July 16, 2019
Ever since the first call was made more than a century ago by Alexander Graham Bell, fraudsters have sought to defraud, scam and monetize the various methods used to communicate. Evolving from simple impersonation in the early days of telephony, fraudsters today are using stolen credentials taken from high-profile data breaches to open fraudulent accounts, launch account takeover attacks and dupe genuine customers in sophisticated social engineering scams.
Amid increased customer expectations and competition from new providers, telcos are becoming increasingly burdened by fraudsters looking to capitalize on the increased distribution and demand of communications in the digital era. As fraudsters look to make profit from premium handsets, financing and post-paid SIMs, operators must be able to detect and block fraud while delivering a frictionless experience for good customers. As criminals become less decipherable from customers, telcos must rethink the way they authenticate customers online.
Detecting Telecommunications Fraud Throughout the Customer Journey
The proliferation of personal credentials exposed in breaches has established identity subscription fraud as the top fraud method impacting the telco market today, costing an estimated $2.03 billion in global fraud losses1. Telcos are faced with having to identify fraudsters signing up for new accounts using stolen identities, who are using fraudulent accounts to:
- Generate revenue from the reselling of premium handsets
- Default on large phone bills
- Commit international or domestic revenue share fraud
New application fraud adds to the challenges faced by telcos, with $1.93 billion2 estimated to have been lost globally to subscription fraud. Increased market competition among providers, coupled with consumer demand for mobile, has driven providers to offer finance/ credit agreements for handset and SIM packages. Fraudsters are using stolen credentials to apply for financing, then reneging on payments.
Telcos need to be able to detect and block fraudsters signing up for new accounts using stolen identities, whilst also dealing with the growing problem of fraudsters trying to take over good user accounts. With global fraud losses from account takeover estimated at $1.66 billion3, fraudsters are becoming increasingly adept at targeting weaknesses in genuine customers. Exploiting the human element, fraudsters are:
- Creating sophisticated social engineering and phishing scams in order to gain access to genuine customer accounts.
- Ordering new handsets, making calls and committing international or domestic revenue share fraud once a genuine account has been taken over.
The impact of account takeover fraud extends past the monetary, with the possible suspension of all other services supplied by the provider if an account is compromised.
Effective protection against fraud in telecommunications relies on accurately distinguishing between legitimate customers and cybercriminals in near real time. Walking a tightrope between customer experience and security, operators require an enterprise level fraud solution which effectively detects high-risk or anomalous behavior, securing logins and protecting against account takeover.
With account takeover ultimately impacting brand, reputation and the retention of customers, telcos must be able to identify when a genuine customer is being manipulated into sharing confidential information or access to accounts.
Using Digital Identity Intelligence to Detect and Block Fraud While Reducing Friction for Good Customers
The ThreatMetrix solution helps telecommunication providers to genuinely understand the digital identity of its connecting users and enables operators to more accurately detect and block fraudulent behavior. Bringing unparalleled intelligence to the entire customer journey, telcos can leverage Digital Identity Intelligence to accurately identify high-risk and unusual behavior at new account registration. Using dynamic, behavioral history from the Digital Identity Network, telcos are able to understand the trustworthiness of connecting users by analyzing such attributes as location, device and behavior anomalies. What’s more, telcos are able to detect and block potentially fraudulent behavior before a new finance/credit agreement is issued by tapping into the crowdsourced intelligence from the Network.
The ThreatMetrix solution also delivers multiple layers of defense against account takeover, enabling operators to detect suspicious behavior or compromised devices before accounts are infiltrated by fraudsters. This approach allows organizations to verify that customers are who they say they are, every time. In addition, ThreatMetrix helps to minimize friction by recognizing up to 95% of returning customers.
Underpinning the ThreatMetrix solution is the Digital Identity Network®, which collects and processes global shared intelligence from millions of daily consumer interactions including logins, payments and account applications. This intelligence feeds into the ThreatMetrix Smart Authentication framework, which combines risk-based and Strong Customer Authentication (SCA) for a low-friction approach to authentication. In addition, Digital Identity Intelligence is also leveraged by key components of the ThreatMetrix Dynamic Decision Platform, such as Behavioral Analytics and Machine Learning, to better distinguish between trusted and potentially high-risk behavior.
ThreatMetrix is able to significantly reduce fraud in telecommunications by providing:
- End-to-End Account Protection: In every step of the customer journey, be it new account creation, login, or payment, ThreatMetrix is able to detect fraudsters in near real time. Leveraging the power of digital identity intelligence, ThreatMetrix analyzes access requests in real time to identify suspicious patterns, compromised devices, unusual locations (including attempts from known botnets or VPNs) and suspicious configurations. Further protecting against account takeover, ThreatMetrix is able to detect malware on a legitimate user’s device, as well as detect activities bots/scripted mechanisms and takeover attempts from the mobile channel.
- Protection Against Account Takeover: ThreatMetrix can help prevent account takeover by detecting fraudsters attempting to access an existing account using credentials obtained through phishing attacks, keylogging, breaches or brute force techniques.
- Protection against Fraudulent New Account Applications: By leveraging the ThreatMetrix Digital Identity Network, the largest repository of crowdsourced intelligence in the world, telcos can gain deep insight into nearly one and a half billion tokenized user identities, enabling them to detect fraudulent new account requests using stolen identities, automated botnet account creation, and crime rings using pooled identities.
Identity Verification and Authentication
- Frictionless Customer Experience: Using Digital Identity Intelligence from the ThreatMetrix Network, ThreatMetrix can help telcos identify low-risk customers applying for a new account, as well as authenticate trusted, returning customers in near real-time with no associated friction. This prioritizes a streamlined online experience for good customers without compromising security.
- Smart Authentication: ThreatMetrix combines risk-based authentication and strong authentication services for high-risk transactions. Most transactions can to be passively authenticated in near real time by comparing event data to device, location, identity, behavior and threat intelligence held in the Network. Transactions that require further review can be seamlessly routed to step-up authentication services for additional assurance.
Using ThreatMetrix, a major European CSP (Communication Service Provider) was able to significantly reduce fraud and achieved ROI in just three months. ThreatMetrix helped the telco to differentiate fraudsters from trusted customers in real time, while reducing friction for good customers.
The ThreatMetrix Advantage
In order to fight fraud, financial services require a solution that can evolve as the fraud and financial crimes landscape evolves. ThreatMetrix will support them through the following key capabilities:
- An Unparalleled Network: The ThreatMetrix Digital Identity Network protects 1.5 billion unique online accounts using intelligence harnessed from over 3 billion monthly transactions.
- A Comprehensive End-to-End Solution: Universal fraud and authentication decisioning across all use cases and throughout the customer journey.
- Bringing Digital Identities to Life: ThreatMetrix ID combines a unique identifier, a confidence score and a visualization graph to genuinely understand a user’s unique digital identity across all channels and touchpoints.
- An Integrated Approach to Authentication: Flexibly incorporate real-time event and session data, third-party signals and global intelligence into a single Smart Authentication framework, to deliver a consistent and low-friction experience with reduced challenge rates.
- Advanced Behavioral Analytics and a Clear-box Approach to Machine Learning: ThreatMetrix Smart Analytics analyzes dynamic user behavior to build more accurate, yet simpler, risk models. The result is a competitive edge in customer experience with reduced false positives, while maintaining the lowest possible fraud levels.
- Privacy by Design: ThreatMetrix is unique in its ability to solve the challenge of providing dynamic risk assessment of identities while maintaining data privacy through the use of tokenization and encryption.
- Rapid, Lightweight Deployment: The ThreatMetrix solution is cloud- based, providing simple and straightforward integration with existing systems.
1 CFCA Global Fraud Loss Survey 2017
2 CFCA Global Fraud Loss Survey 2017
3 CFCA Global Fraud Loss Survey 2017