How an Energized Antifraud System with SLAs & Revenue Share is Powering Business Growth at Wholesaler iBASIS

Every jet of chaos that threatens to exterminate us can be converted by intellect into a wholesome force.  Fate is simply causes not yet penetrated.

Cold weather doesn’t care about people: it tingles the blood and freezes a man like a dew-drop.  But learn to skate, and the ice will give you a graceful, sweet, and poetic motion.  The cold will brace your limbs and brain to genius.

Ralph W. Emerson, Fate from The Conduct of Life (1860)

When you consider telecoms lose — year after year — billions of dollars to international voice frauds like IRSF and Wangiri, it’s easy to see why so many operators are pessimists when it comes to anti-fraud efforts.

Candidly, many operators have resigned to the fate of “losing a few million Euro a year” from fraud as merely the price of doing business.

But innovators and entrepreneurs look at such problems a bit differently.

They are eternal optimists who recognize that the flipside of every problem is an opportunity.  And if current fraud control solutions are inadequate, then a better designed, more capable solution can please a lot of frustrated customers.

Malick Aissi of iBASIS is one of those optimists.

Malick and I met many years back, but I’d since lost contact with him during his many years at Orange where he held key RA/FM, mobile, and other executive posts.  Then in May 2019 Malick moved to iBASIS, the international wholesaler.  Then after the iBASIS acquisition by Tofane Global, he became its new VP of Business Assurance and Risk Management Services.

Today, iBASIS continues in its role as a completely independent wholesaler in the highly competitive business of conveying international traffic.  In that effort, the company is both consolidating the voice carrier-to-carrier business as it also enters the IoT and cloud-based communications market.

But now, thanks to a bold new business development plan, iBASIS is suddenly growing its business and turning heads.

What you’re going to read in this interview is a classic case of risk management driving a significant boost in a telecom’s business.

And the transformation happened very fast.  In a little less than 14 months, Malick’s team upgraded the iBASIS antifraud system while offering customers novel business deals including a skin-in-the-game antifraud SLAs with cash penalties — as well as a revenue share option.

The blueprint for this success is fully explained here by Malick who gives details on the commercial offer, the antifraud system upgrades, and its Do It Yourself customer portal and reporting.

	Dan Baker, Editor, Black Swan Telecom Journal: Malick, great to catch up with you again.  What’s your responsibility there at iBASIS?

Malick Aissi: Dan, let me start by explaining our mission here at iBASIS and explain my risk management roadmap.

My role is business assurance and risk management services.

When I first met with Alexandre Pébereau, Group CEO of Tofane Global, he was clear on what the two pillars of his iBASIS strategy are:

1. Consolidate the voice market and expand into advanced technologies like IoT; and,
   
2. Be first to build “deep trust” with our business partners as we connect them from their point A to the world.
   

Well, to deliver on that strategy, my first concern was to refocus our risk management approach.  Before I came, the anti-fraud was embedded in the voice department, so we needed to extract it from voice to drive a broader strategy.

We are well-aware that security for IoT, 5G, and other big changes on the connectivity side are converging with voice.  Voice is still the biggest part of the iBASIS business, but the other services are growing faster than voice.  Voice, SMS, A2P, IoT and advanced services are where our customers are creating value — and that’s where we need to protect this new value.

While wholesale is based on volume and margins, if you run a voice department chasing after margins, you might fail the customer, particularly, if part of the traffic being conveyed from A to B is grey minutes.  This is the false growth we wanted to avoid.

And that’s why risk management now plays a big role in business development.  I’m in charge of a P&L that builds solutions that bring value and has a positive impact on our customer’s experience.

My role is to develop our portfolio through a new experience of trust to prove to customers we are their trusted partner.  And “trust” has 5 dimensions for us.

• Enhanced Detection Technologies
  
• Adjusted Detection Services
  
• Customer Centric Processes
  
• Flexible Pricing Models
  
• DIY Do it Yourself
  

	How are you serving iBASIS customers from the standpoint of fraud control?

Well, we have several systems under our antifraud solution.  And we deliver that solution across two dimensions: technical and customer SLA.

On the technical level, we offer our real-time system across two branches: Antifraud Outbound and Antifraud Inbound.

• Antifraud Outbound customers send all of their international traffic through iBASIS switches which convey the traffic to their destinations.  So for those customers, our system — in real-time — spots, controls, detects, blocks and kills any fraud that shows a known or unknown / emerging patterns. 
  
  When the call is connected, our algorithms wake up to see if this call corresponds to a known or unknown / emerging pattern.  And before the call is terminated, we can block it or kill it.
  
• Antifraud Inbound customers, on the other hand, are customers not obliged to send us their traffic.  They send a portion of their traffic to iBASIS, say 20 or 40%.  For them, we use Inbound antifraud which entails deploying a solution in their network to protect them from various fraud such as IRSF, Wangiri, PBX hacking, or other aggressive scenarios. 
  
  If the Inbound customer select our managed service, we provide them access to a portal and pools of expertise and on-line support.  And we fully aim to complement their in-house FMS (Fraud Management System).  For those who have their own system, our first step is to do due diligence with them.  We observe them to understand their current anti-fraud capabilities, then work with them to fill their gaps in anti-fraud protection.
  

In both cases, collaboration is crucial and that’s critical to our DNA since it takes a hands-joining-hands to fight fraud: you need to partner with others in this industry.

	Who are the Inbound Customers and do they manage their own fraud control?

Well, these are both Tier 1 and Tier 2 operators.  Some are MNOs / MVNOs who do not have all the capacity to run their own anti-fraud system.  Others in this group are big tier 1 customers who are managing their traffic across many wholesalers.

Definitely this portion of the market is growing very fast.  And these customers are threatened by new fraud schemes such as OBF (Origin Based Fraud) — the spoofing CLIs and bypassing the surcharge tariffs such as often happens inside Europe.

Some big Tier 1 carriers are suffering in Europe from OBF, and more and more they want sound solutions to protect them from this growing threat.

	Ok, what about serving customers with fraud control SLAs?  That sounds pretty innovative.

Fraud control SLAs are very new, Dan.  Of course, when I came here, the notion of an SLA existed on the voice connectivity side.  But offering an antifraud SLA is very tricky since you’re risking your own money.

I think this is the first time in the fraud domain this has been offered.  I don’t remember other Wholesale companies offering fraud control guaranteeing everything necessary would be done with penalties to pay.

But given the iBASIS mission of branding ourselves as the “trusted partner” we need to share the risk with our customers.  So that’s what we mean by an SLA.  We do it on-time.  We do it as expected.  And we’re committed to doing it that way.  And if we don’t do it that way we are ready to pay fines.

	How about an example of a fraud control SLA: what happens if one of your carrier customers loses $40,000 over a weekend due to an IRSF/premium rate attack?

Dan, first of all, we let our customer decide how much protection they need.  Our pricing model is flexible enough to manage that.  We offer five layers of prices depending on the service level we are committing to a particular customer.

If the customer wants to fully protect from IRSF losses, we offer a service called Premium Risk Fee.  And this service is based on the insurance model.  We calculate the risk.  You subscribe to your risk and under a scenario where A, B and C happens and say, the customer loses $40,000 — and it’s proven that responsibility is around our neck, we reimburse you.

Of course, you will be paying monthly according to your risk bandwidth.  So this is an innovative offer, and the first time we pushed such a concept to the market.

Now some of our prospective customers wanted to subscribe to this.  But when we announced the monthly fee, they backed away.  The market is not mature enough yet, but this is an important model to keep on track.

But as an alternative we offer them two other pricing models.  One is a Revenue Share, and this means the more your fraud disputes go down each month, the more we get revenue from you compared to your baseline.

For instance, a big Tier 1 in 2019 was having an average of $500,000 of traffic in disputes per month before they jumped to our solution.

But now in 2020, after they took our solution, they now average around $40 to 50K a month in fraud disputes.  So that’s a 10X drop in fraud losses — a huge gain for them.

Now I don’t want to name the client, but I’ll just say it’s provable what I said is true.  And it’s because our solution is very strong in detection and the ability to block or kill a call in a matter of seconds.

So this is the way we are gaining trust.  We are saying to the market: “We take risks”.  We bring you the piece you need to catch up with new frauds you are facing, such as OBF.

	Well, no one’s going to offer an SLA like that unless they are highly confident in their own fraud control detection and blocking capability.  What steps did you take to ensure your antifraud solution was ready to support that commitment?

Well, Dan, let me explain the major steps we took to improve our Antifraud system.

The first day I met our IT team in Boston, after shaking hands and introducing myself I said to them, “Guys, I want to set up an SLA between you and me.  I’m the product manager, and you guys are the factory of my product.”

So once my team knew my expectations, we began the work of extracting very precise work streams and developing an action plan around SLA architecture and monitoring availability.  Here are the key fraud system improvements we made:

• Tracking “A” Phone Numbers — Early on, I noticed we were very good at catching the called B termination number of a call.  But we were not so good at figuring out the A number (who is calling?).  And as you know, with CLI spoofing, robocalling, and Wangiri call back fraud, it’s critical to analyze the A number, too.  So we corrected that issue.
  
• Multi-Layered Rules Catalog — The second thrust of our improvement was the catalog.  Our catalog is the brain of our smart detection rules editor and allows us to combine multiple layers of rules and algorithms using machine learning. 
  
  With the catalog we can replicate some algorithms and make them widely available and sensitive to any kind of traffic coming in or going out.  So we now know exactly how a stack of rules works and for what purpose they were built.  This has enormously increased our agility to manage rules to help customers.
  
• DIY (Do It Yourself) Portal — We’ve greatly simplified our fraud control connection to our customers with creates a custom environment for each of them. 
  
  The customer knows where his pain points are, and where to define the volume of call thresholds for destinations where they want to block a call — or even kill an active call.  At the same time, our experts are on-line to assist them as part of our managed service. 
  
  DIY is also a vector to enable more and more customer intimacy. “We are listening to you.  Yes, you can do it yourself, but we are backing you up with the expertise serving our worldwide customers.”
  
  So while we bring them our out-of-the-box expertise, they are also free to customize it on their side.
  
• Fast & Detailed Reporting — Some of our Antifraud customers are staffed to deal with the real-time alerts we generate.  But most customers don’t have enough people to constantly monitor. 
  
  So what we do for them is send a report — a customizable one — that provides a summary of events that happened in the last 24 hours, one week, or even two weeks.  We present that in an Excel sheet showing the A & B number fraud activity we caught, providing the total of minutes we blocked for the customer. 
  
  This report has become very popular because it helps customers navigate this data and share it across their organization.  They can also look at the problems we caught by market segment.  All in all, it’s a big relief for them.
  
• New Architecture to Ensure Real-Time Blocking — Last but not least, we solved a deeper, underwater part of our iceberg by greatly improving our real-time blocking architecture. 
  
  Previously we had suffered some trouble executing real-time fraud blocks to the deep levels of our core routing engines in the networks.  When a system sends a command for action, if there’s a bottleneck somewhere, that command could not be executed or not executed on time.  And this resulted in a loophole in our systems — and customers complained. 
  
  The answer was to invest further in monitoring systems to give us flexible engines and super computing power to achieve real-time flow orchestration and visualize rules activity in production.  It also enables us to troubleshoot and analyze the logs much faster.
  

	Thank you for sharing, Malick.  Delighted to hear about this ground-breaking antifraud success story.

You’re welcome, Dan.  Let me make one other observation.  Some large consultancies like Global Data started to cover iBASIS whereas before we were not even on their radar.

And they did a benchmark in 2020.  And for the first time iBASIS appeared on that benchmark where we are now shown as very strong in all the wholesale success factors they track.

Now while I’m proud of what we accomplished, my main purpose in mentioning that is to show the dynamic that created our business assurance and risk management success.

It started with our management, with our CEO Alexandre Pébereau, Patrick George our EVP, business development, Edwin Van Ireland our Sales Director and our COO John Treece.  Our leaders aligned the planets to deliver on the iBASIS strategy to become the “trusted partner”.

I have that confidence because we are listening to the market, we understand our competitors, and fortunately, inside the field we know what the drivers of good risk management practice are.

The success comes from our all-hands-on-deck approach: executive support, our customer commitment proven through SLAs, our early warning system, our ability to build strong and smart algorithms to stop aggressive fraud schemes like VoIP Bypass, and our around-the-clock staffing covering the U.S., Europe, and most other parts of the world.