FMSevolution is a standalone, lightweight Fraud Management System capable of loading and analyzing call detail records (CDRs) and other telecom transaction events (xDRs).

FMSevolution is built around a modular, lightweight core. The lightweight core provides the framework for the decoders and fraud modules as well as providing basic functionality for database storage, external communication and reports.

The lightweight core supports several standard fraud detection modules. The core also provides a generic high usage module and facilities for inclusion of other fraud modules for fraud detection not covered by the standard modules. The same core is used to support the Xintec RA module (RAevolution) and Subscription Module (Point-of-Sale Fraud and Credit Check), each of which are provided as separate product offerings.

Communication IntegratorFMSevolution processes usage, event and subscriber detail records (xDRs) received from different sources (e.g. network nodes like MSC/MSS, mediation system, CRM, etc.). The Communication Integration module provides services for implementing source specific decoder modules that decoder, normalise and enrich xDRs and loads them into a high-speed database engine in near real time.

User Interface (GUI)The lightweight core of FMSevolution includes a web-based GUI for administration, configuration, case management and reporting. The dashboard presents a snapshot of the key functionality of the system. The Cases section allows you to:

+ view cases for fraudulent activities of a subscriber+ view alarms related to a case+access the call records related to an alarm (or all calls on the date of the alarm)+ get/edit subscriber usage levels+ retrieve subscriber call patterns+ insert fraud analyst’s notes & follow-ups+ print a summary report with case details (PDF or .csv format)

Risk Management. Simplified.

XINTECEVOLUTION

RA

FMSevolutionRAevolution

Risk Management. Simplified.

XINTEC‘‘LIGHTWEIGHT FRAUD MANAGEMENT SYSTEM CAPABLE OF LOADING AND ANALYZING CALL DETAIL RECORDS (CDRS) AND OTHER TELECOM TRANSACTION EVENTS (XDRS)’’

Active FMS Customers

Risk Management. Simplified.

XINTEC

FMSevolutionRAevolution

Risk Management. Simplified.

XINTEC

FMSevolutionROAMING MODULE

RTMevolution

FMSevolution Features

Standard Fraud ModulesThe lightweight core general fraud coverage using the High Usage module with configured thresholds adapted to different data sources, subscriber profiles, destinations and locations. In additional to the general framework, there are several modules tailored to specific, common fraud types. These are the “standard fraud modules” described in this section.Fraud modules tailored to specific fraud types allows for faster deployments and more focused functionality over configuring general purpose fraud engines. The following modules are available: IRSF, Wangiri, SIM Box, SMS/MMS/Voice Spamming and Prepaid. Point-of-Sale Fraud & Credit Analysis (Subscription Fraud) and RA Reconciliations are offered as separate products.

IRSF/Package AbuseThe IRSF module covers roaming and on-net traffic. If desired, IRSF can be supplied as a Roaming Module, which combines the lightweight core, NRTRDE & TAP decoders and IRSF module. The Roaming Module requires minimal configuration and can be deployed in a matter of hours (hosted) or days (in-situ deployment). The IRSF module uses several complimentary techniques to identify classic IRSF and Package Abuse (aka trickle IRSF). The key element of the IRSF package is a collection of Xintec managed number databases. These databases provide more than 2,000,000 test call numbers, unallocated number ranges, high risk ranges and high cost ranges as well as a number validation database.Subscribers and destination ranges are profiled and combined with overlapping call analysis and behavioral change analysis to identify indicators of IRSF. The number databases determine the quality of alarms to distinguish between obvious fraud, likely fraud and false alarms.A catch-all analysis of destination ranges using anomaly detection through time series decomposition ensures cases do not slip through the net. This analysis is also useful for identifying quality issues.

WangiriThe Wangiri module applies similar techniques as IRSF but reverses the analysis roles (IRSF is an outbound fraud, Wangiri is inbound). to on-net subscribers. The Wangiri module is analyses only on-net subscribers. The analysis techniques differ according to the available data, either analyzing inbound calls (if unanswered calls are available) or outbound calls. Note: the detection quality is

unaltered by the call types analysed, but using inbound calls provides for faster detection.

SIM BoxThe SIM Box module uses two different techniques for detection: a pattern analyser and a correlation module.The pattern analyser matches subscriber behaviour against configurable patterns. Each pattern is a collection of characteristics (e.g. diversity, average durations, counts, cell movement, etc) and associated values. Several patterns are defined to account for the differing behaviour attributed to on-net, national roaming, roaming and external subscribers.Correlation detection correlates roaming data with MSC traffic to identify inconsistencies between a roaming MOC CDR to an on-net subscriber and the corresponding MSC CDR.

SpammingThe spamming module uses the same concepts as used by the SIM Box module. In fact, it utilises the same pattern analyser with differently configured pattern definitions. The spamming module can be applied to SMS, MMS or Voice.

PrepaidThis module is used to detect frauds that occur at the time of voucher recharges. Customised interfaces let FMSevolution import recharge/top-up information and detect suspicious cases, like high frequency recharge, high value recharge and odd value top-ups. There are four different sliding time windows available for each type of detections offering a higher accuracy with more flexibility. For example, the user can configure FMSevolution to detect High Frequency Recharge over 1 day, 2 days, 1 week and 1 month.

Subscription This module is designed to stop a fraudster making a dishonest application using false information or a fabricated identity together with forged or stolen documentation to obtain a post-paid subscription(s) to an operator’s services with no intention to pay for the service at the time of application.

HQ Campus, Dominick Street, Tralee, County Kerry, V92 X6K5, Ireland+353 (0) 1 2930260 | info@xintec.com I www.xintec.com

Risk Management. Simplified.

XINTEC

FMSevolutionRAevolution

Risk Management. Simplified.

XINTEC

FMSevolutionROAMING MODULE

RTMevolution