Overview
|
Fraud Detection is the system's ability to detect any malicious activities that may compromise the system's security protocols. This may be in the form of (for example) phishing customer's personal details. In this particular case, looking at the situation where Fraudsters are known to harvest personal customer information through social media, or in some cases purchase the data direct from areas such as dark web. Using this information, it is possible for them move a number to a device or SIM card under their control, without the real customer’s knowledge. There are growing numbers of cases where fraudsters can infect a smart-phone with a virus that setup a divert, forwarding all calls and messages to a different number with the victim’s knowledge.
When these events occur it exposes your organization to risk and your customers to fraud.
The Fraud Detection and Prevention section within Company Setup serves a very special purpose in setting your company's security preferences.
|
Description
The fraud in question here refers to SIM-swap (data theft), SS7 vulnerability (network manipulation), SMS Malware (data theft) and Smishing (identity theft).
|
General Information
When Users click on the Fraud detection section within Company Setup, the above screen is presented. Admins can take advantage of the various field in this section to configure GSMS portal to capture any of the previously mentioned threats.
Here are the fields in details below:
SIM Swap Weightage |
The level of priority GSMS gives to prioritize SIM Swap checks and detects if a possible SIM Swap scenario has occurred. Choose a value from 0 - 100. 0 meaning GSMS ignores SIM-swap functionality. |
SIM Swap Date Score
Once the overall SIM Swap weightage has been assigned, the Admin can assign Weightage split based on a different time gap ranges.
|
|
Last 24 Hours |
Score allocated to the system to detect if SIM Swap has occurred in the last 24 hours. Value can be 100 to actively check for SIM Swaps every 24 hours
|
7 to 1 days ago |
Score allocated to the system to detect if SIM Swap has occurred between a gap of one day to seven days (one week). Weightage could be slightly less compared to Daily checks (for example assign values as 80)
|
14 to 7 days ago |
Score allocated to the system to detect if SIM Swap has occurred between a gap of seven days (one week) to fourteen days (two weeks). Weightage could be slightly less compared to one day to seven day (one week) checks (for example assign values as 60)
|
30 to 14 days ago |
Score allocated to the system to detect if SIM Swap has occurred between a gap of fourteen days (two weeks) to thirty days (~ one month). Weightage could be slightly less compared to seven days (one week) to fourteen days (two weeks) checks (for example assign values as 40)
|
More than 30 days ago |
Score allocated to the system to detect if SIM Swap has occurred more than thirty days (one month) ago. Weightage could be slightly less compared to fourteen days (two weeks) to thirty days (~ one month) checks (for example assign values as 20)
|
Call Forward Weightage
|
This is to have a check in place to detect of a customer call is being directed away from a trusted party towards someone with malicious intent. Assign a score between 0 - 100. 0 indicating no call-forwarding check is required.
|
Trusted Network Weightage
|
This is to have a check in place to detect of the Network being used is a Trusted source. Assign a score between 0 - 100. 0 indicating no Network check is required.
|
Total Risk Score
|
There is a specific calculation that occurs to produce the exact value of the overall Total Risk Score to the GSMS portal.
Score Calculation : (SIM Swapped x Weightage x Date Score) + (Call Diverted x Weightage) + (Not Trusted Network x Weightage). For Example; If weightages are : SIM Swap = 60, Call Forward = 20, Trusted Network = 20, and SIM Swap Date Score result is: SIM swapped 3 days ago and both call divert activated and network are trusted, the total score would be 1 x 60% of 80 + (1 x 20) + (0 x 20) = 68
|
Default Risk Threshold
|
The Default risk threshold value if as such is not provided inside message API requests. If calculated risk score is higher than threshold value, message is taken as fraudulent and is not sent.
Risk scores may be seen as: ≤20 = Negligible ≤40 = Low ≤60 = Moderate ≤80 = High ≤100 = Extreme
|
Customer
|
The name of the Customer handling the GSMS portal. |
ID
|
A unique value assigned to the Fraud Detection profile created.
|
Created By
|
Name of the Admin that created the Fraud Detection profile. |
Last Modified By
|
Name of the Admin that last modified the Fraud Detection profile. |
Created At
|
Date when the Fraud Detection profile was created. |
Last Modified At
|
Date when the Fraud Detection profile was last modified. |