The Boom of New Technologies and the Rise of Telecom Fraud in Malaysia
19th August 2002 (Intec Telecom Systems PLC)
By John Rocca
Telecom fraud is costing the global communications industry over $55 billion a year, with Asia experiencing the highest levels of criminal activity in the area of wireless communications. Malaysia is a prime target for fraud, as a leading high technology hub in Southeast Asia, with one of the most sophisticated telecommunications facilities in the region, built on state-of-the art networks using fibre optics, ATM and ADSL. The increase of these new telecommunications services has also widened the opportunities for fraud to occur. The growth of fraud in the region's mobile market is partly due to the rise of subscribers for individual telecoms companies and the parallel increase of new service providers entering the market. This competitive growth has increased the number of features and services available to mobile users, giving criminals more opportunities for fraud. The increase of valuable prepaid services in particular has made the industry extremely vulnerable to attack and has pushed fraud cases upwards. With the absence of credit reference databases to detect this type of fraud, criminals have many chances to exploit new applications and services. Technical issues have also allowed more sophisticated types of fraud to occur, including mobile phone cloning, which allows criminals to make expensive international calls from overseas, using illegal roaming privileges. Today, many of Malaysia's telecoms operators lose maybe 3 percent of their revenue to fraud each year, with mobile companies experiencing greater levels of crime. This adds up to millions of dollars worth of losses at a time when Malaysia's telecommunications industry can ill afford to lose money. With the economic slowdown of the region there has also been a steady drop in demand for highly invested next generation services and infrastructure projects are often now being financed in more costly foreign currencies. As a result, many companies are struggling to make a profit. The liberalisation of the market has also aggravated the problem. Fraud Types
The most common type of mobile fraud is the classic case of a perpetrator hacking into a network and using a false identity to access services for free. With the advent of wireless communications, this type of scam has re-invented itself through mobile phone cloning. The creation of cloned phones enables criminals to make free international and expensive roaming calls, costing mobile operators great financial losses. With over 900 million mobile users travelling outside their countries each year, roaming has become a major earner for the mobile phone industry, generating over 2 billion dollars each year. Roaming fraud decreases this revenue stream by at least 5 percent. The obvious "tell-tale" sign of roaming fraud is repeated calls to premium-rate services and long duration calls. These calls are made with a bogus or stolen identity to ensure that criminals don't pay for the service. By the time an operator identifies the problem, the fraud act has already occurred. There is no legitimate identity for the perpetrator so gathering enough evidence to secure a conviction is next to impossible and most companies are reluctant to report crime for fear of damaging consumer confidence in the security of their products. The main problem with roaming fraud is the delay in the communication of billing information between the operators and the difficulty in analysing information that is encrypted or lost. Once this type of fraud occurs, the user's roaming operator must pay the operator of the roaming network for the roaming privileges, regardless of whether the user pays the bills. Call back and illegal selling schemes from subscribers themselves, including the re-sell of calling cards to other subscribers, forgery of vouchers and recharge fraud have become other popular "low-tech" forms of fraud in Malaysia. Another major problem is the use of counterfeit and stolen cards to pay for goods over the phone. According to a recent Gartner report, credit card fraud can be ten times greater for online and mobile transactions than face-to-face transactions. Dodgy business partners
Customer fraud is not the only problem facing mobile operators. A minority of carriers and roaming partners are also exploiting the reconciliation process to make illegal profits. According to a recent article by telecom consultants Chorleywood on fraud, several roaming partners in less well-regulated regions in Asia target the weaknesses of another operator's billing system to make money. A partner delays call detail records (CDRs), loses billing data or artificially inflates traffic to increase roaming revenue. Home carriers can also use the system to their advantage: since they are liable to pay interconnect charges, the main goal is to get as many calls across the network as possible. In some cases, an operator does not let the roaming partner know that a fraud is taking place right away so that it can continue to make money. Responsible carriers do not indulge in such practices, of course, but there are GSM operators in certain countries where this is a growing problem Prevention Fraud Systems
Understanding the nature of fraud is the first step in reducing revenue leakage. The next step is investing in revenue assurance systems to help shield against future attacks. Surprisingly, few companies in Asia bother to invest in any type of system despite the wide availability of solutions in the market. Instead, many operators rely on in-house billing systems that can be quite vulnerable. With a properly designed billing platform, an operator can quickly analyse the call detail records (CDR) produced from roaming activity and identify fraudulent acts. But most mobile companies do not have the resources to produce this type of in-house billing product that has the scalability and technology to support an influx of network traffic. When volumes get too high for operators to manage, the in-house application is often replaced with a commercial billing product. By selecting the right revenue assurance product, operators are making the first positive move in reducing telecommunications crime. One of the most important features to look for is a system that can generate rapid fraud alarm reports. This allows operators to establish threshold levels for services for each subscriber. When the level is exceeded, an alarm report is generated in real-time, alerting carriers of possible criminal activity. The system must also be flexible to allow carriers to change and modify rules, since there are always new and evolving fraud methods taking place. Advanced customer profiling and the ability to monitor events over a configurable time period are also vital requirements and help to prevent fraud from taking place. Another platform feature that operators must consider is the ability to generate accurate reports when required. This can help evaluate fraud any time during the day, while assessing rules performance and fine-tuning network parameters. Partner Agreements
In addition to fraud systems, Malaysia's telecom operators can also establish provisions between partners to tackle criminal activity, especially for roaming agreements. For instance, a major South African operator now refuses to pay its partner carrier if it suspects that fraudulent activity has occurred on the network. One UK GSM operator implements a moderate anti-fraud approach. The mobile operator provides its partners with a list of suspicious numbers. If the partner allows the numbers to roam on their networks, then the partner loses any right to interconnect revenue if a fraudulent act takes place. Working Together
Another way to combat fraud is for mobile operators to create closer ties with their billing, network management and inter-carrier teams to keep informed of the latest trends in fraud detection and prevention. Special forums can promote dialogue between the telecom industry, such as the Communications Fraud Control Association (CFCA) and the Forum for International Irregular Network Access (FIINA). Through the sharing of knowledge about fraud and the integration of the right revenue assurance systems, Malaysia's operators can create a successful fraud management program that can minimise financial losses and increase profit margins for future customer services. The writer for the above article is the Regional Director for Asia-Pacific, Intec Telecom Systems PLC |
