Tag Archives: Machine Learning

IRSF Fraud: there’s more to this than meets the eye!

How big is the impact of the IRSF Fraud and how are the attacks launched?

International Revenue Share Fraud (IRSF) is one of those fraud types that has been alive for two decades now, all because of the fraud being intricate in its pattern while the approach to it being still very reactive. Here, the motive of the fraudster is to abuse a telecom operator’s network infrastructure to artificially inflate traffic onto high-risk international destinations with the intention of non-payment. This fraud is common to multiple geographies and has estimated for a fraud loss of USD 6.1 Billion (The highest fraud loss contributor) as per the Communications Fraud Control Association (CFCA) Global Fraud Loss Survey, 2017.

Lack of adequate steps taken to protect the network has caused this fraud to grow by leaps and bounds. In this fraud, the attacker usually tries to exploit the vulnerabilities of the Telecom Service Provider’s assets and attacks by either calling to unallocated number ranges or land calls onto international premium rated services or illegitimately route calls to short stopped mobiles. PBX hacking and abuse of promotional services are often the commonly used methods for executing the fraudulent practices. The fraud is also quite common with many fixed line providers.

In my experience of working with multiple operators, globally, I feel that the most common challenge faced by operators is in understanding the fraud pattern and method used by the attacker. The impact to operator becomes brutal when fraudsters use unknown patterns of execution and sophisticated techniques to attack the network. IRSF attack from roaming network, call conferencing, call forwarding, calling cards, negative margin abuse for products and services are among the more popular methods for fraudster in launching attacks.

Also, the lack of regulatory precedence in governing the way of carrying out business with international carriers is quite laxative now, setting the perfect breeding ground for fraudsters to flourish.

Why has this fraud grown in leaps and bounds and how do I ensure control Proactiveness?

Now here is the bummer – the traditional and reactive fraud countering mechanisms as of date do not have a full-proof solution, and one of the biggest reasons is that there are not enough fraud controlling strategies, mechanisms, and systems in place. IRSF, unlike other fraud types, requires a continual and proactive measure for control. More than just the “run-of-the-mill” detection techniques, the fraud type requires a well-planned control and mitigation steering strategy and here are six simple strategies, to begin with:

  • Fraudulent practices have become cleverer over time.

If we brag of the fact that the fraud detection technologies have become quite sophisticated over time, we must not forget that the fraud practices too have gained an equal amount of intelligence. Fraudsters these days are quick to realize technology loopholes and system fault lines. It does not take much for fraudsters today to detect the fraud finding patterns and control logic of Telecom Service providers and identified the loophole in the system. Study of method and pattern become a critical process.

  • Demoralize your IRSF attacker.

Letting your attacker attack you to dig his own grave sounds like an oxymoron? Actually not! It is, in fact, possible to have a honey -trap system in place where you lure the attacker to launch his/her attacks onto it without a fruitful outcome. The more the attacker’s attempts fail, the less hopeful he/she gets to strive any further.

  • Think of the customer and protect their interests

IRSF not just drains away revenue resources but also can cause customer dissatisfaction, causing them to churn out of the network eventually. Hence it is crucial that we don’t ignore whenever a customer complains of frequent cross-connections or call diversions for international calls.

  • Have an “Anytime-Anywhere” vigilance strategy with automation to your advantage

There is no denial to the fact that detection processes for IRFS are very complicated and resource intensive. However, having the right strategies, the right processes with the right amount of automation applied to them can help the business in a significant way. I personally recommend a 24 x 7 detection strategy to be put in place to counter the IRSF attacks. From the cases that I have dealt with, it’s my observation that the IFRS attacks happen round the clock, including the wee hours of the morning or off-business hours. Having a rotational manpower strategy can really work wonders at times. However, there could also be instances where having a 24*7 approach may not be possible owing to the lack of capital or high cost of human resources. In such instances, the automation of detection processes will be of value.

  • Never ignore Negative Margins

Negative margins can occur at any level. It could emerge while planning the pricing strategies of the products, services, use of calling cards in international destinations or Interconnect agreements. Feeble margins on profits can often open a Pandora’s box for fraudsters. Just the basic knowledge on negative margins is enough for fraudsters to break open mayhem. Trend reports on traffic patterns with priorities given to partnerships with frugal margins can save the day!

  • Pursue Strategic Knowledge Partnerships to establish Fraudster Intelligence

Sharing knowledge and having a supportive ecosystem for interaction with carrier partners and vendors in the value chain can be a practical step closer to proactiveness. Also, MoU’s established with knowledge bodies and CoEs like GSMA, CFCA, and others can help the TSP gain information such on PRS test numbers and services, high-risk range numbers, unallocated number series which can be used as vital sources of references to counter this fraud.

When I say, a reactive approach for IRSF fraud, I mean that much of the effort and systems built towards countering the fraud is in silos and so are the human efforts that go into it. By a proactive system, I would mean a system that is quite unified in its approach and can perform end to end operations associated with the fraud type. One of the many ways of building a more unified system is to go the AI (Artificial Intelligence) way. A well thought out AI technology strategy can really help detect the fraud at a very early stage and help you choose the right controls for specific problems in question. It aims to reduce the time taken by the laborious human efforts that goes into the detection stage while helping analysts and investigators concentrate on the need of the hour. Much as the famous English saying goes “Every Cloud has a silver lining,” the impact of the IRSF can considerably be reduced by just broadening the organizational perspectives towards the fraud.

Vijay Amirthraj

Vijay is a Principal Consultant in Subex’s Managed Services vertical, focusing on Fraud Management. He has over 12+ years of experience in Telecom fraud, & Revenue Assurance management professional with  progressive experience in process management and managing risks in telecom business.

Why Artificial Intelligence Powered Fraud Management

Artificial Intelligence (AI) is not new and it has been around for decades. However, with the advent of big data and distributed computing that is available today, it is possible to realize the true potential of AI. From what started as an interesting story line in SCI-FI movies to programs like Alpha-Go which has been beating humans, AI has been evolving. AI also has branched out into multiple sub categories such as Machine Learning, Deep Learning, Re-enforcement learning etc.

An effective Fraud Management (FM) strategy includes 3 important pillars: Detect, Investigate & Protect. We believe AI can positively influence all the 3 pillars of fraud management, from reducing false positives to helping in mining root cause analysis to creating enhanced customer experience in protection.

In this post I would like to look at the starting pillar of the Fraud Management strategy – “Detection” and look at AI’s influence in this very important step. A traditional approach to Fraud detection has been through Rule Engines which could be:

  • If-Else Conditions
  • Thresholds
  • Expressions
  • Evaluating Data Patterns
These are widely known as deterministic solutions where an event triggers an action. The biggest pros and cons with this approach is that human intervention is needed to feed the logic.

For eg: for a threshold based detection humans have to feed the rule engine that count of records above a certain threshold is suspicious.

Following diagrams shows how this looks like


After looking at the diagram above an important question arises, should this threshold value be a straight line or can it bend based on how data behaves. Now there are ways for rule engine to behave like mentioned in the diagram,


for eg, instead of having a single rule lets have multiple rules

  • Per Customer Category
  • Per Destination
  • Per Age of Customers

And multiply that with other dimensions in data which are

  • Phone Number
  • Caller Number
  • Called Number
  • Country Code

And multiple that with other set of measures per dimensions

  • Count
  • Duration
  • Value

And throw an additional billion volumes at the datasets

Quickly FM teams ends up with something like this
AI Blog1
But what they wanted or dreamt was this
AI Blog2

Now I am not saying FM teams are not skilled enough to fly, but a fraud team in a modern Digital Service provider should be more focused on other important factors.

So, let’s look at how a very evolved class of Artificial Intelligence known as Machine Learning looks at this problem statement. Rather than humans feeding domain information or thresholds, Machine Learning Algorithms mine data from historic fraudulent behaviors and create models. These models are then used to evaluate real production datasets to score whether they certain activity is fraud or not. An advantage is that these models are very good at looking the datasets from multiple dimensions and measures at the same time and concluding whether event is fraud or not.

This approach thereby helps in achieving multiple KPI’s of fraud management teams there by increasing efficiency.

  • Higher Accuracy – Because AI can learn and adapt to Business scenarios faster, AI can significantly increase True Positive ratio
  • Reduced time to detect – How fast a fraud event can be detected
  • Self-Learning – How over a period changing business scenarios and seasonality in data can be adopted to Fraud detection
  • Fraud Intelligence– How customer or any other entity behaviors can be learnt and categorized for better fraud detection
  • Proactiveness – Ability to mine for unknown patterns not seen in the data earlier

Application of Artificial Intelligence has its own significant challenges and requires a new frame of thought, however looking at the Data Tsunami that has hit the fraud management teams, it looks an AI pro approach would only help Fraud Management teams to scale further.

Nithin Gangadharan

Nithin has more than 10 Years of experience in Fraud Management. He started his career as an Implementation Consultant with Subex Ltd and has been part of many Fraud Management implementations across APAC & Middle East. He has also been a Subject Matter expert & Business Solution Consultant earlier. Nithin is currently working as Product Line Manager for Fraud Management and machine learning developments at Subex.

Get Started with Subex