Anything that causes critical information not to be received real time jeopardizes company revenues, profits and customer satisfaction and competitive position.

FPSS specializes in Fraud and Bad Debt reduction by operating on-line and real-time using Usage Signatures!" and Usage Fingerprints. Other fraud systems generally catch 45% to 50% of fraud because the users have to tell the system what to look for. . . FPSS catches 90% to 95% of the fraud within the first 24 hours because of Usage Signatures and Fingerprints. Along with a well-trained staff and FPSS, fraudsters starve-to-death because they can't get away with their fraud scams -- FPSS catches more kinds of fraud faster and easier.

FPSS typically pays for itself in under 6 months.

As you can see on this chart, as soon as FPSS was installed dollar losses (green) due to fraud dropped dramatically, even though overall CDR volume (blue line) and fraud incidents (grey) increased. Eventually, fraud perpetrators all but gave up.

FPSS is Fast! As you can see in the chart below, a current customer ran 60 million CDRs in a 24 hour period and tested to see have fast the interface GUI screens would respond.

[Note: The processing rate during this test was 2250 CDRs per second with 5 simultaneous users.]

Smart, real time fraud detection
"The Learning Module"

Profiling and pattering of every line of service for real time fraud detection - FPSS screens every call which passes through the phone switches (or SS7 networks) and records information which is important to detect fraud. It examined the authorization codes, calling numbers, called numbers, lengths of calls, times at which they are made and other data.

It uses this information to build a data base which profiles each subscriber's typical usage patterns. When a subscriber exceeds his Usage Signature, FPSS Patterning is done for interstate, intrastate and international.

Since individual subscribers' have unique usage patterns, applying the same "Thresholds" to all accounts will frequently:

1. Indicate fraud where none has occurred.
2. Fail to indicate fraud where it is very likely or is occurring.

A superior approach keeps a "profile, Pattern or Usage Signature" on each individual subscriber's usage, which employs statistical methods to create a quantitative description of the subscriber's usage.

As a user places calls, the FPSS will track his usage, comparing it against his normal usage and updating changes in his usual pattern.

If the usage pattern exceeds its norm by a statistical level (which may be set manually) an alarm is triggered and sent to the Case Manager for further analysis and correlation - See Case Manager below.

How the learning module works

As the user places calls, CDR records are received by the FPSS computer. The FPSS will then examine some basic data about the call, its time of day, duration, point of origin and destination, etc., and take the portions of this data which has been determined to be the best for tracking fraud, and adds this into cumulative statistics it keeps on the subscribers. The cumulative statistics serve as a running total of the individual subscriber's account. By examining this information, the fraud system can determine the customer's profile by Average Usage Pattern (the users average hourly usage, by minutes or by completions) for different times of day or types of call.

The average usage pattern provides the fraud system some important background information on the subscriber. The fraud system will use this information in determining if a fraud alarm should be set. However this is not the heart of the alarm system, as sometimes the usage will be more than average, sometimes less.

Peak Usage Pattern (the users typical peak usage, by minutes or completions) for different times of day or types of call AND for a specific duration. In contrast, the peak usage pattern presents a numerical picture of the typical maximum usage pattern a subscriber exhibits. If a subscriber exceeds his typical maximums by too large an amount, the fraud system sounds the alarm. Consequently, the profile-based alarm system can treat every subscriber as an individual, signaling alarms based on individual subscribers surpassing their typical maximum usages.

Case Manager

The Case Manager receives alarms from the back-end fraud engine (these alarms can come from the Usage Signature, Usage Fingerprints, Rules or WatchPoints. It analyzes and ranks them for easy access by the fraud analyst or investigator. Now for the best part, as the Cases are worked by the analysts or investigators Case Manager self-learns what was done and applies this intelligence to the Case the next time the Case come up. So the analysts only work the High Risk and the Important Cases. With Case Manager's Automatic Intelligence Feedback capability, the false positive ratio can get as low as 5 to 1.

Targeting specific fraud events - Fraud Investigators define the rules.

Complex events - "Rules"

User defined rules for targeting specific fraud events - FPSS also applies a series of user-defined rules against every phone call it processes. These rules let investigators tailor the fraud system to look out for problem calls. Investigators can print an alarm on all calls to a particular area, international calls over a certain length, any call on a particular trunk and many other factors which the user may combine with each other. The rules can be defined in any manner using any data from the CDR.

Simple Events - "Watch Points"

User defined watch points for targeting specific fraud elements. FPSS lets the user "Watch Point" all call traffic based on a few key factors, including phone numbers, authcodes, switches and trunks. All investigators can set up a series of "watch points" enabling them to monitor suspicious activity on a real time basis, as the switches report traffic to the FPSS computer. FPSS will screen every call against the indicated "watch points", and make a note of it for the corresponding investigator when one of his "watch points" is satisfied.

Alarms

FPSS uses real-time alarms; the alarms are generated from rules that are defined by Beck's unique "Learning Module - Usage Signatures or Usage Fingerprints." Alarms are also sent from "user defined rules and watch points" and indicate that a potential event has occurred. The real time alarms display instantly in the Case Manager when FPSS detects possible fraud letting you shut down possible fraud in just minutes instead of hours, days or weeks.

FPSS lets you set up a paging schedule to notify one or more people on high ranking Case(s). This can allow you to walk around the office or leave it entirely, knowing that someone responsible will be paged if a sufficiently serious Case(s) occurs.

Data analysis reports

Further, you can have FPSS run historical reports over days, weeks or months of call records, looking for calls which match the rules you specify. FPSS can sort the selected calls and print reports in a number of different formats. You can use these reports to further look for suspicious activity or to help you with a specific investigation and gather evidence for prosecution.

CDR inquiry

This feature allows a fraud investigator to look up CDR records in virtually any way they desire.

Comprehensive daily reports

There are comprehensive daily reports to isolate potentially fraudulent traffic occurring on a more sophisticated level.

The comprehensive reports probe deeper into the call traffic, correlating data over an entire day or longer period, searching for fraud indicators that might escape short term scrutiny or the human eye. Every night the FPSS system runs a series of reports on the previous day's calls. These reports yield information on lengthy calls, high volume to the same number (a sign of possible hacking), and other correlated factors. These reports can be tailored to your own requirements and is an important tool in helping isolate fraud.

The daily reports include:

• Multiple invalid authcodes attempts to same dialed number.
• Simultaneous authcode usage.
• Simultaneous 1+calls to same dialed number.
• Multiple 1+calls to same dialed number.
• Long duration domestic calls.
• Long duration international calls.
• International Geographical reports.

Other uses

FPSS can also help you with engineering data. It can notify you if a switch seems to have gone down (is failing to report calls), and can tabulate traffic patterns by trunk groups. It can report on total volume, numbers of calls, total time, data errors, all trunks busy alarms, and other measures which are useful in facilities management and data reconciliation.

Documentation

There are easily understood user guide for the fraud investigators.

Hardware

Any size Hewlett-Packard Equipment OpenVMS computer. The size of the computer to be used is determined by the capacity and growth of the carrier's call record traffic.

Training

Specialized training is done on your site with the technical people as well as the fraud investigators. FPSS is easy to learn and use - training generally takes a few hours on the customers site.