Aperio CI

Mitigating VoIP Fraud Using Real-Time Data Analytics

VoIP May Be an Unregulated Service, but to Prevent
Its Fraudulent Use, It's Best Not to Treat It That Way

Duffy Mich, Founder and CEO, Aperio CI
Billing & OSS World
09/23/2008

When cable television companies first began to offer voice communications services to their subscribers, it seemed like a relatively simple and compelling proposition. Running voice traffic over a cable network - or over any IP network for that matter - is easy and inexpensive. The efficiencies of combining voice, video and data traffic over a single infrastructure benefit consumers through low pay-one-price packages that feature significant price savings for triple-play services. It also allows VoIP providers to generate much-needed revenue through ancillary services, and has given them a competitive edge in gaining market share from the legacy RBOCs within their respective footprints. And it has allowed cable operators to position themselves to compete with RBOCs to become the "home communication service provider."

But while delivering VoIP to consumers has resulted in palpable top-line benefits, the technology also has evolved as a preferred vehicle for fraudulent and illegal use by unscrupulous customers. The very nature of VoIP, a portable technology that masks call origination, makes it difficult for providers to gain immediate and accurate visibility into how their services actually are being used. As a result, fraud has occurred in various environments, ranging from misuse of residential services to prohibited commercial practices, such as businesses conducting outbound auto-dialing or faxing.

Some VoIP-related fraud actually occurs because cable providers, who typically have entered the world of voice through video and data services, did not correctly understand the wholesale reconciliation protocols behind international voice communications, and the dangers of bundled pricing plans within this market.

For example, some VoIP providers do not understand the intricacies of international termination fees. Since they assume that transporting voice followed the financial model associated with data transmission, where no carrier-to-carrier transactions occur, they were completely unaware that the VoIP provider must pay a termination fee to an operator whenever a voice call terminates onto a fixed line network. Some of these fees can approach two cents per call, a hefty price in the low-margin world of communications. And when a call terminates onto a mobile network, the termination charge can be as much as five cents per call. Some providers have had to cough up nearly half a million dollars in termination charges, costs that can quickly eat up profits under the pay-one-price scenario.

In addition, flat-rate international rate plans have been particularly problematic for VoIP providers that operate in locations with a concentrated ethnic population. Typically, one resident may sign up for the best available VoIP plan, and then become "the neighborhood phone" by allowing their neighbors to place calls to an international location, charging a fee for the convenience. The theft of service, coupled with high termination fees, has cost operators millions of dollars.

Providers already have prohibited these types of activities in the terms and conditions presented in most contracts. Vonage Holdings Corp., for example, gives itself the right to terminate any customer at any time for what it deems a misuse of service. Many other operators make similar statements. Yet relatively few have been able to enforce them, primarily because they have not had the resources in place to identify fraudulent behavior amid millions of calls per day.

It's even more unfortunate that some VoIP providers choose not to track individual calls at all, seeing it as another expense that cuts into their already thin margins. Ultimately, the lack of record keeping may cause VoIP providers serious legal problems down the road, particularly if the United States Justice Department or Department of Homeland Security, or in the case of publicly held companies, the Securities and Exchange Commission, requests information on specific callers or incidents. In fact, federal and EU regulations require that all communications providers - even international services like Skype - maintain strict financial and operational records. Failure to comply presents bleak implications for the VoIP provider, such as stiff fines or even jail time for executives. Compliance is serious business, and fraudulent activity jeopardizes a provider's ability to comply - pure and simple.

Fraud Mitigation Strategies

While reviewing call detail records to identify fraud may seem like a cumbersome and expensive process, this task can be accomplished relatively cost effectively for most providers through the proper implementation of data analytics solutions.

For instance, there are several advanced analytics applications in the market place that give operators visibility into call activity and behaviors. These solutions develop algorithms for determining "typical" customer behavior. The algorithms measure several details, such as number of calls, length of calls, time of day, and how many numbers customers typically call. Conducted in near real time, these applications provide a snapshot of how particular services are being used by customers.

Many of these analytics solutions can be integrated readily into existing core CRM systems, so there's no need to overhaul or forklift the infrastructure. In addition, some providers offer these tools as a managed service, relieving the burden of integrating new technology.

As part of the evaluation process, the analytics solutions will measure typical usage, and determine what average user behavior looks like. Operators then can set their own threshold markers to help define acceptable and reasonable usage, as well as parameters that could resemble fraudulent activity.

Once the thresholds are set, the analytics engine monitors usage in near real time, usually over a 24-hour or 48-hour window, to identify patterns that may fall out of acceptable ranges. The software then can send alerts to various internal staff, including customer service, operations and legal departments. Once the alerts have been received, the provider can initiate its own investigation into the potential misuse of service.

Once fraudulent activity is identified, the next step for the operator is to resolve the situation in the best manner possible for the provider. That does not necessarily mean terminating the customer.

Some operators have developed a tiered approach based on specific business parameters to deal with customers who they suspect of fraud. For example, a high-value customer may receive a gentle reminder about the terms and conditions of VoIP service if it is determined that the infraction was minor and non-repetitive. On the other hand, operators may choose to terminate a repeat offender or low-value customer. Many analytics tools can link potential fraudulent activity to customer valuation matrices and deliver this information instantly to a contact center agent or other personnel, making it easy for providers to determine how to best deal with specific customers who may use services inappropriately.

So while VoIP is considered an unregulated service, providers still must adhere to multiple financial, security and operational regulations within the United States and other jurisdictions. The very nature of VoIP, particularly its portability and masking of origination numbers, makes it highly susceptible to fraud and other reporting irregularities.

The integration of data analytics solutions into the CRM infrastructure gives VoIP providers a robust, cost-effective means to help identify fraudulent activity, improve operational efficiency, and help comply with various financial and legal mandates, both domestically and abroad.

For more information, contact:

Lynn McAuley
Aperio CI
+1 (631) 468-4014
lynn.mcauley@aperioci.com

Glen Zimmerman
Netezza
+1 (508) 382-8267
gzimmerman@netezza.com

• Press Archive
• Upcoming Events