CDRs not enough for fraud detection

Features

Basing future fraud prevention on Call Detail Records (CDRs) could leave systems seriously short of the mark, according to Neural Networks.

"The traditional approach to fraud detection has been based on CDRs but with the introduction of data services these are not the only source of communication informa-tion and they also mean that action is always reactive," said Jason Lane-Sellers, senior fraud consultant at Neural Technologies.
He further stated that as most systems work by setting rules and thresholds that are designed to trigger alarms, the sheer amount of data being passed to fraud analysts makes their jobs impossible from the start. "It is not unusual for 1500--2000 alarms to be  triggered every four hours. A fraud analyst can process a maximum of 17 of these a day."
What Neural Technologies has produced is a fraud management system that combats both these issues head on. It takes data from a range of sources, including the data-specific elements in the application layer and authentication server, as well as CDRs. It then runs that information through a two-tier automated analysis process. This brings into the process a high level of behaviour modelling and individual profiling which constantly learns from activity on the network and enables the system to deliver a dramatically reduced number of potential fraud alarms to analysts. "60-80% of the alarms which run through the second stage are fraud. With other, single tier systems, this figure is less than 1%."
He further suggested that this was not only soul-destroying for those faced with analysing the reports but it also affected customers as they could find their accounts stopped by systems unable to identify whether they were perpetrating fraud or not. This is particularly important as, he suggested, "The best fraudsters also look like your best customers."
A worst case scenario would therefore be an international traveller who consistently found his account blocked when abroad because the system identified him as making 'unusual behaviour.' If the system is incapable of learning and inaccurate actions are repeated then the likely outcome is churn.
So confident is the company in its system, that Neural is now offering it to operators on a performance basis. This means that operators will only pay if savings are made. Neural is willing to offer this as a stand-alone option or in conjunction with more traditional payment methods. Sprint, for example, is paying for its system by a combination of licence fee and a capped performance payment.
However Lane-Sellers, himself a former fraud manager at Vodafone UK, had another word of caution for operators, "80% of fraud can be sourced back to the subscription process. It can be hidden as bad debt and then identified as complicated types of fraud but it all comes from that starting point. Operators need to address this and prevent it happening."