https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Telephony/UC/Collaboration


Know Thine Enemy

  • Written by Channel
  • October 31, 1998

Posted: 11/1998

Know Thine Enemy
Intelligence Techniques Arm Carriers Against Subscription Fraudsters

By Mario McCash

James Bauer, deputy assistant director for the U.S. Secret Service Office of
Investigations, testified in April before a Congressional subcommittee that all kinds of
important personal information stored in computers, including driver’s license and Social
Security numbers, are accessible and for sale to just about anyone.

He said, "In our research, we have not found sources able to accurately define the
volume of identity fraud; however, anecdotal information from all sources indicates that
it is prolific."

Bauers’ concerns are shared by wireless and wireline telecommunications carriers, which
are seeking better means to accurately and completely identify, quantify, measure, analyze
and report on the impacts of subscription fraud. In this variety of telecommunications
fraud, a person establishes telephone service at a business or residence, runs up a high
volume of calls–often international–and abandons the service without paying the bill.

Frequently, subscription fraud also includes large numbers of collect and
billed-to-third-number calls. The persons committing fraud leave the premises before the
first bill is delivered or service is cut off for nonpayment.

This final installment of our three-part series on subscription fraud addresses
measurement, analysis and reporting techniques carriers can use to gather the intelligence
they need to attack and defeat subscription fraud properly.

Measurements

Performance measurements, or "metrics," aid carriers in assessing the quality
of their systems and practices. In many cases policies, procedures and practices need to
be scrutinized as much as any software/hardware solution.

The following is a list of recommended options carriers could consider in developing
their own strategies for measuring their performance. Implementation of any of these
suggestions would depend upon carrier size, history of losses (such as what a company’s
"need" is), and internal business considerations (such as a company’s
willingness to pay for tools or procedural changes). Some options do not require much
expense but rather a change in the way business office practices are done, while others do
require additional capital expenditures (such as data mining).

  • Carriers may be able to benefit in improving performance measurements of subscription
    fraud (and other forms of fraud as well) by centralizing or consolidating fraud operations
    into one group. For example, call-sell subscription fraud cases and the final bill loss
    associated with them can be quantified through centralized automatic message accounting
    (AMA) and automation via the fraud management system (FMS).
  • Carriers could look to existing resources such as accounting codes, post-billing
    adjustment reason codes, disconnect reason codes (such as "abandonment" or
    "nonpay"), tariff violation codes, disconnect orders and so forth as a means to
    track subscription fraud losses.
  • Losses could be "journalized" so the carrier can isolate the extent of losses
    due to fraud and by fraud type. This will allow tracking and trending so appropriate
    adjustments can be made in the fraud strategy and fraud reduction program.
  • By taking a sampling of uncollectibles, carriers can research the impacts of
    subscription fraud in the overall uncollectibles rate the carrier experiences. Sampling
    techniques are fairly accurate statistical measurements and should be considered as
    another tool in subscription fraud analysis.
  • A valuable exercise in measuring performance of a subscription fraud management program
    is to identify and track the common thread in subscription fraud cases. In other words,
    what are the common traits or denominators that exist among those verifiable subscription
    fraud cases? Are there any recognizable patterns in the verified subscription fraud cases?

From the common traits, adjustments in the FMS and/or the front-end processes can be
made to improve the prevention and detection of this kind of fraud. Such adjustments in
the FMS become possible from the use of reports that provide this type of measuring of the
system. The fraud engine and/or the database(s) contained within an FMS could mine data to
populate reports that give the necessary intelligence to draw conclusions about patterns.

These "pattern recognition reports" can indicate the health of the FMS system
in measuring its ability and performance in bringing down averages of the subscription
fraud type over time. The production of strategic reports within the FMS system can aid in
prevention and detection as much as the detection algorithms and thresholds themselves.

Analysis

"Measurements/metrics" offer system (hardware/software) health checks and a
report/scorecard of a company’s policies/practices and procedures. It provides the
intelligence or information needed to make decisions to improve system and operational
performance.

On the other hand, "analysis" is finding and representing trends, patterns
and anomalies hidden in the data. Analytical exercises include the selection of data, the
transformation of data and the evaluation of data mining results. Analytical manipulation
of data is the discovery of knowledge, knowledge that is the crucial business intelligence
needed by carriers to maintain their edge.

The following is a list of 25 questions to which carriers should seek answers in
analyzing subscription fraud:

1. What is the average loss per subscription fraud case?

2. What is the total number of subscription fraud cases?

3. What is the average time in service for a subscription fraud case?

4. What is the volume of subscription fraud cases compared to the total number of
lines?

5. What is the percentage of subscription fraud losses to total revenue?

6. Of the number of new orders received within a given time frame, what percentage of
those orders turned out to be subscription fraud?

7. What is the percentage of bad debt to revenue?

8. What percentage of the bad debt was fraud?

9. What percentage of the overall fraud was due to subscription fraud?

10. How much money is being written off as subscription fraud?

11. What is the projected amount of subscription fraud buried in bad debt or
uncollectibles?

12. What are the gross activations (or subscriptions) per year? Per month?

13. What are the gross disconnects/deactivations per year? Per month?

14. What number of disconnects/ deactivations are attributable to fraud and to what
type of fraud?

15. What is the cost of acquisition of a customer?

16. How many customers are denied service due to being unable to verify their
information or suspected fraud?

17. What percent of customers are denied service due to bad credit?

18. What is the cost of fraud, the acceptable cost of fraud (i.e., what the carrier is
willing to bear as opposed to the actual cost) and how do these figures compare to the
uncollectible rate and cost?

19. Does the company establish an acceptable level of loss due to fraud, and if so, how
does that compare to the total cost of its fraud?

20. Out of the cases of subscription fraud, how many (volumes) and what percentages are
due to each specific type of subscription fraud? In other words, categorize subscription
fraud cases by titles such as call-sell, private party/residence, calling card or feature
takeover.

21. Of the cases of subscription fraud, what is the volume and percentage that involve
calling cards where the account was stolen prior to receipt by the authorized party? Note:
This would include scenarios of mail theft via postal workers or other mailbox tampering.

22. What is the volume and percentages of subscription fraud where the fraudster
ordered calling cards, new features or service established at the fraudster’s address by
theft of the legitimate account holder’s information?

23. How many subscription fraud cases resulted from calling cards mailed to incorrect
addresses and accepted by another party without the intent to pay?

24. What volume of fraud cases are initiated by false applications? What is the
percentage of cases detected prior to activation vs. the volume of cases that did get
activated?

25. What volume and percentages of subscription fraud are due to true-name applications
(correct info on the subscription application)? How many true-name applications were
detected prior to activation and how many true-name applications were detected after
activation?

Many of these metrics assume that the reporting can be done both historically,
currently and by the projected trend. Data mining or data warehousing, online analytical
processing (OLAP), artificial intelligence (AI) and knowledge discovery in databases (KDD)
all are technologies that can be used to make this kind of measuring and reporting
possible.

Reporting

Canned or ad-hoc reporting options generally are available within the relevant risk
management, billing and network/operation systems such as FMS, customer service,
accounting, "master" files, operations/network reports and billing/clearing. If
the existing databases do not have adequate reporting in and of themselves, generally the
data contained within the various databases can be extrapolated to form the needed
reports.

Here is a sampling of possible requirements for a subscription fraud report. (Note that
to create this sample report on subscription fraud, the originating sources of the data
come from divergent systems, thus requiring careful planning in culling all the necessary
inputs to create such a report.)

A subscription fraud report can be generated via the FMS system or other database that
would contain fields to total the volume and percentages of the following:

  • Identity theft fraud
  • Takeover fraud by illegitimate acceptance of preapproved offer letters
  • Fraud by mail interception
  • Fraud by deception via the use of illegally acquired account information
  • Fraud by submitting applications with incorrect or false information.

The report should include statistics on repeat cases involving accounts and account
names, listing of locations involved, dealers/agents, dates and fields for total number of
calls/minutes in the cases. Additionally, it should include percentages of each type of
subscription fraud and compare against the total of all other types of fraud.

Furthermore, a correlation to address changes can be made with verified subscription
fraud cases. How many address changes occurred in each fraud case? How many requests were
there to mail calling cards to prior addresses?

Questions the report could answer include:

  • Of all the applications received within a specified time frame, how many were
    fraudulent? (This includes both fraud applications not approved and those who received
    service).
  • How does the rate of subscription fraud applications detected prior to activation
    compare with the overall volume of applications received? Tracked over time, this report
    allows for comparison of the fluctuations of fraud applications to total applications.
  • Is there a pattern of fraud applications to specific geographic locations?
  • Are there any unique calling patterns associated with subscription fraud cases, or can
    subcription fraud cases be linked through the calling patterns?

These are just samples of the metrics, analysis criteria and reporting options carriers
can use to manage their subscription fraud. No doubt there are many other possible
combinations and scenarios that can be examined. Carriers are encouraged to be diligent in
exploring and discovering new ways to use information to combat frauds of all types.

Industry Cooperation and Coordination

As mentioned last month, in the series’ second part on detection, intervention and
investigations, a telecommunications service provider that protects its own network (such
as by blocking calls from a problem telephone line/account) can help protect the industry
as well. Carriers can cooperate with one other through their respective security
departments. In this way, efforts to investigate accounts, document any abuse and shut
down the fraud will help prevent its migration to another company.

In cases which a contract for billing exists between the telephone service providers,
the companies should arrange to accelerate delivery of billing tapes. Delivery at long
intervals (such as every 30 days) virtually eliminates the value of a high-toll notifier
system. Rather, such delays make it more likely that certain telephone service providers
will be victimized by defrauders. Carriers should implement online billing record
transfers. The exchange of billing information should be as automated as possible, daily
and online.

Regulators need to recognize and support the industry’s growing need to reduce
telecommunications fraud. Losses are not always easily quantified and may not appear to
impact state residents (international calls are under interstate jurisdiction).
Nevertheless, losses are enormous in the aggregate, and carriers are forced to recover
these losses from legitimate callers.

Telcos and wireless carriers also must recover their administrative expenses
(negotiation, install- ation, investigation, disconnection, adjustments, etc.) as well as
hard-dollar losses.

Regulators’ concerns about nondiscrimination and privacy are shared by all. However,
regulators need to permit telephone service providers sufficient flexibility–when
negotiating new service–to take legitimate precautions to protect themselves, their rate
payers and even the industry.

This may include requiring positive identification from applications. Some greater
latitude also is appropriate when the telephone company suspects that fraud likely will
generate large uncollectibles, as with subscription fraud.

Subscription fraud–and all telecommunications fraud–penalizes each consumer, the
industry and the whole economy. No one segment of the industry can combat fraud
effectively, but concerted action can change the trend line of mushrooming losses. Above
all, flexibility and speedy cooperation are needed.

You must remember fraud is big business, and the returns are dramatic. You can expect
the defrauders will be as imaginative and resilient in the future as they have been in the
past. Those who battle subscription fraud must rise to the occasion.

Mario McCash
is the business development manager for Fraud Services at Illuminet and co-chair of the
Subscription Fraud Task Force for the Toll Fraud Prevention Committee. He can be reached
at [email protected].

Editor’s note: This is the last in a three-part series on
subscription fraud. Last month’s installment covered monitoring, detection and
intervention. Part 1, in September’s issue, covered prevention tools and practices. This
month, Part 3 discusses measurement, analysis and reporting.
Tags: Agents Telephony/UC/Collaboration

Most Recent


  • Layoffs
    Telecom-IT Layoff Tracker 2023: Cisco, RingCentral, Microsoft, 8x8, Sophos, More
    The onslaught of layoffs is bleeding over into this month.
  • Job Cuts
    January's Tech Layoff Scourge: Deep Dive Into Channel Impact
    We break down the seemingly daily layoffs impacting various companies doing business in the channel.
  • Select, circle individual
    Broadvoice Appoints 8x8, Mitel Vet as VP of Channel Partnerships and Alliances
    He brings UCaaS and CCaaS leadership to Broadvoice's partnership strategy.
  • Layoffs
    Talkdesk Layoffs Impact Sizable Number of Workers, Former Employee Says
    Talkdesk did not provide reasons for the reduction in headcount, one laid-off worker said.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Microsoft Teams app
    Microsoft Primes Partners to Build Next Wave of Teams Collaborative Apps
  • Business growth chart
    8x8 Signs Sandler Partners as Partner Earnings Jump 38%
  • Growth funding
    Successful Bridgepointe Partners Agree to Upstack Acquisition
  • Call Center
    RingCentral, Nice Extend Partnership to Offer RingCentral Contact Center

Upcoming Events

View all

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Channel Partners Europe

June 13, 2023 - June 14, 2023

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Galleries

View all

7 Channel People Making Waves This Week at Pax8, Canalys, Microsoft, Splunk, More

February 3, 2023

Post-TBI Acquisition, Partners Weigh the Future of AppDirect, TSDs

February 3, 2023

Juniper Networks Shows ‘Swagger’ with Ambitious Growth Strategy

February 3, 2023

Industry Perspectives

View all

The Software Patching Problem – Solved

February 3, 2023

How to Break Through the Growth Ceiling

February 1, 2023

5 Things to Look for in a UC Partner

January 31, 2023

Webinars

View all

Next-Generation MSP Platform: The Building Blocks for Your Business

February 15, 2023

How To Boost Your Business With White-Label UCaaS

February 28, 2023

Security Secrets of the MSP 501: How to Be a Cyber Leader in 2023

December 15, 2022
  • 1

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Coffee with Craig and James Episode 117: Cato Networks, Video Killed the Podcast Stars

Retired Astronaut Capt. Scott Kelly Previews His CP Expo Keynote

December 21, 2022

Fusion Connect Eyes Future with Intrado UC, Managed Network Customers

September 23, 2022

RingCentral Focused on Hybrid Work, Microsoft Teams, Other Integrations

September 23, 2022

Twitter

ChannelFutures

Channel people making waves include: @RobTRae, @vasujakkal, @ReneeIMCloud, @garylsteele dlvr.it/ShvjQ3 https://t.co/yz09flzXvV

February 3, 2023
ChannelFutures

The slowdown in #publiccloud spending is real and it’s arrived at #AWSCloud and #GoogleCloud.… twitter.com/i/web/status/1…

February 3, 2023
ChannelFutures

#ZTW23: @ThreatLocker Gold Partners announced, deep dive into the dark web. dlvr.it/ShvFGF https://t.co/k68BfzLToq

February 3, 2023
ChannelFutures

Channel Partner Success Story: Forerunner Technologies - Learn how @NEC UNIVERGE BLUE Cloud Solutions enabled… twitter.com/i/web/status/1…

February 3, 2023
ChannelFutures

Partners and suppliers weighed in on the AppDirect-TBI acquisition and its implications for the channel.… twitter.com/i/web/status/1…

February 3, 2023
ChannelFutures

Read about @coxbusiness' acquisition of @Logicworks. dlvr.it/Shty4t https://t.co/3MaKai6SVr

February 3, 2023
ChannelFutures

Where in the world are the top MSPs?? Take a look at the infographic breakdown of 2022 #MSP501 winners by region >>… twitter.com/i/web/status/1…

February 3, 2023
ChannelFutures

.@SovosCompliance offers tips for how and when to revamp #partnerplans. dlvr.it/ShtDgv https://t.co/vPzajXnjee

February 3, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X