Last week’s Fraud & Security Group meeting in Paris saw the fraud experts in the GSMA operator and vendor community meet to share news, information and best practice. At the event, we took part in a session looking at how the insights gained from biometrics, machine learning and analysis can be used to combat fraudulent activity.
The use of voice biometrics to identify fraudulent activity is a new area under exploration. As an example, although fraudsters trying to carry out an International Revenue Share Fraud (ISRF) scheme might use a whole host of international phone numbers, they will almost certainly have a very limited number of recorded interactive voice messages. Voice biometrics could be used to detect that a whole host of apparently random phone numbers across multiple countries all have the same voice.
But in the world of telecoms fraud, ‘biometrics’ are about more than voice. There’s another form of biometrics that could be used to reveal the DNA of a fraud scheme – and that is about recognising the patterns of behaviour that are effectively the fingerprints of fraudulent activity. That’s where, machine learning and analytics can be used to search for and highlight some of the characteristics are associated with fraud.
The reality is that – as much as the fraudsters seek to camouflage their behaviour to make it appear like normal activity – it will never be successful in completely disguising what is actually happening. Normal users want to communicate with other users – often within a fairly tight group of friends and families that feature heavily in their calling patterns. Fraudsters only want to make money and the DNA of the calling patterns are therefore very different.
So, whether the fraudsters are attempting a form of IRSF, SIM Box fraud, or the so-called ringback Wangiri fraud, a machine is very adept at both identifying this type of behaviour and also continuously monitoring and building its sum of knowledge to improve the accuracy and reliability of its findings. In fact, it is the insight gained from these findings that is critical to the eventual success of these deployments. Because a low number of false positive findings results in higher levels of efficiency in detection and therefore the potential to introduce fully-automated response to counteract fraud.
Biometrics can also apply to the devices themselves as well as to individual users or gangs of fraudsters, with device biometrics being particularly critical within an IoT environment. In fact, when it comes to the IoT we see both human and device biometrics playing a key role. From a device perspective, a form of biometrics can be used to validate and authenticate that any device trying to connect to the network is properly recognised and authorized. At the same time, IoT control systems that have an individual supervisor will naturally move to biometrics to authorize any changes to the system.
Delegates at the event were shown how these types of developments have moved beyond the design and planning stage. We were presenting, in one of the closed sessions, some of the findings from our first active evaluations of voice biometrics and voice to text conversion – evaluations that have been undertaken in live trials as part of a next generation automated fraud validation and prevention solution. There seems little doubt that ‘biometrics’ can play a huge role in the ongoing fight against fraud.