By Joseph George, Director Revenue Protection & Interconnect
The adoption of next generation communications technology, across both wireline and wireless sectors presents tremendous new opportunities – for Fraudsters! Traditional fraud issues are now complicated by next generation fraud and Malware issues previously more related to the world of fixed broadband, but now becoming an issue for the wireless sector as well.
The ITU estimates that global operator annual losses from fraud amount to approximately 6% of aggregated revenue.1 Other industry organizations claim that the total might range between 3% to as high as 10% of revenue. Results from recent CFCA industry surveys indicate losses running as high as possibly US$80Bn.2
With the advent of LTE, the communications market moves from its traditional voice oriented towards a data oriented environment, with the use of soft switching reducing network complexity but increasing IT environment complexity, thus creating security vulnerabilities. LTE introduces new complexity into the BSS/OSS environment. It introduces new components into the BSS/OSS mix, including new approaches to online and offline charging, policy control and enforcement functions, as well as new network elements.
Fraud attacks and service abuse result from poorly protected services, so logically if a service is well protected it loses its appeal from a fraud attack perspective. This means that a combination of detection system, together with best processes must take account of both old and new types of fraud equally.
With new vulnerability originating from the complexity of the NGN environment, there is obviously a need for more accurate knowledge about the NGN network and related fraud potential. This includes specifics about potential points of attack, an understanding about what information is available from key network points, the information correlation necessary and the types of new detection techniques that are needed to stay ahead of the fraudsters. Fraud management system touch points multiply, including interfaces with other BSS/OSS elements, with network elements, with in-house IT security systems and of course with 3rd party partner systems.
Fraud detection and prevention disciplines will require mapping of fraud system touch points, to assure process integrity. The application of disciplines including context based usage checking, user profiling, rules definition and management and data analysis will need to evolve. From the fraud analyst perspective there will be an increasing need for complex event correlation, associated with ‘Big Data’ analytics.
With the arrival of LTE, new opportunities present themselves for fraudsters to attack the telecoms network service. A new world of cyber crime is now making its way into the wireless environment. With the rise of demand for Smartphones and Tablet devices and the wireless communications network taking on more of the characteristics of the wireline broadband world, it is hardly surprising that methods of fraud associated more with the IT world are being introduced to the world of wireless communications. This requires a disciplined response to ensure that analysis can be performed quickly and accurately on the relevant data, to minimize fraud losses and make the wireless network a less attractive target.
Ref: 1 – TIA 2011 ICT Market Review & Forecast, ITU, ENISA
Ref 2: – www.cfca.org/fraudlosssurvey/