1. Field of the Invention
The present invention relates generally to fraud detection systems, and more particularly to a system and method for detecting fraudulent network usage patterns by using real-time network monitoring.
2. Description of the Related Art
In the telecommunications arena, fraud opportunities are increasing due to the expansion of network-based products and new service offerings. Perpetrators of fraud take advantage of these new opportunities with ever-increasing sophistication. In fact industry analysts estimate the cost associated with telecommunications fraud to be over $4 billion a year and growing. This financial liability falls on the telephone carriers and their customers.
There are multiple points during the life of a call, that is the time between which it is dialed to the time it is paid for, that are susceptible to fraud. Without a system to detect fraud at a point early in the call life, it sometimes takes up to four months before the network carrier discovers that abuse has occurred. The number of ways to access network systems, the number of customers, and the vast array of billing choices merely serve to aggravate the situation. Thus, as telecommunications systems grow in complexity, the number of access points as well as the types of access create new opportunities for fraud.
Moreover, telecommunications network systems are not the only systems plagued with costly fraud. Credit card authorization houses, credit clearing houses, as well as virtually any paid data transmission network suffers from the abuses of those who would defraud the system. Therefore, driven by the dynamic nature of fraud, a flexible, data-driven architecture is needed.
The telecommunications industry has energetically tackled various aspects of fraud detecting, but while they may develop system(s) which detect certain instances of fraud [known now], but these cumbersome and costly solutions fail to maintain the needed flexibility for detecting not only fraud arising from actions that are known now to be fraud, but for the variations and mutations which arise in the future.
Moreover, such solutions are very network-specific in their implementation and are not able to analyze patterns of usage arising from disparate networks. For example, patterns of usage within an analog cellular network or a wireline network might not trigger concern by themselves, but when viewed together clearly indicate fraudulent activity, or at least cause for further investigation. Today, these patterns of usage must be considered separately from each system; there is no provision of one system which can address disparate networks and still provide a consolidated database for fraud analysis.
Additionally, current solutions have very rigid parameters within which the system will view event data. In light of the dynamic aspect of fraud a system and method which allows a user to key off of all data fields in an event detail record would be highly desirable.