 |
|||||||
 |
 |
|
|||||
Cellular Business
June 1996 Roadmap to an Industry Fraud SolutionBy Roseanna DeMaria
Reaching an industrywide destination means creating a map of your own.
When cellular industry figures reflect $500 million in losses, it is time for an industrywide fraud solution. When the cost of a counterfeit cellular phone on the streets of New York plummets from $300 to $75, evidencing a growth in supply and demand, it is time for an industrywide fraud solution. When potent technological prevention remedies whose transitional state of implementation will increase roaming fraud are being deployed, it is time for an industry-wide solution. When cellular customers are asked to dial a personal identification number prior to placing their calls to create a fraud protection zone, it is time for an industrywide solution. When cellular carriers are offering rewards for information leading to the arrest of fraud criminals, it is time for an industrywide solution. In this context, the fact that cellular fraud is an industry problem that demands an industry solution is painfully self-evident. What that industrywide “solution” is, however, is anything but obvious. MAPPING OUT A PLANTo commit ourselves to the pursuit of an industrywide fraud solution, we must acknowledge certain facts. We are confronted with an evolved, entrenched, industrial strength fraud adversary that, even with our best efforts, will not disappear overnight. There is too much money to be made in this illicit distribution arena with its “national accounts-type” criminal market base. Anything short of a complete, unequivocal commitment within each carrier’s business will fail.Fraud control must be a priority in each carrier’s business plan to achieve this type of commitment. Management must be involved in the formulation and execution of a fraud control plan that becomes a corporate value within the company. Relegating this fraud control responsibility to an industry trade association will not meet the fraud challenge. The industry trade association has a vital role in the pursuit of a fraud solution, but to be effective, that role must be derivative of the self-empowered carrier’s internal fraud management plan, not a substitute for it. We must recognize that we do not operate our system in isolation. Our fraud problem seeps into the local and long-distance carriers’ business. The desired solution is a telephone industry solution, not merely a cellular industry one. The industrywide fraud solution, despite its singular title, consists of several components, each of which is equally important. First is the role of the individual carrier to develop and execute a meaningful fraud management plan. The plan must address the current fraud challenge while contemplating its future migration in response to technological offensives. Fraud must become a business priority for every department – finance, customer care, engineering, information systems, legal, external affairs, marketing and public relations. Each of these departments is unquestionably affected by fraud proliferation. Consequently, each of these areas must contribute to a coordinated, multifaceted fraud attack. No one area provides a complete solution, but together, they enhance the impact of an interdisciplinary fraud strategy. Engineering provides the venue for the technological remedies that will profoundly influence fraud growth. However, the deployment of its technologies will result in business-related issues, such as roaming fraud, that must be recognized. This is a perfect example of the need for an interdisciplinary approach. Similarly, a competent fraud management plan will include the use of detection technologies. For example, the use of a phone usage profiling system will allow the carrier to identify the fraudulent usage and strip it from the customer’s bill. This is useful for early identification of the fraud and customer care values. The most meaningful fraud-related technology is the prevention technology that aborts the counterfeit phone’s operation before a call is initiated. Prevention technologies must be sought and perfected. The fraud loss amounts much be measured to assess the volume of the business threat and the magnitude of the resources that should be dedicated to meeting that threat. This necessitates funding, as well as personnel. Management also must send a clear message throughout the company that fighting fraud is part of everyone’s job. This type of complete commitment to fraud management generates a new perspective on every aspect of the carrier’s business. With these values in place, every new product or service must be evaluated for its fraud vulnerability prior to initiation. Every new technological solution in the fraud area must be scrutinized for its ability to be networked. Without networkability, the fraud merely migrates to another carrier. These values reinforce that fraud management has no place in the competitive marketplace. Armed with this corporate value system and an appropriately resourced interdepartmental fraud strategy plan, the carrier is ready for the industry trade association component of the fraud solution. Carriers committed to a fraud management plan cannot win the war alone. The need for the networkability of technological fraud solutions and the migratory nature of roaming fraud are examples of why a carrier cannot remain alone in the fraud fight. However, when they join with other carriers who also are committed to fighting fraud, they can enhance their impact and capitalize on the natural pooling of ideas and strategic planning resources. The Cellular Telecommunications Industry Association (CTIA) provides the forum for carriers to enrich their fraud management impact. CTIA services this purpose in several ways, such as via the Fraud Task Force (FTF) and the Executive Board and the Technical Operations Council (TOPS). Both have distinct but equally important roles. Additionally, the FTF itself consists of two groups: the Secure Systems Advisory Group and the Operations Advisory Group. (The Secure System’s Group is focused on the containment of fraud through technology initiatives and research concerning the devices used to commit fraud. The Operations Advisory Group is focused on the delivery of programs to carriers and external groups to help manage the fraud problem.) Founded in 1990, the FTF provides the industry with a vehicle to meet and conduct “nuts and bolts” fraud initiatives. It has trained more than 5,000 law enforcement officers in cellular fraud detection. Training films have been developed and disseminated. Similarly, the FTF collects and disseminates intelligence on cellular fraud cases occurring throughout the country. Regional committees meet and share information and plan initiatives. Equally significant are the FTF’s projects in the technological arena. The FTF has commissioned a study on the strength of the Cellular Authentication Voice Encryption algorithm for authentication, which positively diagnosed the algorithm’s strength for at least 20 years. This study allows the carrier to evaluate authentication’s strength as a prevention tool and make an intelligent business decision on the investment in this resource. The FTF also has prepared a primer on authentication, held a training seminar for carriers and manufacturers, and has hired an expert to study the networkability of the three RF fingerprinting vendors currently in the marketplace. These efforts are extremely useful for the carriers committed to the fraud fight. They ensure that expert-level scrutiny of all new and powerful fraud technologies will occur. This type of scrutiny brings on a full force to an entire industry and incents vendors to create networkable technological solutions that solve the problem rather than migrate it to a competitor. These are only a few examples of the tireless efforts of the FTF. They epitomize, however, the goals of the organization. This carriers’ group consists of the individuals working in the fraud area of their respective carrier companies. They bring to the FTF their expertise and knowledge of fraud management as they perceive it from fighting it “on the front lines” for their company. This allows them to look to the future and carve out a road of initiatives that will assist in the fraud fight. The FTF’s role also includes executing the policy mandated of the Executive Board and TOPS Council of the CTIA. The CTIA Executive Board and TOPS Council consist of industry CEOs. These individuals must perform the second function of the CTIA in fraud management. They are the industry policymakers in this area. While the FTF can scrutinize authentication’s viability and then recommend its deployment, the industry leaders must decide whether they will deploy it uniformly. Similarly, they must decide whether a regulatory mandate should be initiated on authentication. They must decide whether they will stop selling non-authenticatable analog phones as an industry and send a clear message to the manufacturers that these fraud-vulnerable devices are unacceptable. These types of decisions cannot be agreed upon or made on any other level in the CTIA other than the Executive Board and the TOPS Council. These decisions are vital elements in the pursuit of an industrywide fraud solution. Once these decisions are made, the FTF then can execute them across the industry. To be able to make these policy decisions, cellular executives must have a working understanding of the fraud problem and how their own fraud management plan addresses it. This awareness will correlate with the degree of effectiveness of their own coordinated, multifaceted attack. A wholly integrated fraud plan involves an enhanced level of fraud awareness and fraud management responsibility in every department, which ensures executive awareness on the highest level. This is why it is absolutely necessary for a carrier to have a meaningful fraud plan prior to being able to use CTIA to support its fraud efforts. The carrier is the first ingredient to the industrywide solution. CTIA, through the FTF and its executive members, is the second ingredient to this solution. MIDDLE OF THE ROADSo where are we on this roadmap? We are not at the beginning, but we are not at our destination. Our strength is in each other and our recognition that we can’t get there alone. The industrywide solution is not the proverbial “silver bullet.” It is far more realistic. It is each other.
DeMaria is vice president of business security for AT&T Wireless Services, Kirkland, WA.
|
|||||||