ORLANDO, Fla.-For the first time in seven years, Tom Wheeler, president of the Cellular Telecommunications Industry Association, was able to say, “We’ve turned the corner on fraud.”
Addressing some 700 attendees of the Wireless Fraud ’97 conference here last Tuesday, Wheeler compared the industry’s victory to Civil War strategy, saying that fraud busters had “attacked, lost, moved and attacked again” when it came to developing methods to cut cloning, the most prevalent form of fraud in recent years. With more companies installing authentication software into their systems and manufacturers following suit by creating and selling authentication-ready phones, cloning-while still a problem-is on the decline.
According to Bell Atlantic’s Mary Chacanias, wireless fraud is a $12 billion global problem, with $4 billion concentrated in the United States alone. How does this compare with fraud losses in other industries? “Retailers say shoplifting is a $320 million problem,” she said.
“Authentication now, authentication tomorrow, authentication forever in all systems across the country,” Wheeler continued. “And then you go into RF fingerprinting, and it has to be interoperable, but it isn’t to this day. And we have to protect the network from hacking.”
“There is not a facet of the business that isn’t impacted by fraud,” added Brian Green, director of authentication within the Fraud Technologies Group of AirTouch Cellular. “Thieves are like squirrels trying to get into a bird feeder, and they are well-funded.” In addition to authentication and RF fingerprinting, which can detect a fraudulent “subscriber,” profiling and personal identification numbers also are tools to curtail fraud; however, all participants admit that authentication is the easiest and cheapest method to implement at this time, and it works.
“Authentication has been called strong medication for fraud. Sometimes it tastes bad, but if taken as directed, the patient recovers,” commented Michael Redden, director of revenue security for AT&T Wireless Services Inc. His company has rolled out authentication in 105 of its cellular markets and has followed on with RF fingerprinting in four others; authentication also is available in all of its personal communications services markets.
The key questions fraud managers have to ask themselves is how aggressively do they want to install the program-In all switches? In some? How many customers do you want to authenticate and by when? And how do you work around old customer phones that migrate into your network when subscribers switch from the competition to your service? Do your roaming partners use the same fraud-stemming systems?
Because any fraud program costs money to implement, smaller wireless carriers have to do their homework to decide when and what to install. Jeff Watson, security and fraud manager for Public Service Cellular of Georgia, said his company felt pressure from carriers in larger markets because their installation of fraud measures pushed criminal activities into the smaller, unprotected markets. However, the cost of fraud losses in the coming years pushed Watson to install authentication and to make sure roaming and border-area partners did so as well.
And don’t leave authentication administration only to the fraud division, Redden said; it’s a companywide problem. The team should include representatives from engineering, customer care, marketing, information technology, training and finance.
Even as cloning declines, a more insidious-yet solvable-form of fraud is on the rise-subscription fraud, when a potential crook assumes someone else’s identity and, possibly, his or her credit information to gain access to wireless service, even for a short time. According to conference attendee Thomas Sloan Ford of Vanguard Cellular, “Subscription fraud is the carrier’s fault for not doing a good enough job at the front end, and cloning is technology’s fault. Cloning has been solved, but subscription fraud is easier because we just shut the service down when we get the first sign that personal information is bad. I’d rather deal with subscription fraud than cloning.”
PCS operators also are looking at fraud measures, even though digital technology is harder to crack. Brian Coderre, director of revenue assurance at Aerial Communications Inc., a Telephone & Data Services PCS subsidiary, has six GSM PCS markets in operation. While there have been no instances of cloning, there has been subscription fraud, and certain employees have been “compromised” by crooks paying high prices for customer information. Fraud accounts for 2 percent to 3 percent of bad revenues at Aerial.
Because he sees subscription fraud growing in the next 12 months, Coderre has instituted a program of validating all new customers, shutting them down if welcome letters are returned because of a bad address, and monitoring phone-usage patterns. Because the company’s GSM footprint is small, it wants to roll out dual-mode roaming, which will cause fraud problems due to its analog component. Cross-cultural teams made up of all roaming partners will be put in place, and Aerial will guarantee roamer authentication.
Persistance and multiple methodologies will win out in fraudbusting. “Remember, there is a difference between wireless companies and criminals,” AirTouch’s Green pointed out. “They have no budgets or managers to contend with, and if they fail, they don’t get demoted. They get terminated.”
