Revenue assurance is the practice of identifying and remedying (sometimes preventing) financial underperformance in CSPs. Due to the complexity of revenue management, the complex nature of telecoms software infrastructure, combined with human error and suboptimal processes, CSPs 'lose' a percentage of revenue owed to them. Revenue assurance software, processes and practitioners seek to minimise these losses to the company and prevent them from occurring.
While revenue assurance processes and software seeks to minimise revenue lost due to incompetence or error, in contrast fraud management is the practice (aided by software solutions) of minimising financial losses due to deliberate or intentional theft (fraud).CSPs are subject to a number of types of fraud, and the types, scale and complexity of fraud continue to increase.
FRAUD
Fraud in telecommunications can be very complex and transversal to the operator structure. The authors propose a classification method used in the FMS case management that allows a better characterization of the fraud phenomenon and enables a detailed reporting. The approach used is based in the 3M’s classification:
Motive: the fundamental objective of the fraud.
1. Non-revenue fraud, making use of a service with intent to avoid the cost but without the intention of making money. It includes providing no-cost services to friends or private usage.
2. Revenue fraud, which intends financial benefits as in Call Selling or Premium Rate Service (PRS) fraud (described below).
Means: the nature or form of the fraud used to satisfy the motive. Some examples:
1. Call Selling: sale of high tariff calls – usually international – bellow their market value with the intent to evade the operator payment.
2. Premium Rate Services (PRS) Fraud: inflation of the revenue payable to a Service Provider by generating calls to a PRS line.
3. Surfing: use of other person’s service without consent which can be achieved, for example, through SIM card duplication (cloning), illegally obtaining calling card authorisation details or PBX hacking.
4. Ghosting: refers to obtaining free or cheap rate through technical means of deceiving the network. It can be performed, for example, by manipulating switch or database contents to ‘alter’ call records.
5. Sensitive information disclosure - involves obtaining valuable information (e.g. VIP client details or access codes) and selling it to external entities. This fraud is usually performed internally.
6. Content stealing: a more recent type of fraud, which deals with getting high value contents (videos, ring tones, games) for free, by exploiting the non real-time pre-paid billing pre-paid system (hot-billing) or by avoiding payment of the invoice (post-paid services).
Method: the generic fraud method.
1. Subscription: fraudulent subscription obtained with false credentials that allow debt accumulation by systematic payment avoidance.
2. Technical: more advanced fraud that is based in exploiting loopholes found in the operator network elements or platforms.
3. Internal: inside information systems abuse
4. Point of Sale: when the dealer manipulates sales figures to increase the compensations paid by the operator
A FMS should be able to collect data from multiple formats and sources, and through a process of data preparation and mediation, conveniently process and adapt it to the system internal data formats. Some of the relevant processes of this stage are data filtering, call assembly and call rating. With some FMS tools, it is possible to perform data enhancement through cross-relation of different data sources, which may boost performance in some more complex detection techniques.
Subsequently, detection processes are applied in order to generate alerts on situations that deserve closer investigation by fraud analysts. Some of the relevant techniques used in this stage are rule–based detection and profiling through Artificial Intelligence (AI) techniques like neural networks or decision trees.
Fraud analysts investigate alerts by accessing all relevant information (detailed client/account information, associated Call Detail Records, alert details, client alert history…) needed to conveniently assess the alert. Alert clarification may also benefit from graphic information describing client consumption profile.
Detected fraud cases are then forward to a case manager to initiate subjacent bureaucratic processes subsequent to fraud identification. All relevant information (e.g., CDR details, detailed client information, related alerts…) is attached to the case and the specific case fraud is classified (involved
services and fraud motives, means and methods) along with financial indicators quantifying performed fraud detection gains against fraud losses.
Finally, the system must provide friendly and complete reporting tools, thus allowing access to all relevant information to analyst, fraud process manager and system management information.
Fraud tackling efficiency may also benefit from seamlessly integrating and cross-referencing multiple data sources (client and billing information), which may enable focusing on most suspicious alerts.
Versatility and adaptability of fraudsters imply usage of different tools and technologies for each scenario. These tools must handle huge data volumes (e.g., billions of call records) and allow the integration of any new relevant technology. Additionally, the regular advent and new services and client growth implies easily scalable tools.