20.5k unique visitors in the last 3 days

Fraud Intelligence and APIs: The Answer Is Staring Us in the Interface

Fraud prevention is a goal that be oddly disconnected from other developments in the technology of telecoms.

Every third conversation I have about tackling frauds will touch upon the divisive subject of how to exchange pertinent information. It seems a lot of people agree that information should be shared, whilst disagreeing about how to do it. Meanwhile, the internet-ification of the comms industry continues at pace, and that means some of the biggest industry players are betting on Application Programming Interfaces (APIs) providing a vital key that will unlock value from comms networks. Ericsson has unveiled a new joint venture that will supposedly encourage developers to explore a variety of new use cases powered by network-level APIs, and the venture involves many big telcos, including América Móvil, AT&T, Bharti Airtel, Deutsche Telekom, Orange, Reliance Jio, Singtel, Telefonica, Telstra, Verizon and Vodafone. Google Cloud and Vonage will partner the new nonprofit entity, which is jointly owned by all the participants, and other telcos are being encouraged to join. The entity, which has not been named yet, will take advantage of open-source APIs that have already been defined by the CAMARA project steered by the Linux Foundation and the GSMA. CAMARA followed this news with an announcement on Monday of a “major release” of 25 APIs that have been “vetted and tested through rigorous release management processes”. Some of these APIs will have already caught the attention of anti-fraud professionals because they provide number verification or they advise if a replacement SIM was recently issued. The latter provides a signal to other parties, such as banks, about the risk that SIM swap fraud is being used to attempt to gain control of a bank account or other online service.

It is not for me to point out that the big ideas that big people put into big press releases often begin as big ideas by little people who do not issue press releases. You can decide for yourself the significance of news about CAMARA’s major release given that the first example they highlighted is the same SIM swap API that scores of telcos have already publicly said they have implemented in dozens of countries. And some of you may have noticed that all this good news about SIM swap APIs sounds a bit like some news about SIM swap APIs implemented in Africa before anybody in a Western country decided SIM swap fraud prevention provides the very best example of the positive benefits of network APIs. But what I did notice this week is that I have been drafting the Mobile Ecosystem Forum’s response to a UK regulatory consultation that asks how the roaming status of users may be interrogated so that inbound international calls which spoof the mobile number may be blocked. And I also noticed that some other people, who are mostly American, and who have no interest in this UK regulatory consultation, have been separately discussing how the One Consortium will develop a framework for tracing the origin of bad international calls so they can share this advice with a mostly European group of regulators, including the UK regulator. Being a little person with no great assets beyond this website, I know it is contentious to argue that instead of wasting time on arguing the merits of how to do one thing to stop one kind of fraudulent activity in one way, and how to do another thing to stop other kinds of fraudulent activities in other ways, that everyone should step back and see a general pattern for how we should tackle challenges like these.

In general, we would save time and money if we all collectively planned to use APIs to tackle fraud by securely exchanging information, with the appropriate parties, about who is roaming, or whether such-and-such call really did originate on a particular network, and various other information that could be used to identify bad actors and block bad traffic. The bulk of the saving would come from realizing that an API initially created to prevent this fraud may also be leveraged to reduce that fraud. This industry has an unfortunate tendency of working back to solutions from specific instances of crime, instead of looking for overlaps where the same methods could be used to mitigate several types of abuse. For example, if a SIM is being used to generate a lot of spam P2P messages in a short period of time, it would be useful to know if that SIM had recently been swapped, before the police arrests the wrong person. However, this is always a contentious argument because many other people will want to solve these problems in several other ways, and much can be said about the relative advantages and disadvantages of everything they propose, when they only look at each problem in isolation. However, I retain hope that the simple ideas of little people sometimes get copied because they are right, even if the credit invariably lands somewhere else.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email