Leveraging AI for Fraud Prevention: Insights from the Orca Wave Webinar

In collaboration with our partner, Orca Wave, we participated in a webinar hosted by MEF to discuss the role of AI in fraud prevention, the need for a comprehensive approach to fraud prevention, and many more topics. 

This webinar provided valuable insights into how AI and machine learning are transforming fraud detection in telecom voice and SMS services. Participants gained an in-depth understanding of the latest threats in voice and SMS fraud and explored advanced techniques to mitigate them. The session covered how AI-powered solutions can block fraudulent traffic with incredible accuracy, address routing fraud such as SIM box fraud, and improve call quality while reducing costs.

Speakers emphasized the importance of a comprehensive approach to fraud prevention, integrating billing and routing considerations alongside voice and SMS, and the value to subscribers in creating trusted channels. They also discussed the critical role of AI in addressing the current fraud landscape, highlighting the limitations of traditional methods like number validation. Topics included data privacy concerns and the potential impact of solutions such as CDR reconciliation. With expert-led discussions, this webinar equipped participants with actionable strategies to enhance telecom security and performance while addressing evolving fraud challenges.

Topics in this session included: 

• The challenge of voice and SMS fraud
• Limits of traditional methods in fraud prevention
• Why AI is necessary to combat fraud
• The value of end-to-end fraud detection
• The value of intelligent routing and automation
• The biggest misconceptions in fraud prevention strategies
• How to create the best narrative for customers
• Pre-call and post-call fraud detection
• The shocking % of overbilling and how common and prevalent it is
• The role of number intelligence in a fraud prevention strategy
• Realistic integration timelines and factors
• The challenge of developing AI solutions in-house
• The importance of PoCs in demonstrating RoI
• Data privacy and the role of AI
• How false positives and negatives are determined
• How AI scales with new technologies like 5G
• The critical role of collaboration in our industry and in training AI
• How regulations and AI can complement each other 
• The need to restore trust in voice and SMS

There were many thoughtful questions from the audience we did not have time to answer. We have included our answers here: 

Questions: 

1. When detecting "fraud" calls, would it just block the specific number, or the entire range?
2. How can AI-based solutions, or anti-fraud systems in general, best allow for different languages and subtleties within them (e.g., if referring to content in SMS)?
3. Because CDRs are sensitive data and the AI will need to train based on telecom CDRs, where is the data stored? Is it on-premises or in the cloud?

1. When detecting "fraud" calls, would it just block the specific number, or the entire range?

Either the number or the number range can be blocked depending on the scenario and nature of the attack. In many cases of voice fraud, one number or a range of numbers are used repeatedly to place fraudulent calls. In this case, it makes sense to block the specific number or range while the number is being used in an active, ongoing attack. If the entire range is affected by fraud, then the range should be blocked. Fraudulent activity is also blocked on a per-call and per-message basis in some circumstances, without blocking the number or range associated with the fraud. 

For particular use cases, an even more granular approach is often indicated. For example, in the case of Wangiri 2.0 (artificially generated call requests to a business), the most accurate blocking policy is to block only calls that originate and terminate in an affected range. Blocking the entire A-number range would effectively block all outbound calls from this business, including many legitimate calls to customers (B-party), causing significant disruption to the business. Restricting blocking policies to the specific combinations of A & B numbers will make fraud prevention more accurate, avoid revenue leakage, and maximize service availability to the enterprise customer. 

To achieve maximum efficiency and accuracy, numbers, ranges, and combination policies should be automatically unblocked when an attack ends.

2. How can AI-based solutions, or anti-fraud systems in general, best allow for different languages and subtleties within them (e.g., if referring to content in SMS)?

SMS content is only half of the story. Behavioral analysis takes over 200 parameters into consideration, including the sender, the time of day, the volume of calls, and many signaling parameters that might indicate fraudulent activity. Additionally, the specific links and contact details in a message are frequently strong indicators of fraud and can be analyzed without translation. Training an AI detection engine on a specific language or regional dialect definitely improves detection; however, the majority of fraud is detectable without an enormous volume of training data in that language.

3. Because CDRs are sensitive data and the AI will need to train based on telecom CDRs, where is the data stored? Is it on-premises or in the cloud?

The AB Handshake AI system can be deployed on-premises, storing all data within the operator's security perimeter. The solution can, of course, work in a near-real-time mode based on CDRs; however, the power of our solution comes from detection and blocking in real time, based on signaling integration. There is no need for training based on CDRs unless requested by the customer. If advanced learning is requested, CDRs are both stored and processed within the client's instance of the solution (typically on-prem unless the operator chooses a cloud-based or other integration model). 

For Orca Wave customers, storage time and location of CDRs can be specified by the customer. If there are regulatory restrictions associated with CDRs outside of the country, this can be accommodated. In addition, imported and mediated CDRs are encrypted at rest in highly secure database repositories.

A note about fraud prevention as insurance from the speakers:

Many operators approach security and fraud prevention as an insurance policy, the value of which is only realized when you thwart a particularly costly attack. However, we have seen how preventing fraud builds trust with users, and the value of this is difficult to measure directly. Dramatically improving user experience and giving subscribers and enterprises a service and a channel they can trust drives business overall, not just by protecting existing revenues.

Learn more: Cut Costs and Combat Fraud: Top Methods for Maximizing Efficiency from AB Handshake and ORCA Wave