Posted by FICO

Subscription fraud continues to be among the most prevalent methods of fraud service providers suffer, with worldwide losses from this group of scams exceeding USD$2.0 billion in 2021, according to CFCA. Technology advancement is driving the evolution of subscription fraud as never have fraudsters had so much access to identity information and online self-service as they do now. Because fraudsters evolve their methods with the help of technology, communications service providers’ fraud management techniques are forced to evolve continuously to keep up.

New methods for using analytics, machine learning, and artificial intelligence have emerged to combat sophisticated new fraud attacks, yet many CSP fraud management teams are forced to rely on processes and technology that may not measure up. The gaps between what manual fraud management, rules-based fraud management, and fraud management rooted in analytics, machine learning, and AI can detect and prevent are substantial.  

Combatting subscription fraud

Fraudsters are using increasingly sophisticated methods to commit subscription fraud, but 30% of service providers CFCA surveyed say they rely on manual processes to manage and combat it. Another 28% of service providers have established a baseline of fraud management automation rooted in rules-based systems, but schemes like synthetic identity fraud are designed to defeat them. Just 15% of service providers have equipped teams with advanced decisioning, and just 13% with AI, to stay ahead of the crooks.

Detecting and preventing the more sophisticated forms of subscription fraud found today typically requires a service provider to improve their analytics capabilities to better examine two key risk areas. One involves evaluating risk factors related to the subscriber and the subscription, which have grown substantially because fraudsters are skilled at identity theft and falsification. The other involves gaining a broader viewpoint using analysis of a variety of data sources to identify relationships between subscriptions and detect webs of fraudsters and repeat attackers.  

Six analytics capabilities to detect modern subscription frauds

To stay ahead of a growing and evolving subscription fraud landscape, here are six analytics capabilities service providers should look to bring into their fraud management strategy:

1, Layered controls: Layered controls are crucial for all types of fraud detection, which means rules and analytics can work well together. A rule makes sense to enforce well-defined criteria. For example, an identity might be on a negative list for being fraudulent, so that applicant will be excluded. This type of rule does not need a complex model because it is a simple “knockout” (KO) rule. But analytics can bring in “soft” indicators, like similarities in identity information across multiple applications, and use sophisticated algorithmic calculations, based on multiple factors, to achieve much greater accuracy in fraud detection than with rules alone.

2, Machine Learning: Machine learning (ML) is important for automation and the continuous improvement of fraud models. Building those models requires a deep understanding of how communication service providers (CSPs) work, how fraud is detected, and how fraud is controlled and managed. A generic AI is unlikely to bring the analytical expertise to bear necessary to detect and outwit fraudsters. Any AI must be trained properly via ML with an industry-specific framework that provides the context necessary for it to learn, solve problems, and improve over time.

3. Fuzzy Matching: The ability to “fuzzy match” data is where the system can recognize similarities in data, as opposed to simply matching characters. Fraudsters often make several attempts to commit subscription fraud using slightly varying identity details. The crook might change the address, name, occupation, salary details, or other data points just slightly to access yet another fraudulent subscription. Fuzzy matching against previous subscriptions can help detect this fraudulent practice at the point of application.

4. Real-time adaptation: The fraud environment is always changing and shifts with seasonal catalysts, like holiday promotions. With fraudsters using more automation, they adapt faster to find and attack vulnerabilities. Service providers, as a result, must be able to learn and adapt just as fast. Self-calibrating analytics can adapt to changes in behavior and market factors in real-time. This allows fraud models to be updated and re-calculated continuously while recursion is used to keep detectors attuned and updated. Only with AI and ML can this degree of self-improving automation be introduced and used to remain a step ahead of the fraudsters.

5. Social network analytics: Any public or third-party data that can be used to help build out a service provider’s fraud detection capabilities is useful, including and especially social network analysis (SNA). By scanning disparate internal and external data to find links between different records, social network analysis can be used to uncover links between fraudsters, helping to stop subscription fraud rings and coordinated brute force scams.

6. Explainability: The “explainability” of a service provider’s fraud management model is important both to fraud analysts and regulatory regimes. Being able to explain after the fact what was detected, how it was detected, what subsequent steps were taken, and whether that complies with company policies and regulations is an important aspect of the fraud management process. It will become trickier to achieve as frauds become more complex, making the ability to automate the reconstruction of what happened an important part of a transformed fraud management practice.

Expect substantial benefits

The good news for service providers is that they can expect to achieve improvements of 30% or more due to applying analytics to fraud management.  While specific results will vary depending on the scenario, many operators have achieved dramatic improvements in their ability to detect, prevent, and even predict fraud because of bringing advanced analytics, machine learning, and AI capabilities into their fraud management automation environments.