In 2017, Equifax made headlines all over the world when it announced the discovery of a data breach. During this security incident, cyber criminals took advantage of a U.S. website application vulnerability and managed to get their hands on consumer credit reporting files. This hacked access compromised social security numbers, dates of birth and other sensitive personal information of 143 million U.S. consumers. The question now is, how do you deal with a situation where attackers seize your sensitive information and might use it to obtain legitimate services illegitimately?
This type of fraud enabler is best known as Subscription Fraud: the fraudster obtains the necessary customer information to be able to register for a new contract or additional new services, but never actually intends to pay for it. Instead, honest customers ultimately end up paying the bill.
Preventing this kind of abuse would mean stopping fraudsters from entering the network in the first place. If this can be achieved, then it would potentially save the industry billions of dollars each year, because other types of fraud - such as IRSF, service reselling or premium rate service fraud - usually take advantage of subscription fraud to gain network access and to be successfully executed.
Stopping subscription fraud also creates another positive side effect on customer experience, by helping deliver a trustworthy and seamless onboarding process. In highly competitive industries, where it’s easy for customers to change providers, a problematic subscription process can be a decisive factor in the loss of clients and prospects.
It remains critical for operators to strive in minimizing the costs of these onboarding processes in the face of decreasing telecom service margins and with increasing subsidized offers, both in quantity and complexity.
The good news is that security is not the final barrier when it comes to stopping subscription fraud. Fraud management systems have been evolving from pure rule-based platforms - which rely only on internal information - to hybrid platforms, which incorporate machine learning and also integrate external information sources (e.g., social networks), enabling a proactive approach to fraud management.
By using internal information, fraud management systems can cross-check the subscription data from each new client with information already available on blacklists. This matching process is done through similarity analysis, with special-purpose algorithms that generate alerts whenever the similarity score with a known fraudster is above a specific threshold.
A common method fraudsters use to try to re-enter a network is to simply change a small detail in their previous subscription data already marked as fraudulent, like replacing a single digit in their address or using a different surname. These fraudulent subscriptions will result in a high similarity score and as such will raise alerts which can block the subscription before it goes into effect.
Nevertheless, sometimes operators do not have enough internal or external information (e.g., from credit bureaus) to enable them to make a refined analysis on the probability of someone being a fraudster. This mostly happens in countries where there are more people with mobile phones than with a bank account or any financial history.
To minimize the risks of performing an incorrect fraud analysis due to a lack of financial data, operators can use third party services specializing in subscriber social footprint search on the web, scanning posts, shares, likes, comments, identities or professional data, and using that information to create models for credit analysis or fraudster probability.
Similarity analysis can also be enhanced by using fraud detection rules which allow for the definition of specific thresholds, which are dynamic and adjusted to the characteristics of the client, like the type of product which is being subscribed to, the level of risk of the operation or the social profile of the client.
Although the previously mentioned methods create strong entry barriers, there will always be some fraudsters gaining access to the network. To mitigate these risks, fraud management systems should also include behavioral analysis, which compares the fingerprints of suspected fraudsters, such as their social network of outgoing and incoming calls and messages, with the behavior patterns of known fraudsters.
To recap, it’s crucial for telecom operators to use all the tools currently available to properly fight subscription fraud, combining internal and external data and feeding that information into hybrid systems which are able to use dynamic rule libraries together with machine learning techniques, whilst also remaining flexible enough to integrate emerging technologies like face recognition or voice biometrics.
Let me know your thoughts and please feel free to Contact Us should you have any questions.