FMS Vendors Must Also Collaborate in the Fight Against Fraud

The telecoms industry often talks about the need for collaboration to combat fraud. When they do, there is usually an unspoken assumption that collaboration occurs between telcos. But few problems can be solved by simply asking communication providers to work together, without also engaging the skills and resources of their suppliers. We know this from other industries, and even from other challenges faced by telcos. But despite the longevity of some people working in fraud management, it has yet to be fully appreciated by the suppliers and users of fraud management systems. However, that may change soon.

When a Boeing airplane crashes we expect the manufacturer to explain what went wrong and what they need to do differently to prevent further crashes. We do not wait for airlines to work independently to solve each problem for the Boeing planes in their separate fleets. The airline is the customer, and they have an interest, and they may also be to blame for a crash. But we do not expect the customer to be held responsible for making improvements to the airplane that they purchased, because we know the same supplier will have delivered the same type of airplane to other airlines. The supplier also has the relevant know-how to make necessary changes to their planes, whilst the airline does not.

Collaboration is also normal amongst suppliers when there are security hazards with technology. If an IT business finds a vulnerability in somebody else’s product, they should notify that supplier, and give them time to fix the issue before they tell anyone else. This is the responsible way to do business, and it is good for everyone in the technology sector. Various conventions and protocols have evolved to facilitate the exchange of security information between commercial entities that might otherwise compete with each other. They do this to best serve the interests of all customers everywhere.

Telecoms fraud is increasingly allied with security, because security weaknesses will be identified and exploited by criminals. This is why I would argue that vendors need to collaborate as effectively in fighting fraud as they do when identifying and resolving security issues. But this would be a novel expectation for vendors of fraud management systems (FMS). They have typically worked independently of each other, addressing issues in their own way. They have not sought to work together in order to better protect telcos and subscribers from fraud. However, I believe that may be about to change.

Regular readers will have guessed that I am referring to the RAG Wangiri Blockchain, an initiative which launched in 2019 but whose origin lies in conversations that began many years earlier. An API for the blockchain will mean vendors will only need to make slight modifications to fraud management systems in order to exchange data about wangiri fraud with a global distributed database in real time. As a consequence, telcos will be free to share information about the fraud attacks that have happened to their customers without the delays and rigmarole previously required to maintain an industry-wide database.

The development of the blockchain technology is a vital enabler for the wangiri blockchain consortium, but it was just as vital to get telco fraud managers and vendors of fraud management systems talking seriously about the mutual benefits of working together like this. Many expressed an intention to help, but action was slow. Some of the people who talk most often and most loudly about collaboration have been most reluctant to change. They may worry about the implications of helping their rivals when they would prefer to obtain a commercial advantage by building networks for data exchange that are exclusively available to their customers. Or they may work for a telco that theorizes they should receive data about the frauds committed elsewhere, but will not profit by giving the information they already possess. In the world of security, these businesses would rightly be considered irresponsible.

But things are changing now. Many vendors are stepping up, encouraged by telcos who want to share data about fraud. Some of the telco fraud managers who found it difficult to obtain budget to support cumbersome ways of sharing information are excited by the prospect of doing it seamlessly through the fraud management systems they already own. The FMS vendors also see the advantage of empowering their community of users by helping them to analyze and make decisions based upon a global pool of information, not just the data that the telco collected from its network.

We need to encourage vendors to do the right thing, and reward them when we do. For example, telco fraud managers should ask their existing suppliers about whether they intend to support the RAG Wangiri Blockchain. If not, the supplier should be asked if they intend to do something else to facilitate the exchange of fraud data, and when they will actually deliver. If telcos create the demand, then more vendors will respond, and they will do it more rapidly.

Even if you think the RAG Wangiri Blockchain is the wrong solution to the wrong problem, then I would still argue the onus is on you to make collaboration happen through the automated exchange of fraud data via existing fraud management systems. The principle is sound. The technology exists, and it works. The greatest obstacle to change is how people currently think about the problem, which is why I began by observing that the communities who focus on airplane safety or technology security both think very differently to what is considered normal for telecoms fraud management.

In telecoms fraud management the expectations have been too low for too long. That is not to denigrate the efforts of those people who did their best to make collaboration happen. But we must reflect on how few were both able and willing to consistently help them. People are good, if it is easy to be good. Businesses are the same, because they are run by people. We can be much better at fighting fraud. Change is possible now because we can make it easier to be good.

I have been impressed and surprised by the number of businesses that have already engaged with the RAG Wangiri Blockchain. Once we establish this can be done for wangiri, then it will be much easier to share data to tackle other kinds of fraud. Anyone who has followed me since my early blogs, over 13 years ago, knows that I was not shy to criticize vendors when I felt it necessary. Many were upset by the things I said, though many others appreciated hearing messages that contradicted the marketing spiel circulated by vendors. So now I have no hesitation in praising vendors who are acting in the best interests of our community, and of phone users generally.

Here is a video I gladly recorded for Subex, a leading vendor of fraud management systems. I thank them for choosing to join the RAG Wangiri Blockchain and making it accessible to all users of their ROC FMS. I would do the same for any other vendor that believes an extreme close-up of my ugly mug might help their business. Let us all get behind the vendors who are making it easy to collaborate in the fight against fraud. They are showing we can lift expectations and aspire to defeat telecoms fraud everywhere.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.