The Communications Fraud Control Association’s (CFCA) annual fraud survey provides telecoms fraud managers with an assessment of the key revenue threats from fraud. The latest survey identified the top five frauds being committed against service providers as:
- $10.76 B (USD) – International Revenue Share Fraud (IRSF)
- $5.97 B (USD) – Interconnect Bypass (e.g. SIM Box)
- $3.77 B (USD) – Premium Rate Service
- $2.94 B (USD) – Arbitrage
- $2.84 B (USD) – Theft / Stolen Goods
These frauds are costing network operators billions and can be extremely difficult to identify, yet alone eliminate. However, the newest threat to operator termination revenues comes from a different source altogether: Over-the-Top (OTT) service providers that have their eyes on termination revenues as well as competing with telecommunications service providers for a share of the voice and messaging market.
How can network operators combat these frauds and regain revenues?
IRSF: International Revenue Share Fraud relies on a fraudster partnering with a network service provider that charges high rates for call termination. The fraudster makes lots of very long calls to the operator’s country, which are then terminated by the operator and the revenue is shared between the two.
IRSF is only possible because of the delay between the time a call is made and the time call data records are analysed by the network. Operators that can reduce this time lag to zero and/or identify high volumes of long calls coming from one country to another, have the best chance of reducing this activity.
Bypass or SIM Box Fraud: Fraudsters exploit the difference between international and local call rates by buying thousands of local SIM cards and inserting them into a GSM Gateway or SIM Box, which is then connected to the internet. They then sell international phone minutes and connect them as local calls. The operator is therefore denied the full international payment rate, resulting in a loss of revenue.
Revector’s recent survey suggests that more than 80% of respondents identified SIM box fraud occurring on their networks. SIM Box fraud can be controlled by implementing and maintaining a detection service.
Premium rate services: There are still countries where the premium rate market is unregulated and fraudsters can generate as much as $2 per minute of calling by encouraging people to call premium rate numbers or diverting traffic illegally to premium rates. Early detection is key to preventing significant premium rate fraud damage.
Arbitrage: Telecom arbitrage fraud is the exploitation of the differences in settlement rates between countries. Operators can combat arbitrage by ensuring they only resell minutes to reputable companies and keep a close eye on their partnerships with third parties.
Theft/Stolen goods: From the fiber into a data centre to the mobile handset left on a doorstep because nobody is at home, telecommunications hardware theft continues to be a major issue for service providers. There are obvious opportunities to combat theft through limiting access to equipment internally, to ensuring that a handset is never left in the hands of the wrong individual.
OTT Hijack: Revector, the anti-fraud telecoms specialist, carried out a survey with more than 150 mobile network operators. The results found that operators have lost 20% of termination revenues to OTT hijack in the last 12 months on average, with some operators losing more than 70%. This fraud may not be recognised by the CFCA, but it is on the rise and causing significant damage.
OTT apps such as Viber have been proactively touting the capability to terminate calls, selling this service on the open market and directly to some operators in different countries.
Buried within the terms and conditions of several OTT apps is an option to ‘deliver normal calls as OTT calls when possible’. This is usually defaulted to ON. The recipient of the call will simply think that the caller has called them on an OTT app rather than via the normal telephone service (which is not the case).
This is ingenious short term profiteering by the OTT apps: not only do they get to convince recipients of calls that more people are using their apps, they also get to keep the termination revenue, all the time delivering this call over data using the network of the operator they are hijacking the revenue from.
To date it has proven extremely difficult to overcome OTT hijack but 2016 was a breakthrough year. Solutions, are now available across enterprise-grade equipment. It is extremely likely that in 2017 several network providers will address this issue head on, not least because it is impacting termination revenues so significantly.
It can be difficult to perceive communications companies as victims of fraud but the services we rely on depend on communications companies being profitable entities that can invest in infrastructure for the future. For this reason, telecommunications providers need to have an in depth understanding of the current fraud landscape and where new threats are emerging, as well as investing in new and reliable technologies to detect and prevent fraud.
Andy Gent, Founder and CEO of Revector
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.
Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/