Case Study: Roaming Fraud Protection
The issue of fraud in the roaming environment, while having many similarities to domestic fraud, also poses different challenges. This is because fraud attacks in the roaming environment focus on services outside the home network. Fraudsters are able to exploit the longer time frames required for the home network to gain visibility of usage by its customers. In fact, roaming fraud can start in exactly the same way as domestic-subscription-based fraud, using illegally obtained SIM cards, which are sent to a foreign network where the fraud or service abuse starts. Roaming fraud relates to specific types of fraud, including International revenue share fraud and premium rate number fraud.
Syniverse takes a global approach to roaming. As roaming fraud threats are, by definition, global in nature, then it makes sense to take a global view of fraud, which is the approach that is taken by Syniverse roaming fraud protection service. By identifying patterns of fraud taking place in different parts of the world, Syniverse is able to build a picture of global fraud and anticipate fraud attacks, before they create significant loss of revenue. In one 5 month period, the Syniverse roaming fraud protection team was able to identify and report more than $14 million in potential fraud. This affected more than 140 different countries, 300 PMNs and over 9,000 unique IMSIs. In total, no less than 35 distinct types of fraud attack were identified and blocked. A breakdown of where the fraud attacks were originating is shown in the chart below.
A typical example of the value and origination of roaming fraud threats was made during February 2014, for a customer based in the Asia-Pacific region. Outbound roamers visited a large number of different countries. Syniverse was able to detect and prevent roaming fraud for this one customer alone that was valued at $120,000. Fraud attacks were most prevalent against outbound roamers visiting Pakistan, but also with Switzerland, Macao, the U.K. and Egypt being risk destinations. Fortunately, fraud attacks on inbound roamer activity were contained to $3,200. Roamers visiting from Hong Kong were most likely to be subject to fraud attack, but there were also levels of activity detected for roamers visiting from a range of countries, including France, Malaysia, Switzerland, Syria and Russia.
Using Syniverse’s own fraud management system and by applying consistent processes, constant vigilance and knowledge about other types of fraud attacks occurring in other networks, Syniverse fraud analysts were able to detect and block fraud attacks, before they became significant issues. Of equal importance is an approach that ensures accuracy as well as speed of detection, to prevent false alarms and keep supporting legitimate customer usage thus preventing customer experience management issues. In one 5 month period, the Syniverse roaming fraud protection team was able to identify and report more than $14 million in potential fraud. This affected more than 140 different countries, 300 PMNs and over 9,000 unique IMSIs. In total, no less than 35 distinct types of fraud attack were identified and blocked.