PARTNER FEATURE: Communications Service Providers (CSPs) should act now if they want to save billions in lost revenue. According to the Communications Fraud Control Association (CFCA) fraud is on the rise, from an estimated $28.3 billion in 2019 to $39.89 billion in 2021. That is a huge increase in a short space of time. Partly, of course, it is connected to the global pandemic pushing almost all business online, but fraudsters are getting increasingly more creative and professional, and their actions are becoming harder to spot. This will be a continuing trend.

Frauds come in all shapes and sizes. One of the more well-known methods is called International Revenue Share Fraud (IRSF), which entails a fraudster partnering with a high termination rate CSP (premium-rate numbers) that splits the interconnect fee with the fraudster while the fraudster uses artificial traffic generation to premium-rate numbers. To generate the false traffic, it frequently makes use of fraudulently obtained SIM cards, PBX hacking, Wangiri scam, and mobile malware.

The Wangiri scam is particularly popular at the moment and comprises execution of short-duration calls from premium-rate lines with the purpose to initiate a call-back from the subscriber. Criminals also engage in interconnect bypass fraud, roaming fraud, and subscription fraud.

Combining innovation with a tried and tested approach
Of course, fraud is not new. CSPs have dedicated teams using tried and tested methodologies and technologies, however, the constantly changing fraud patterns resulting in late fraud detection are making it harder than ever for CSPs to close the window fast enough.

With more than 20 years of experience in the telecoms industry, Elitnet has an impressive history with CSPs supplying innovative platforms that run voice, messaging, and data services, advanced network security solutions, and value-added services which ensure customer satisfaction. Elitnet’s primary product in the battle against fraud is Onyx FMS.

Onyx FMS uses a wide range of machine learning applications supplemented with rule-based methods which carry out pre-filtering to improve system performance and additional real-time validations to improve precision of ML models. Onyx also features continuous automated ML model performance evaluation and retraining which ensures constantly high recall and precision rates of fraud detection.

Onyx implements a white box concept for ML models which, along with built-in analytics and appropriate data drilldown, enables fraud managers to fundamentally understand ML decisions, new fraud patterns, and network anomalies. Fully customizable dashboards and reports also allow fraud managers to be constantly informed about any fraud-related activity happening on their network.

Protecting against IRSF and Wangiri
When it comes to protecting against IRSF, Onyx uses a hybrid approach of rule-based and ML methods to detect IRSF cases in both outgoing and transit calls. To ensure maximum performance of the solution, it carries out pre-aggregation as well as rule-based filtering and enrichment of raw data before passing it on to ML-based IRSF detectors which employ a multidimensional approach based on different aggregations. The synergy of above-mentioned methods enables Onyx to achieve 97% recall and 95% precision rates when detecting IRSF attacks, which would be impossible by employing either only rule-based or only ML-based methods (case study).

For Wangiri attacks the Onyx fraud detection component is based on a residual neural network, a state-of-the-art deep learning model trained to understand the operator’s network instead of specific attacks. The model learns the patterns of the traffic flowing through the network to become capable to identify any Wangiri-related abnormalities. This enables Onyx to achieve 97% recall and 92% precision rates on an individual call level and 99% recall and 100% precision rates on an attack level.

Onyx FMS Wangiri fraud detection statistics

Rapid detection rates in Lithuania and Latvia
This data is not based on theoretical performances or lab-based tests, it is based on real-world situations. For example, Bitė Group, a leading telecommunications and media group in Lithuania, Latvia, and Estonia, has been an Elitnet customer since 2005. In recent times it found itself facing an increased volume of Wangiri fraud activity, resulting in subscriber complaints and additional expenses to compensate defrauded subscribers.

Using Onyx results in attacks being identified within only a few minutes or even seconds, depending on the intensity of the attack. Even though a few individual calls may go unnoticed during an attack, Onyx FMS has an impeccable record of detecting and successfully blocking attacks as a whole. Onyx can also implement a softer approach to dealing with Wangiri attacks, such as warning subscribers calling to a compromised direction via IVR rather than blocking their calls altogether.

Onyx FMS Wangiri fraud prevention process

During the first two months after implementing Onyx for both Lithuanian and Latvian Bitė operators and training the ML model, the system identified 90 Wangiri attacks in Lithuania and 22 in Latvia, in addition to identifying 102,520 Grey-listed MSISDNs in Lithuania and 20,164 in Latvia (case study).

Openness is essential
In addition to the rising volume of fraud, CSPs are also battling with the rising complexity of infrastructure. With every new generation comes an additional layer of technology to manage. CSPs are increasingly turning to open software-based network solutions and are actively looking to avoid vendor lock-in.

Onyx features an open architecture with well-defined component types (data collectors and data processors), services (alarm facility, reporting engine, enforcement engine, embedded analytics, and Big Data storage), and interfaces.

Onyx FMS high level architecture

This enables the easy deployment of new data collectors from any network components as well as new data processors which carry out various additional tasks such as detection of new types of frauds, telecom network security, predictive maintenance, and others. There is no vendor lock-in, therefore development of new data processors can be carried out by the customer or even any third-party.

Onyx is also open for integrations with third-party systems, for example known fraudster databases or fraud management systems which provide additional value. Onyx’s readiness for increasing load is ensured by excellent built-in system observability and automated scale management.

When it comes to fraud prevention CSPs can always do more. There is no such thing as an acceptable loss. Onyx can be deployed in isolation or in combination with existing fraud prevention solutions. Onyx FMS is the only real-time hybrid fraud management system that connects traditional rule-based methods with state-of-the-art machine learning applications to return industry leading rates of detention.