SIM Boxes and IoT Pose Rising Fraud Threats in Middle East and Africa

The article below is from the June-July 2016 issue of SAMENA Trends and is published here with permission.

As long as there have been businesses and consumers, there has been fraud. And now fraud is infiltrating the quickest-growing channel for business – mobile – on a massive new scale. The Communications Fraud Control Association (CFCA), in fact, now estimates that nearly 1.7 percent of global telecommunication revenue is lost annually to fraudulent activity. This is why businesses need fraud detection services to protect their mobile networks.

In the Middle East and Africa, this activity has recently been revealed through two types of fraud that are gaining momentum and presenting a rising threat to mobile service providers. One type is one of the oldest forms of mobile fraud, SIM box fraud, and the other type represents one of the newest mobile technologies, the internet of things (IoT).

Each presents a special threat to the future of mobile in the Middle East and Africa. Yet, as we continue to increase our fraud management efforts to fight the more established SIM box fraud, we must at the same time prepare for the fraud that the future is bringing through the IoT. For this reason, it’s imperative that mobile operators develop a dedicated strategy for each.

Here I would like to share some lessons from our recent work with customers in this region, through which we’ve developed several approaches that offer a practical foundation to countering and, ultimately, minimizing this fraud.

How does SIM Box Fraud Work? 

This fraud involves termination of international traffic using illegal routes. Fraudsters use a device that holds stacks of SIM cards on one side and a connection to the internet on the other side. Using this device, fraudsters can make an international call appear to be a local call and avoid an international calling charge. Specifically, when an out-of-country call comes in through an operator’s international gateway, the call can be received through the internet and then “re-originated” through SIM cards to make the call appear as if it comes from a local location. As a result, operators can lose the difference in fees between a local call and a substantially more costly international call.

This difference can lead to severe financial repercussions, costing operators almost $6 billion in 2015, according to the CFCA (Communications Fraud Control Association). This is especially true in Africa, a hotbed for SIM box fraud. Recently, in Kenya, it was estimated that operators and government agencies were losing approximately $440,000 per month as a result of this fraud. Governments can lose even more, since many countries impose taxes on international mobile services. In Ghana, for example, the government reported that SIM box fraud recently cost $5.8 million in lost taxes.

Mobile operators, though, face several challenges with SIM box fraud. One of the biggest of these involves one of the most common methods of detection, test-call generation. This involves a process in which operators set up test numbers on their mobile networks and make calls to those test numbers from many different countries, through many different interconnect voice routes around the world. In this way, they can find out where “grey routes” are originating and the paths they use to reach SIM boxes in a particular country. The test-call generation method, however, has been weakened by new technologies that fraudsters can use to analyze voice call traffic coming to their SIM boxes. Based on usage patterns, these technologies can be used by fraudsters to determine which calls are real subscriber calls and which calls are originating from a test system, and fraudsters can then block or reroute test calls to legitimate routes to avoid detection.

In the last couple of years, however, new methods have been developed that offer more accurate and sophisticated detection of fraudsters. In particular, one major advancement is the development of analytics-based methods that use call detail records to create statistical usage-based profiles and detection algorithms that can identify SIM card use. These methods offer a number of advantages over test-call generation, including a more scientifically-based approach based on statistical data, a wider coverage area and more thorough search process, and near-real-time fraud detection for SIM box activity.

Yet, despite the known advantages of these new fraud detection algorithms, some operators have been slow to adopt them. With SIM box fraud reaching a new high, we have now reached a point where mobile operators must begin treating these methods as essential to their business, and all operators across the Middle East and Africa must begin fully integrating them as a core component of their strategy. Only through this strengthened effort will we be able to begin to turn the tide in the battle against SIM box fraud.

IoT Fraud and Security

Although still a small part of the total connections in the Middle East and Africa, the IoT is growing quickly and bringing a dangerous new problem. As with many technology developments, where money goes, criminals usually follow, and now criminals are infiltrating IoT technologies and exploiting new vulnerabilities.

According to the GSMA, the IoT by 2020 will represent over 23 billion global connections, including approximately 10 billion machine-to-machine connections, a type of connection that in developing economies, such as in the Middle East and Africa, rose by 33 percent from the year prior. And with this rise, a new generation of fraudsters has taken root. In South Africa, for instance, a notorious case of IoT fraud has involved traffic lights whose SIM cards have been targeted by thieves, who have swiped cards from hundreds of lights in Johannesburg.

But operators face numerous challenges with this fraud. Among them, the sheer number of IoT connections continues to multiply exponentially. Additionally, many IoT connections involve multiple partners and remain equally vulnerable at the weakest link in the system. Finally, new mobile technologies like 4G present new processes that are vulnerable to exploitation.

However, the development of basic approaches is beginning to offer more effective methods to counter this threat and bypass fraud. These include, first, treating IoT fraud as a separate fraud type and having a dedicated strategy for it distinct from other technologies. Second is having an IoT strategy with a predictive analysis capability that provides a scientific basis for obtaining the best data to respond to fraud patterns. A third approach is using a cloud-based solution, which is vital in being able to offer quicker and more cost-efficient solutions to respond to fraud. It’s imperative that operators integrate these approaches as a core part of their strategy to protect against IoT fraud.

Mobile fraud will continue to be an ongoing battle, but while we strengthen our effort to fight one of the oldest and most common types, SIM box fraud, we must also keep an eye to the future and prepare for the newest area for fraud, the IoT. The future of healthy mobile growth in the Middle East and Africa depends on our ability to develop dedicated strategies to combat these fraud types.