Rejected events

Postpaid

Interconnect

Billing Systems

PrepaidRejected

User

User

User

$

$Bad Debt

Bad Debt

International calls

International Roaming

International Gatewy

Voucher Management

Voucher Management

Tariff Management

Adjustments

Customer Relation Management System

Sales and Distribution System

Billin

g, C

harg

ing &

Co

llecti

on Sy

stemTe

leco

m R

isk C

over

age

Sales and CRM

Voucher Management

Leakage

Fraud

9

Opportunity Syndrome

Fraud is all about● Availability of opportunity & ● The ability to avail the same!

The opportunities Could Occur By:● Executive Errors– flawed policies, processes and disintegrated

systems● Incidence – Mistake/Error● Collusion ● Design – Technological Advancement

10

Executive Errors

Flawed Policies● Your money my play – Check payment trickery● Fake Sales – Commission● Fake Mobile Number Portability – (Commission and lack of Regulatory Controls)

Flawed Processes● Bank reconciliation - Transactions Juggling● Fake Bank accounts● Defaulters Restoration ● Illegitimate Loyalty points redemption ● Illegal numbering series creation● Official phone package misuse

11

Incidental

● Tariff table mistakes in network & Billing systems– Masses get benefit

● “Local Prefix” International dialing - Masses get benefit

Design - Technological Advancements

● Bypass Traffic – New Methods

● International Roaming Fraud - Unauthorized Roaming

● Premium Rate Service (PRS) – Number Range Selling

12

What are by-passers doing?

● Using Moving objects like TV Van, Boat etc. with satellite dish

● Access to switch by connecting to OF main cable in collusion with

operator’s technical staff

● LDIs having LL licenses - Replacing “A” number with own LL’s No. and

terminating on national trunks

● Local Loop termination using LDI’s transit service after replacing “A”

No. with own No.

● Ditching controls by

- Avoiding high usage with regard to numbers or location

- Using numbers all over their/other’s licensed territory

13

Collusion

Unauthorized International Roaming ● Inbound Roaming● Outbound Roaming

Defining illegitimate GTs & numbering ranges in host network may be with collusion

14

Combating FraudA Multidimensional Activity

15

Fraud Management Framework

Investigation

Prevention

CorrectionDetection

Saved $ 8 M

16

Empowerment● FM department has requisite authority related to

investigation, prevention and correction● This authority must be:

* Endorsed by no less than CEO* Recognised by other departments

● SLAs need to be signed with other departments

Combating Fraud

17

Cross Functional Responsibility

● FM department can not fight it alone

● FM is dependent on other departments on provision of data and systems

● Detection is a joint responsibility – Outside tips are a major source

● Establishing incident reporting mechanism – (Short Code Portal)

● FM need to be involved in change management process (affecting

revenue) by other departments particularly technical,

● One POC in each department ensuring action

Combating Fraud Contd…

18

Combating Fraud

Real/Near Real time Data Availability● Must be sourced in directly and independently ● Must be both processed and unprocessed● Data includes transactions/CDRs and activity logs

Systems● High speed Data Processing● Varying formats readability● Flexible in terms of business rules definition and data● Administration within FM● Case management enabled● Equipped with Business Intelligence Tools ● Integrated to other financial and technical systems

19

Combating Fraud Contd…

Skill Set ● Forensic Analysts

● Process reviewing competence

One Umbrella● Fraud Management and Revenue Assurance under one chain of command

● Benefits of Synergies – Complementing each other

● Common Data Sourcing

20

Knowing and Ensuringthat

A minute in air is translated into cash in company’s hands

Maximum and In Time

Air to Cash Reconciliation Model

(ATCR)

An End to End Reconciliation Concept

Air to Cash Reconciliation Model

21

Total Traffic

Discounts/Free Minutes

Chargeable

Traffic

Post Paid Voice & VAS

Total Traffic

Discounts/Free

Minutes

Chargeable Traffic

Pre Paid Voice & VAS

ATCRPostpaid Billing System

IN Platform

Accounts

Receivable

Commission Calculator

Bank Recon System

Sales Management System

Customer

Service System

Inventory

Management

Front End Cash

System

OTAR Platfor

m

Voucher Manage

ment System

22

Combating Fraud Contd…Ethical Fraudster

● Job Description – Breaking the process & Systems

● Objective is: * Knowing the Weaknesses of Systems & Processes* Test detection Ability Fraud Management Department

● Planned and Ongoing Activity

● Management Consent Required

Process/System Evaluation● Identifying gaps in the processes and Systems

● Ensuring Fixing

23

Combating Fraud Contd…

Inter-operator Co-ordination● Sharing minimum information about fraudsters and fraud

without compromising confidentiality

● Black listing on all the networks

Regulators Role● Objective – protecting government losses and consumer’s interests

● Issuance of regulations and Systems installations

● Blacklisting fraudsters

24

Remember● Criminals continue to be ahead of law● Colluder continue to join hands● Mistakes continue to happen● You can

- Detect or even stop repetition of the past incidents

- Develop early warning indicators for any new occurrence

- Develop controls for new occurrence proactively but to an extent

● You can not guarantee “No” fraud situation

But ● You can guarantee being Alert 24/7

25

Ahmad Nadeem SyedAhmad.n@mobilink.netansyed56@gmail.com