Tuesday, February 21, 2012

Term Tuesday - Industry Standards Organizations That are involved in Fighting

There are 2 primary organizations that I would like to mention in terms of Telecom Fraud these are the CFCA and the TM Forum.

Taking the about sections from each:

The idea for the Communications Fraud Control Association began in February 1985 with a group of concerned communications security professionals from several different long distance carriers. Intent upon finding a more effective way to combat the growing problem of communications fraud, representatives from AT&T, ITT, MCI, Network One, Satellite Business Systems and Sprint met to lay the groundwork for the Communications Fraud Control Association (CFCA). These representatives left their first meeting assured that a cooperative effort through an Association of security professionals was a realistic and appropriate response to the identified need.
Through the years, membership categories have expanded to include a world-wide network of: carriers, PBX /PABX owners, ISPs, cable and satellite provides, corporate end-users, operator service providers, fraud system developers, prosecutors, members of law enforcement agencies, communications consultants and companies that provide revenue assurance solutions for wireless, wireline, IP, NGN, etc., systems.
TM Forum 
TM Forum is a global, non-profit industry association focused on simplifying the complexity of running a service provider’s business. As an established industry thought-leader, the Forum serves as a unifying force, enabling more than 800 companies across 195 countries to solve critical business issues through access to a wealth of knowledge, intellectual capital and standards. 
The Forum provides a unique, fair and safe environment for the entire value-chain to collaborate on pressing industry issues, helping companies of all sizes gain a competitive edge and the flexibility and speed they need to underpin future growth.

Now Humbug Telecom Labs is a member of both organizations, and much of our Community Blacklist is based on CFCA provided data. Unlike the CFCA, the TM Forum defines how telecommunications systems should work and interconnect (many of the TM Forum standards have been adopted by the Telecommunication Standardization Sector (ITU-T)of the International Telecommunication Union (ITU).

How Humbug fits the TM Forum Framework
The TM Forum has defined the needs of all service providers, including ITSPs, and the framework in which Fraud Management should be implemented in the Fraud Operations Management Guide (TMForum GB947) which is part of the Revenue Assurance section of the eTOM* framework.

TM Forum's eTOM model

The functions and activities in this whitepaper belong to the multiple sections of Fraud Management processes associated with an operator’s fraud management program. Specific emphasis is given to the real world cases of the following level 4 processes (for the level 3 and 4 process diagrams and details please refer to Fraud Operations Management Guide (TM Forum GB947):

Analysis and Identification Policies Process Identifier: 1.1.2
This process serves as the repository of all Methods and Procedures about best practices for fraud analysis and identification work.

Fraud Classification Management Process Identifier: 1.1.3
This process serves as a repository of all fraud classifications pertinent to the operator’s business model including hotlists, existing and new fraud patterns, and other fraud types.

External Operator Interaction Policies Process Identifier: 1.1.6
This process serves as a repository of Methods and Procedures information for interactions with External Operators. One of the key preventative measures available to any operator is information sharing with other operators directly, via 3rd party agencies (like the TM Forum and the Communications Fraud Control Association (CFCA)), or by community learning.

Fraud Operations Management Process Identifier: 1.2
Fraud Operations is the core function tasked with the detection, investigation, resolution, quantification, and prevention actions to deal with suspicious and fraudulent activities and entities.  This is usually done as a combination of automated processes and human detection and action.

Information and Data Processing Process Identifier: 1.2.1
This process is the ongoing processing of information and data against rules designed to detect threats, and the subsequent alerts and alarms resulting from rule violations and other detection processes.

Fraud Analysis Process Identifier: 1.2.2
This process is the ongoing activity of investigating, diagnosing, and implementing controls to both prevent fraud and minimize existing fraud impacts.

Fraud Operations Support Process Identifier: 1.3
Fraud Operations Support serves as the enabling function for fraud prevention, ongoing fraud detection, and overall threat reduction practices.

Intelligence Gathering Process Identifier: 1.3.1
Intelligence Gathering is the process by which threats to the business are understood via information analysis from a variety of sources, both internal and external. 

Threat Reduction and Avoidance Process Identifier: 1.3.2
Threat Reduction and Avoidance is the process by which threats are identified in a proactive manner, to minimize risk to the business prior to an attempted attack. 

System Configuration Management Process Identifier: 1.3.3
System Configuration Management serves as the support process to maintain critical reference and configuration data. This process applies to operators with manual and automated fraud management data analysis capabilities. 

 * enhanced Telecom Operations Map (eTOM) “defines which processes are important to customer acquisition, such as fulfilling an order or conducting quality assurance—or, in the case of billing, the process for collecting CDRs or collecting on bad debts,” according to Martin Creaner, CTO of the TMF in a Billing & OSS world article.