MACH Insights

Are you detecting and preventing roaming arbitrage successfully?

Written by MACH | May 6, 2021

Roaming fraud remains a significant risk for operators. The impact of service abuse or arbitrage on Mobile Operators’ profitability is critically important when roaming margins are under constant pressure.

While wholesale charges are regulated in several countries such as within the European Union (EU), retail packages are offered at a very competitive price, especially with the introduction of Roam-Like-At-Home (RLAH) offerings that aim to increase the number of active roamers and provide them a better experience while traveling. However, the delivery of roaming services represents a considerable risk because of two main reasons:

  • The call information must be provided from the visited operator to the home operator, which causes a delay in the analysis and detection of fraud, unless real-time signaling-based protection systems are deployed.
  • The risk of arbitrage fraud has increased due to the possibility of fraudsters earning a payout per minute on revenue share numbers higher than the retail costs of the voice calls and SMS.

 

Protecting the visited network also.

Historically, roaming fraud has been a very serious risk for home operators where roaming was a perfect scenario to commit international revenue share fraud (IRSF).

A typical IRSF consisted of these steps:

  • Use a stolen SIM or illegally obtain a SIM in a phone.
  • Activate selective diversion call forwarding in a transit network to a list of revenue share numbers to short-stop the calls to an automatic answering machine.
  • Make several calls to this phone number or simply use a dialer application to originate calls, also making simultaneous calls, from this phone.
  • Keep making these calls and benefit from the payment chain thanks to the “short-stopping method”.

In most of the roaming fraud cases, the IRSF attack is directed to unallocated numbers or exceptionally expensive geographical destinations, and the home operator had to pay the visited network for the cost of these fraudulent roaming calls.

Operators always thought that as a visited network they were not exposed to roaming fraud if they complied with their roaming agreement obligations and provided the call records in time to the home operators. However, the visited operators have become more exposed to roaming fraud due to reduced roaming margins caused by market competition and regulation, and increasing fraud possibilities through arbitrage. Indeed, the visited operator needs protection against arbitrage and the abuse of their wholesale roaming tariffs, especially if they offer a flat fee discount model for voice calls to their roaming partners.

Moreover, despite the fact that the telecom market is highly competitive, when it comes to fraud protection and awareness, there is good collaboration in this community to make sure that fraud events are stopped immediately and prevented. Operators also look after their own reputation with partners and customers, especially to avoid traffic being steered away or churn. The question is not solely who has to bear the cost of fraud, but how this community can be better equipped to fight against it.

 

Best ways to defend against these new types of roaming fraud.

The abuse of roaming tariffs is also being used for other fraud types apart from arbitrage, such as:

  • SMS fraud when retail roaming tariffs also include a huge number of SMS in the monthly bundle subscription.
  • Interconnect fraud where international calls are converted into a VoIP call and then terminated via a SIM box using roaming SIM cards with a RLAH retail tariff.

Professional fraudsters find roaming fraud a lucrative area with little risk of being apprehended. Very often these fraudsters do not make the calls, but rather provide the means for others to make the actual calls and SMS, and then share the resulting money made.

Until now operators have been tracking high usage in roaming and hot listing, or forbidding, calls to expensive international destinations or to unallocated numbers to protect against roaming fraud. However, this is no longer sufficient! TOMIA sees that the numbers used in roaming fraud cases vary constantly and there are more cases with fraudulent numbers in European countries such as the UK, Belgium, Poland and other countries where RLAH tariffs apply. Consequently, a protection method based on the tracking of fraudulent numbers does not solve the problem.

New techniques are needed to protect both the visited and home operators, and the most effective tools are:

  • Real-time anti-fraud systems for roaming that limit the time window that fraudsters have before their calls are analyzed. Roaming features and call destinations are blocked or restricted based on their associated risk. Its main advantage is to block fraudulent calls and still allow the legitimate ones by real-time decisioning.
  • Analytics, where advanced rules and anomaly detection identify the fraudulent activity of arbitrage and the new types of roaming fraud.

The fraud detection and prevention market is extensive. Most likely, mobile operators have already deployed a few different solutions to cover different business areas and services. The main challenge is to ensure that these solutions, a real-time rule-based anti-fraud engine or a service that runs on top of the clearing file exchange or a fully functional FMS with anomaly detection, all work coherently to fight against new fraud methods that appear every day.

To learn more about TOMIA’s offering for fraud prevention, please contact us: marketing@tomiaglobal.com