International Dialing and Roaming: Preventing Fraud and Revenue Leakage

Similar documents
VOIP SECURITY: BEST PRACTICES TO SAFEGUARD YOUR NETWORK ======

WHAT THE FRAUD? A Look at Telecommunications Fraud and Its Impacts

TELECOM FRAUD CALL SCENARIOS

Anti Fraud Services. Associate Member of..

Fighting Future Fraud A Strategy for Using Big Data, Machine Learning, and Data Lakes to Fight Mobile Communications Fraud

Access Mediation: Preserving Network Security and Integrity

Case Study. PAETEC minimizes Fraud Costs using Equinox Protector

Solace s Solutions for Communications Services Providers

Know. what will happen. Allround Puts You in Control.

PBX Fraud Information

VOIP THEFT OF SERVICE: PROTECTING YOUR NETWORK ======

LAVASTORM ANALYTICS lavastorm.com. Transforming Fraud Management with Agile Data Analytics

Battling illegal call operations with Fraud Management Systems

How the ETM (Enterprise Telephony Management) System Relates to Session Border Controllers (SBCs) A Corporate Whitepaper by SecureLogix Corporation

Communications Fraud Control Association Global Fraud Loss Survey

PBX Fraud Educational Information for PBX Customers

International Carriers

SPRINT SIP TRUNKING SERVICE PRODUCT ANNEX

The Business Value of Call Accounting

Veramark White Paper: Reducing Telecom Costs Why Invoice Management is the Best Place to Start. WhitePaper. We innovate. You benefit.

Enterprise Performance Management:

Securely Access and Manage Firewall- Protected Equipment From Anywhere

INTRODUCTION TO VOIP FRAUD

( ETSI Ad Hoc Group on Fixed/Mobile Convergence - Final Report - 11 March 1998) (1) Telecom Italia, V. di Valcannuta 250, Rome (Italy)

[PRIVATE LABEL TELEPHONY SOLUTION]

Enabling Innovation with KPI-based Service Management Operator Key Performance Indicators (KPIs)

Concept Note. powering the ROC. PBX Hacking.

MVNO Solution for Highly Profitable Global Roaming Services

Business Telephony Security

With 360 Cloud VoIP, your company will benefit from more advanced features:

Telephone Charging System

Architecture Overview

ABOUT AT&T GLOBAL CLEARINGHOUSE

VitalPBX. Hosted Voice That Works. For You

NEWT Managed PBX A Secure VoIP Architecture Providing Carrier Grade Service

CONSULTATION. National Numbering Plan Review. A short Consultation issued by the Telecommunications Regulatory Authority 28 August 2007

Executive Summary. August Technology Research Institute (TRI) 1245 N. Rocky Mountain Drive Effort of the Poconos, PA 18330

ADDITIONAL TERMS FOR VIRTUAL VOICE NETWORK SERVICES SCHEDULE 2L

IP Inter-Carrier Routing

International roaming explained

Bypass Fraud- Are you getting it right?

Founded in 2003, Worldwebnet Telecom is a fast growing Canadian owned and operated carrier that specializes in providing voice services to the

SPRINT GLOBAL SIP TRUNKING EUROPE PRODUCT ANNEX

White Paper. avaya.com 1. Table of Contents. Starting Points

Best Practices for Implementing Global IoT Initiatives Key Considerations for Launching a Connected Devices Service

How the Past Changes the Future of Fraud

VOIP Attacks On The Rise

FIREWALL CLEANUP WHITE PAPER

ADVANTAGES OF CLOUD ULTRA AN ULTRA COMMUNICATIONS WHITEPAPER CLOUD CONTACT CENTRE SOLUTIONS COMMUNICATIONS (0)

ACCELERATOR 6.3 ASTERISK 1.4 INTEGRATION GUIDE

Parlay i60 - Application

CA Service Desk Manager

Low Investment, High Returns

ACCELERATOR 6.3 TDM PBX INTEGRATION GUIDE

New Horizon Business VoIP Services

Application Visibility and Monitoring >

SECURITY SOLUTIONS BANKING AND FINANCE

CCT Telecomm offers the following tips to ensure your protection from phone fraud at your home or business:

fraud & billing For example, Layer4 will identify: Compliance of telecom operators with service level agreements

ACCELERATOR 6.3 ASTERISK LINES INTEGRATION GUIDE

PERFORMANCE MANAGER. Carrier-grade voice performance monitoring tools for the enterprise. Resolve service issues before they impact your business.

What a Vulnerability Assessment Scanner Can t Tell You. Leveraging Network Context to Prioritize Remediation Efforts and Identify Options

Cisco Remote Management Services for Financial Services

Lavastorm Analytics and Mobistar Reducing Mobistar s Fraud Risk Profile with Real-time Analytics and Collaboration

Agilent OSS access7 Signaling Meter

How Cisco IT in India Converged the VoIP and PSTN Infrastructure

HOW IT WORKS: THE GOVERNMENT EMERGENCY TELECOMMUNICATIONS SERVICE Introduction

NeoGate VoIP GSM Gateway Applications and Solutions 1

NICC ND 1438 V1.1.1 ( )

Mobile Gateway usage clarification of the regulatory environment

Securing SIP Trunks APPLICATION NOTE.

IP TELEPHONY. Incorporating Voice over Internet Protocol (VoIP)

Voice, Video and Data Convergence > A best-practice approach for transitioning your network infrastructure. White Paper

Introduction. The Inherent Unpredictability of IP Networks # $# #

Confessions of a Telecommunications Provider. Five things you MUST know about Global Voice over IP (VoIP) Providers

VoIP Deployment Options

ACD: Average Call Duration is the average duration of the calls routed bya a VoIP provider. It is a quality parameter given by the VoIP providers.

Transcription:

page 1 of 7 International Dialing and Roaming: Preventing Fraud and Revenue Leakage Abstract By enhancing global dialing code information management, mobile and fixed operators can reduce unforeseen fraud-related expenses and capture additional revenue that would otherwise be lost, helping to improve their overall financial performance. Access to authoritative and accurate global dial code data is crucial to this effort, since this information addresses the root cause of many types of fraud and interconnection-related revenue leakage, including international revenue share fraud, PBX hacking, misclassified service types during billing, and incorrect rating. Due to the complexity and large volumes of data involved, and the absolute requirement for accuracy and data normalization, it is often most efficient and cost-effective for service providers to outsource global dialing information management. Revenue Assurance Is More Important Today than Ever Before Fraud and revenue leakage are putting increasing pressure on mobile and fixed operator profits, leading to a renewed focus in recent months on cost reductions and revenue assurance to maximize returns on existing sales and to maintain profitability. In its 2009 worldwide telecom fraud survey, the U.S.-based Communications Fraud Control Association (CFCA) estimates that global telecoms fraud costs operators up to $80 billion annually, which is a significant blow as they face tough competition, increasingly saturated markets, and regulatory pressure to reduce mobile termination rates and international roaming charges. The figures for revenue leakage do not make any better reading. KPMG recently estimated that worldwide, revenue leakage is around 1% to 3% of total revenues, and in some developing countries the figure could be as high as 10%. This is costing the global telecommunications industry an estimated $40 billion annually based on KPMG s 2010 Global Revenue Assurance Study covering 74 operators in 46 countries across the globe. However, KPMG cautions that this figure could be even greater due to a lack of available data, especially the contribution from fraud-related leakages, showing that this is indeed a sensitive concern for operators. In terms of technology, billing, rating, and charging systems are all coming under scrutiny in the drive to tighten defenses against revenue loss, but this in itself is a challenge. The Challenges of Fraud and Revenue Leakage Despite having had dedicated revenue assurance and fraud departments in place for many years, fraud and revenue leakage continue to threaten mobile operators profit margins. This is mostly due to the complexity and value of the mobile services offered, and the dynamic nature

page 2 of 7 of the fraud itself. Criminals are constantly looking for new ways to exploit weaknesses in services and the underlying networks, particularly in a time of downsizing with frequent mergers and acquisitions that may disrupt operations and quality control. In some cases, the nature of the fraud is not apparent until a significant amount has elapsed since it was perpetrated, and this especially applies to services that involve international roaming. These services rely on timely exchange of subscriber authorization and billing information between multiple service providers and networks located across different continents, countries, and time zones. Tracking and resolving fraud issues is made more complex because of the number of different types of fraud involved. Operators make significant investments in fraud detection and their reactive actions to stop the identified fraud. While there are obvious merits to this strategy, it is an expensive approach. Solutions deployed to detect fraud, such as Fraud Management Systems (FMS), are costly to implement and equally expensive to maintain. All network Call Detail Records (CDRs) need to be analyzed, and whenever a new service is implemented or a network element upgraded, the FMS requires updating. On top of this, a large team of fraud analysts is needed to review the alarms generated by the FMS. Since fraud detection is not an exact science, many of these alerts turn out to be false alarms. Generating calls to premium rate services through roaming fraud and PBX hacking Although there are numerous legitimate premium rate services provided by third parties that offer value-added information and entertainment services, there are also premium rate numbers that are exploited by fraudsters. By artificially inflating traffic to certain premium rate service numbers, which can cost more than $15 per call, fraudsters benefit from revenue sharing agreements that they set up in advance, especially in combination with prepaid or postpaid roaming. In a roaming scenario, the subscriber is under the control of the visited network and the home network will often have very limited visibility into their customer s behavior. The fraudsters systematically exploit the home network s lack of visibility and the time delays inherent with information sharing between the visited and home network. Unless the home network provider can quickly identify and block these fraudulent roaming calls before they are set up, they will face a huge bill from the visited network provider. In some cases, this bill can be in the order of hundreds of thousands of dollars within just a few hours of fraud activity, placing even more pressure on the provider to find the source of the fraud. In fact, some providers have experienced damages reaching millions of dollars over a single weekend. This is especially prevalent in combination with either cloned SIM cards or call forwarding scenarios, highlighting just how opportunistic the fraudsters have become and how important a short time to resolution is for providers. It s no surprise, then, that the CFCA recognizes premium rate services fraud as one of the top three causes of revenue loss.

page 3 of 7 Invoice Home Country Visited Country Home Network Visited Network Prepaid account incorrectly debited at standard roaming rate by home network (perhaps at $0.50 per minute) Fraudulent Domestic or International Premium Rate Service Premium rate service invoice: up to $15 per call Figure 1: Fraud Involving Prepaid Customer Roaming Abroad Calling Premium Rate Service Number Fraudsters seek any method by which they can generate calls to these numbers while at the same time avoiding paying for the calls they generate. For every call generated, the fraudster creates a revenue stream which they will almost certainly collect, even though the call itself was fraudulent. Another common route for generating fraudulent calls to premium rate services is through unauthorized use of Private Branch Exchanges (PBXs). Fraudsters will use the Internet to hack into PBXs by taking advantage of well-known weaknesses, such as the use of default passwords. Once a PBX has been compromised, it will be controlled remotely and used to generate very high volumes of international calls. A significant proportion of these calls will be to premium rate numbers. Given the number of PBXs deployed on any network, it is difficult for operators to prevent such fraud. This is especially true since the PBXs are often the property of the end user and not the operator itself. Generating calls to unallocated numbers One of the most surprising aspects of telecom fraud is the role of unallocated numbers. An unallocated number is a number belonging to a number range that has not been issued by a legitimate national numbering authority it is a phone number that does not exist and should not be possible to dial. The obvious question is: if the number does not exist, how can fraudsters dial it? Fraud to unallocated numbers is dependent upon the lack of transparency on the routing of phone calls. Clearly, it should not be possible to dial a nonexistent number, and normal call routing would prevent that from happening. However, where there is a level of fraud in one of

page 4 of 7 the carriers handling a call, it is possible. Either a fraudulent carrier, or a fraudulent individual or group within the carrier, could illegally re-route calls from the assumed non-existent number to a real number range, typically in a different country. This is commonly referred to as the shortstopping of calls. Unsurprisingly, the real final destinations of such calls are typically premium rate numbers. However, this can only be identified after the event using substantial investigative resources. The reality for the network originating the call is that all network and billing elements will record the call as having been routed to a non-existent number range. Premium rate services fraud is just one part of a wider class of frauds that rely on generating large volumes of traffic. These frauds, called International Revenue Share Frauds (IRSF), allow criminals to artificially boost traffic volumes to high-tariff international number ranges, often using roaming SIM cards that have been cloned, and then receive significant revenue share from the incoming traffic. Trade associations such as the GSM Association (GSMA) have put their weight behind initiatives to help mobile operators find solutions to the growing risk of fraud. The Near-Real Time Roaming Data Exchange (NRTRDE) is one such framework that addresses roaming fraud, by reducing the time it takes to exchange roaming CDRs between the operator in the visited country and the subscriber s home operator. This reduction in CDR processing from 36 hours down to four is a positive move, but NRTRDE is still a reactive solution in the sense that it reduces the time it takes to detect and stop the fraud rather than preventing it in the first place. A reactive approach that analyzes CDRs looking for high usage also falls short since the fraud is only uncovered after it has happened, and by then the damage is already done. Revenue leakage Revenue leakage is caused by a whole range of complex industry billing practices, incorrect interconnect charges, varying termination rates, and misclassified service types. Although this type of revenue leakage may often be based on relatively small discrepancy amounts, thereby not causing dramatic and noticeable losses from single incidents, the sheer aggregate volume of the billions of calls that pass through operators networks every day magnifies the effect and results in a significant amount of lost revenue. While revenue leakage can occur anywhere across the revenue cycle from sales to network configuration and rating and billing, it is the technical areas associated with networks, rating, and billing systems that are the most vulnerable to revenue leakage. A typical cause of leakage can be incorrect rating including international destinations being configured as local destinations, or identifying a called number as a landline when it is actually a mobile number with a higher termination rate. The actual calling rate depends on what type of number is called which can be a mobile, fixed, domestic, international, or non-geographic special number such as a premium rate service as well as what network the called number is associated with. The called number can belong to the same network (on-net calling), or another network (off-net calling). Off-net calling results in additional interconnect and termination charges that can vary substantially among different service providers for regulatory and commercial reasons, and incorrect information in the interconnect agreements between service providers invariably results in revenue leakage.

page 5 of 7 A particularly harmful form of revenue leakage is related to IRSF. A fraudster may have noticed that an operator allows calls to some international premium rate destinations but charges the calls at standard international fixed or mobile rates. The fraudster generates significant volumes of calls to these destinations and will often pay for those calls since the cost of the calls is much lower than the revenue share they receive for terminating each call. The ability to address many common types of revenue leakage and fraud relies on having access to correct dial code information so that all calls can be correctly classified, rated, and billed or blocked, in the case of fraudulent calls to premium rate services or unallocated numbers. Preventing Fraud and Revenue Leakage with Improved Global Dialing Information Management Targeting the root cause We have seen how fraudsters take advantage of premium rate services by setting up their own revenue share numbers, artificially inflating traffic to these numbers often in combination with roaming and SIM cloning, and then having the originating service provider foot bills that can exceed hundreds of thousands or even millions of dollars after only a few hours of fraudulent calling. This type of fraud can be prevented with access to accurate worldwide dial code information. The dial code information enables the mobile operator to proactively identify high risk premium rate service numbers and other high tariff international number ranges commonly used in international revenue share fraud, and then take appropriate action such as blocking calls to these numbers. The root cause of the different types of fraud and revenue leakage discussed in this paper is essentially incorrect or insufficient dial code information on domestic and international number ranges including premium rate numbers, as well as unavailable information on the port status of individual telephone numbers. So, the way to prevent these frauds is to use accurate worldwide dial code information to identify high risk premium rate service numbers and other high tariff international number ranges, and then manage calls to these numbers in a proper and proactive manner. Access to accurate worldwide dial code information and number portability-corrected routing data also enables mobile operators to accurately classify each number and ensure that every call is routed in the most optimal way, from both a service quality and a cost perspective, and then properly rated to eliminate any revenue leakage. The complexities of obtaining and managing worldwide number information There are more than one million dial codes and about ten thousand special high level number ranges used for premium rate services across hundreds of countries and territories around the world, which makes creating and maintaining a database of them no simple task. Additionally, obtaining global dial code and number portability information, continuously maintaining and updating it for accuracy, and interfacing with regulators around the world to resolve numbering discrepancies is a complex process. There are often tens of thousands of changes in global dial code data every month as millions of mobile subscriptions are added every year and new services are introduced.

page 6 of 7 Monitoring all these changes and correctly updating the dial code database to maintain accuracy requires a substantial investment in resources, time, and money. And the effort required to obtain and maintain information on the millions of telephone numbers that have been ported in the more than 55 countries that support number portability adds to the complexity; it involves time-consuming interactions with hundreds of national regulators and operators, as well as extensive processing and formatting of the number portability data itself since different countries represent the data in different ways. In-house versus outsourced dialing information management In principle, mobile operators could gather and continuously update dialing information in-house by interacting with all the worldwide national regulators and counterpart operators, but it is more efficient to outsource this activity due to its complexity, the amount of information and processing involved for data normalization, the need for accuracy and speed, and the consequences of erroneous data in terms of fraud and revenue leakage. The in-house gathering and management of global dialing data is laborious and timeconsuming, taking up valuable employee time that could potentially be better spent on other important tasks. In addition, extensive experience and telephony process knowledge is necessary to interpret numbering plan information, and in many markets, often those where fraudulent calls terminate, it can be very difficult to obtain authoritative numbering information. For these markets, an extensive network of contacts that are able to provide authoritative numbering information is required. What to look for when outsourcing number management When outsourcing management of dialing information it is important to obtain access to a future-proof and trusted source for both global dial codes and number portability routing data that covers all services, including voice, messaging, and next generation IP based services. Each country is different in how it structures numbers, how it handles portability, and how it defines numbering policies and procedures. This means that each country s data must be obtained and mapped into a common database to ensure a consistent and uniform format that is easy to work with. Also important are access to continuously updated information and flexible delivery methods for the information itself based on open and configurable interfaces that allow easy integration with the service provider s own billing and Intelligent Network (IN) platforms. Delivery methods should include Secure FTP with both complete downloads of the entire data set and incremental downloads that only reflect changes since the prior download, an XML/SOAP interface for near real-time incremental data downloads, and ENUM for customized on-demand queries. Finally, the provider of the outsourced numbering management services needs to ensure that its data distribution is based on a secure and highly reliable platform with redundant data centers and disaster recovery capabilities that guarantee continuous operation. Summary Preventing fraud and revenue leakage is vital to mobile operators efforts to improve their financial performance by reducing unforeseen fraud-related expenses, capturing additional revenue that would otherwise be lost, and maintaining profit margins.

page 7 of 7 Access to authoritative and accurate global dial code and number portability data is crucial since this information is addressing the root cause of many types of fraud and interconnection-related revenue leakage. This includes premium rate services fraud and lost revenues due to misclassified service type, incorrect rating, and non-optimal routing caused by number portability. While global dial code and number portability data can be gathered and maintained in-house, it is often far more efficient to outsource this number management task. This is due to the complexity and large volumes of data, the need for accuracy and data normalization, as well as the time and attention it requires from employees, who could spend their time developing the service provider s core business instead. For more information about iconectiv, contact your local account executive, or you can reach us at: +1 732.699.6800 info@iconectiv.com www.iconectiv.com Copyright 2013 iconectiv All rights reserved. MC-COR-WP-008-1 October 2011

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information