Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
Webinar
“Intelligence Driven Risk Assurance”
www.subex.com 1
The Webinar is about to begin in a few minutes. Please stand by.
Please dial-in to a suitable toll-free number
provided in the invite to listen to the audio stream
Alternatively, you can use Skype to
dial-in to:
+18663654406
Participants’ lines are muted
and only the presenters’ voice
will be audible
Intelligence Driven Risk AssuranceAshwin Menon & Abhijeet Singh
Aug 2015
Webinar
About the Presenters
Abhijeet Singh
Principal Consultant at Subex• Over 9 years in Telecom Fraud Management• Specializes in Consulting & Advisory, Risk & Health
Assessments and Managed Services
www.subex.com 3
Ashwin Menon
Associate Director at Subex• Over 9 years in Enterprise Risk Management,
Analytics for Business Optimization• Specializes in Solution Design, Risk Framework,
Technology Solutions
• Data Traffic:Data traffic is expected to rise to 17 Exabytes by Dec 2018, from an approx. of 3 Exabytes currently
• Connected People:5.5 billion connected people by the end of Dec 2018
• LTE Subscription:LTE subscription to increase 4.5 folds to 1.3 billion by the end of Dec 2018
• Internet of Things:70+ Billion connected things by the year 2020
CommercialWorldwide
2010
2014
20 commercial LTE networks across 14
countries
320+ commercial LTE networks across
110+ countries
Complicating Risk Assurance: 4G Adoption
www.subex.com 4
Complicating Risk Assurance: The Converged Environment
Expanded Value Chain
Cloud & other IT Services Other
ServicesFinancial Services
Payment Industry
Adverti-sementServices
Cloud Services
M2M/Utillity
Services
Content Services
Traditional Telco
ServicesDigital TV
Services
OtherServices
Assurance risks have evolved due to the increased convergence
• The cross industry convergence levels are at its peak – Exposing operators to risk levels similar to the other industries like banking or content
• The cross industry risks, while not new, are expected to induce more ‘direct’ risks to the operator – the new converged service provider
• Focus is also shifting to consumer protection as Mobile/Connection is becoming a subscription identity rather than just an access mechanism
www.subex.com 5
Complicating Risk Assurance: The Network & O/BSS Systems
New Network Elements
› Next gen services (e.g.: 4G) introduces new set of network elements and O/BSS systems
› This points to increase in complexity & volume of RA & FM activities to be performed due to increased data sources and controls
› Non COTS elements have questionable levels of data extraction, logging and access levels
1 Parallel Networks
› Pure 4G Operator: Traditional networks components running in parallel to enable partner network interconnection
› Evolved 4G Operator: The legacy networks of 2G/3G need to exist simultaneously with 4G network ensuring backward compatibility
› This increases the number and complexity of controls to be managed
2Non Standard Implementations
› Some areas of next gen networks, O/BSS systems and interface partnerships are taking customized approach
› This is due to lack of sufficient reference installations and standards
› E.g.: Interconnection (including roaming approach) and VoLTE/ VoLTE roaming etc.
3
www.subex.com 6
Everything is Data
Network allows Differentiated Quality Of Service
Multiple References
Customer is no more just an MSISDN / IMSI, he is referred as multiple entities such as IMPU, MSISDN, USER_ID Converged Billing Mode
in Real-time
All Customers charged in real-time
Digital Content Services
Content is set to become the focus of new revenue models for Telcos
Newer Revenue models & Complex Charging Policies
‘Freeconomics’ based models are evolving along with session based charging
Rich Communication Services suite
Telcos are striving to launch OTTs like services
Partner Ecosystem
Partner Network is growing multifold
IOT Services
Introduce newer security vulnerabilities
Complicating the Assurance: Other factors
www.subex.com 7
www.subex.com 8
Visualizing Impact on Revenue Assurance
OCS
OFCS
DPI
4G Specific Network Elements
www.subex.com 8
High UsagePartner Overbilling
Revenue ShareCramming
False Subscriber charging
Long firm fraudNew partner -
credit riskVAS AIT
High usagePolicy Non-adherence
Override PoliciesFree Service Exploit
Conceal IdentityPhysical Jumping
Usage on unapproved subscription
Usage on missing subscriptionNon Usage
Service/ Policy violation
Social EngineeringTheft
Exploit – ResellingEquipment Cloning
High risk dest. accessLong Duration
Account TakeoverTossed Accounts
Visualizing Impact on Fraud Management
Acquisition
Direct Sale+
Dealer/ Reseller Sale
Service Delivery
Communication Services
Voice & SMS
Fraudster Re-entryFalse
DocumentationProxy FraudSuspicious
RegistrationOverride sales
T&CSpurious
activationsFacilitating
Subscription Fraud
Unknown SalesSale in unlicensed
regionSale to self
Promotions and incentives abuseManipulation of
stocks and deliveries
High Speed Data
Internet Services
Fiber to home
Public WiFi
Content Services Mobile Money Services
Customer
Partner
Merchant
Rich Content
Digital TV
Duplicate Accounts
Address Change AnomaliesSuspicious
RegistrationsSuspicious Online
RegistrationsSuspicious
TransactionsSuspicious Location
MonitoringAbuse Of Test
AccountsLayering
Funds Accumulation
Abuse Of Dormant AccountsCloning
Device HackMoney
LaunderingSpammingSIM Swaps
Account TakeoverSuspicious Handsets
VAS
Ghost AccountsSuspicious
WithdrawalsSuspicious PurchasesSuspicious Merchants
TXN on Unapproved /Missing
SubscriptionFraudulent Partner
OnboardingCommission Frauds
Dormant Partner Usage
Fraudster Re EntryTXN on
Unapproved/ Missing Partnership
Fraudulent Merchant
OnboardingDormant Merchant
UsageUsage on
Unapproved Merchant Service
Usage against missing Merchant
ServiceMalware/Virus
Service Delivery Ecosystem
Wholesale & Inter connect Services
AD Services
Fraudulent Partner return
False Documentation
Credit RiskBypass fraudFalse Answer Supervision
Artificial inflation of
Traffic PBX/iPBX hack
ITFS fraudLong firm fraudArbitrage fraudCLI spoofing/
RefilingBlending HQ
routesCall looping
WangiriSMS Frauds
False disputes OverbillingFalse billing
Non payment intent
Attempted traffic billing
Click Fraud / Inflation Attack
including:Crowd
sourcingIncentivized
Ad NWClick Farms
MalwareSophisticate
d FraudRetargeting
FraudMobile
SimulatorAd Stacking
ToolbarsAd injection
Domain Identity
TheftPhantomBotDeceptiBotsCryptoBots
Hit Inflation Attack
Competition Click Fraud
Employee High UsageTest SIMs High UsageManual Adjustments
Manual RechargesUsed/Expired
voucher re-activationRecharge reuse
Non provisioned recharge use
Network updateRecharge
ManipulationNetwork B/OSS rule
modificationData update through
backend accessGold number
allocationAssisting fraudulent
activitiesAccess IP Mismatch
Access Control Bypass
Shared login Addition into exception list
Service Subscription Status Update
Service additionRate plan update
Rate Update
Service Delivery Support
Internal Employees&
Supply Chain
TheftPackage activation
post expiryAddress update
Ownership updateSIM Swaps
Balance TransfersInformation extractEquipment Delivery
Equipment SalePartner Profile Modification
Fictitious suppliers Manipulated
invoices Duplicate invoices
Provisioning of substandard/incorr
ect goods Collusion (inc.
kickbacks) Diversion of payments Contract
manipulation Credits/write-offs
Sale of the goods & services
Stock manipulation
Recharge &
Payments
Recharge
Payment
1 2 3 4 5
Dormant account reconnectionsUnauthorized Service Sale
Unauthorized Equipment SaleProduct subsidy
abuse
Hack - Malware/VirusTheft
Voicemail hackArbitrageWangiri
Tossed AccountsBypass – Voice & SMS
Free Access ExploitCall Back Fraud
URL MaskingAPN ModificationHigh risk APN use
High Risk Dest. accessBox Spiltting
High usageOutroamer high usageRevenue share fraud
Hack – CloningBill Shock
Social EngineeringNon Usage
Usage on unapproved /missing subscription
Exploit - ResellingLast event fraudLong Duration
Service/Policy violationSIM Stuffing
Inroamer high usageHigh Risk Device Use
Usage post expiry
Fraudulent generation of
creditsSimultaneous
recharges Duplicate
scratch cardVoucher Reuse
Suspicious Recharges
False complaintsUsed/fake
voucher saleRecharge
ManipulationCheque fraudBank Account
fraudNon pay
Partial paymentPromise to pay
Balance transfer frauds
Balance Transfer Anomaly
EVD fraudEVD Anomaly
Credit card fraud
URL MaskingHigh risk dest. access
Compromise APAccess Point Add Brute force attack
DNS SpoofingFree Access ExploitHigh risk APN use
High Risk Device UseUsage post expiry
Dial up / A-DSL
Exploit – Free Access or low
cost access plansContent AIT
Content HackBlacklisted Device UseDevice Hack
Usage on unapproved subscription
Usage on missing subscriptionNon Usage
Service /Policy Violation
Usage post expiry
Account Takeover
Card share
OTT BypassSignaling Abuse
15www.subex.com 9
350+ Fraud Risks
www.subex.com 10
Drivers of Intelligence Driven Assurance Systems
Coverage Enhancement
Quick Response to constantly changing
environment
Enable Faster Detection & Closure
Identification of Unknowns
Continuous Improvement
Effective Measurement
Rapid Return of Investment
Reduced Total Cost of Ownership
Upcoming ROC 3.0 Integration LayerA glimpse of the next version
www.subex.com11
Important Note:
The upcoming slides are forward looking and the look, feel & features around the capabilities
being presented may change in the final build.
ROC 3.0 OverviewIntegrated Solution Suite
Core Platform
www.subex.com 12
Single Landing Page
Shared AnalyticsSingle Sign On
Single ETL
Single Security Model
Single Storage
Centralized System Monitoring
Zero Touch Installation
Intuitive New GUI
Robust Case Management
Big Data Support
Shared Rating Engine
• Improved user experience
through responsive web
design with tile-based
navigation
• Context sensitive user
interface with favorite links
• A Single Sign On screen for
ROC Applications
• Common Landing Page to
navigate between applications
and view relevant
management information
• Common Analytics Layer, with
centralized Dashboards/KPIs
for Executive & Operations
(Supports OLAP Analysis)
ROC 3.0 in ActionNew GUI, Single Sign-On, Landing Page & Shared Analytics
www.subex.com 13
Third party BI tools are now replaced with In-house intelligent dashboard component with no license costs.
Benefits
ROC 3.0 in ActionSingle ETL, Single Storage, Shared Rating Engine & Zero touch Installation
www.subex.com 14
Single ETL1
Single Storage3
Shared Rating Engine4
• Removal of duplicate adapters
across products in a single ETL
• Reduced Number of Adaptors
(typically 25% reduction on
ETL development)
• Common Data Model using
same adapter & storage
• Storage Costs (typically 25%
reduction on independent
installations)
• Savings on operational costs
since both products can be
managed centrally from
multi-skilled resources
• Common rating engine for all
the products
• Rate once – use multiple
• Addresses pseudo rating
issues
Zero Touch Installation5
• Automated push &
installation of patches &
updates
• Removal of manual
installation risks & efforts
Prepackaged Controls2
• Prepackaged controls
including traditional
services, mobile money,
content services, 4G/LTE
and even 5G ready
Focus on “reduced TCO” & “increased agility” for customers across product lines by reducing efforts & leveraging
commonalities
ROC 3.0 in ActionSingle Security Model & Centralized System Monitoring
www.subex.com 15
• Common monitoring &
administration portal for all
ROC applications
• Simplified Administration &
User Management
• Common User
Management & Access
Control
• Common Security
Standards across product
lines
• Intuitive GUI with relevant
Metrics also preconfigured
• Complex tasks line log
analysis & process
management right from the
GUI
Benefits
ROC 3.0 in ActionRobust Case Management for Seamless Collaboration
www.subex.com 16
• Single sign-on over ROC layer
facilitates seamless collaboration
and case transfer across
products/departments.
• Provides flexibility to analysts &
empowers them to be more
productive
• continuity and simplicity in the
analysis process
• Ownership• Request for Information
Mode of Transfer
• Transfer Attachments
• Transfer History & Activity Log
• Access to alarm/case data
Features
Common Case Management Use Case
Benefits
ROC 3.0 in ActionBig Data Support
www.subex.com 17
ROC 3.0 framework is big data ready
• 100X faster performance
• Big data support works as an enabler for next generation of ROC product lines & analytics
• Built for scalability and load handling.
• Tested on Vertica & Exadata
• The platform scales up to handle loads in excess of 8 Billion CDRs per day.
CommercialBenefits
Upcoming ROC Revenue Assurance v5.3A glimpse of the next version
www.subex.com18
ROC Revenue Assurance 5.3What’s new in this version
www.subex.com 19
ROC 3 Integration
DNA
Big Data Ready
Mobile App
Totally New User Experience
4G/LTE Controls5G Ready
20
DNA OneView
DNA – OneView: Enterprise-wide RA Visibility
www.subex.com 21
Business Hierarchy represents the business structure of the telecom service provider based on geographic location and the revenue generating business units.
Intelligent Process Topology provides GUI based tools for actively monitoring the health and integrity of the revenue processes, while also helping in fast analysis and root cause determination of any errant conditions
Demonstrates the overall health and maturity of RA operations across business units by displaying key measures such as Potential Leakage, Revenue Recovered, Revenue Recoverable & Case Closure Rate
Business Hierarchy
Network Topology
RevenuePad
This is a one stop information center to gain visibility on enterprise-wide RA, including Business Hierarchy
and Network Topology
Business Process
HierarchyOneView RevenuePad Case Arena
Geography and LoB based revenue structure
Dynamic Network Analytics
A revolutionary User Operational Experience that supports real-time
operational analysis across the business
while also supporting Automated
Configuration of new business processes
New approach to dashboarding to provide E2E view of performance
Overall health and performance of RA operations across
business units
CASE Management integrated with Zen for quicker
root cause analysis
www.subex.com 22
Rapid deployment with pre-defined libraries enabling seamless due-diligence, systems integration & robust operations
Zen: Virtual Analyst
• Zen is a virtual analyst for Revenue Assurance
• It analyzes millions of discrepancy records and presents the possible reasons for discrepancies to the analyst
Benefits of Zen:
o Improves analyst productivity
o Enables faster revenue recovery
o Enables knowledge management
o Enables effective handling of cases presented
o Provides a three dimensional view - Trend,
validation and analyst performance
www.subex.com 23
A useful tool for faster identification of Root Causes that increases analyst productivity substantially
Mobile App
www.subex.com 24
**These are wireframes – Not the final look and feel
Bringing the ROC RA capabilities on mobile devices ensures that RA specialists have information at their fingertips to make crucial, time-sensitive decisions!
Upcoming ROC Fraud Management v8.3A Glimpse into the next version
www.subex.com
www.subex.com 26
Big Data Ready
ROC 3Integration
Enhanced User Experience
Solution Packse.g. 4G/LTE, 5G,
Content etc.
ROC Fraud Management 8.3What’s new in this version
www.subex.com 27
Mobile AppIntelligent Alarm
Qualification
Fraud Manager’s Toolkit
Bypass Fraud Analytics
Online Statistical Rules
ROC FM Specific CommercialCommon Framework
Fraud Manager’s Toolkit
www.subex.com 28
KPI Hub
• Operational KPIs• Financial KPIs• System KPIs
Performance Hub
• Analyst Performance• System Performance• Resourcing Analysis
Intelligence Hub
• Trending• Discovery
FMT
Set of tools designed to provide enhanced operational intelligence & best practice measurement metrics
to support fast decision making
Private & Confidentialwww.subex.com29
Fraud Manager’s Toolkit: Snapshots
30
Association Discovery
Activity Profiling & Matching
ROC FM v8.2 FMS Elements
Online Threshold Based Rules
Online & Offline Statistical Rules
Measure & Audit Module
Big Data Support - Vertica
Automatic Barring – Provisioning Integration
Partnership with leading TCG Provider
• International network of test call generators with 1900+ routes
• Most extended VoIP & Calling Card platformin the market & ability to execute test calls from phone shops
• Highest bypass detection rates in the market!
• Near « Real » time fraud notifications
• Most advanced call campaign algorithms
• Extensive operator & regulator experience!
• Only patented TCG provider
• A team of skilled Fraud Analysts managing campaign
• Scrambling Policy against counter detection
Bypass AnalyticsSubex Integrated Bypass Detection Approach
Subex combines the accuracy offered by a TCG solution with flexibility and higher coverage offered by a FMS and integrates them through a Bypass Analytics layer
Associated MSISDNs discovery through analytics
FMS Fraud Hits
New Bypass Profile Patterns
Feedback for rule efficiency
Feedback for more focused call generation
Input for further analysis
Detection
www.subex.com
Online Statistical Rules
31
Capabilities
› Introduced in response to Bypass Fraud, but evolved to cover fraud risks across the telecom services
spectrum
Negative Scenarios Trend AnomalyBehavioral Match Proportional AnomalyThreshold Breach
Powerful near-real-time detection capabilities with arithmetic rules built for anomaly detection which now supports near real time evaluation for limited look back period.
Mobile App
On the go fraud alerts and decisioning with a new Mobile App - supported by clean & simple tools to assist investigation & continuous improvement powered by intelligent charts & dashboards
www.subex.com 32
**These are wireframes – Not the final look and feel
www.subex.com
Intelligent Alarm Qualification
33
Its purpose is to prioritize the alarms in the system by scoring them in the range more accurately and intuitively.
Intelligent Alarm Qualifier (IAQ) is a powerful Machine-Learning module which uses Hidden Markov Models.
IAQ
92
Likely to be
Fraud
16
Unlikely to be
Fraud
IAQ is built on the concept of Pareto Principle – 80% of effects come from 20% causes
Questions & Answers
www.subex.com 34
Questions?
Please send us your questions using the ‘Chat’ option available in the Webinar window.
Thank you
www.subex.com
For more information on ROC RA/FM, visit www.subex.com
Mail us additional questions/suggestions to