Price: $3,999.00

Course Number: 6003
Length: 4 Days
Print Friendly, PDF & Email

GSM Fraud (and Network Security) Training covers the latest topics, sharpen your GSM fraud prevention (GPRS, UMTS and LTE fraud is also introduced) skills and learn new techniques led by the profession’s leading GSM fraud practitioners.

TONEX is the world’s premium telecom and wireless anti-fraud training (and network security) organization and premier provider of GSM, GPRS, UMTS/HSPA/HSPA+, LTE, 802.11, WiMAX, and Telecom anti-fraud training and education provider.

GSM Fraud training course includes lectures, group discussions and projects. In addition to anti-GSM fraud training, this GSM Fraud training course provides many opportunities to network with your GSM fraud practitioners and peers in the industry, as well as with TONEX staff and faculty members, at group lunches and social functions.

Outline

INTRODUCTION AND OVERVIEW

  • Overview of GSM, GPRS and UMTS/HSPA/HSPA+ Networks
  • Evolution to HSPA+ and LTE
  • Overview of GSM Network Security
  • Overview of GSM Network Fraud
  • GSM Fraud Risk Assessment
  • GSM Fraud Management Systems(FMS)
  • GSM FMS Risk Assessments
  • Utilization of an FMS
  • Overview of Mobile Commerce (mCommerce) Fraud

GSM Network Fraud and Security

  • GSM products and services
  • GSM network components: MSC, GMSC, HLR, EIR, SMSC,MMSC,IN, CAMEL
  • Basic security concepts
  • Authentication and Authorization
  • Privacy and Encryption
  • Integrity of Data
  • Non-repudiation
  • GSM network
  • GSM security algorithms
  • IMEI Database
  • GSM Fraud Principles
  • Principles of fraud
  • GSM fraud theory
  • GSM revenue fraud
  • GSM fraud control theory
  • GSM fraud audit
  • GSM fraud penetration risk assessment
  • GSM fraud investigation for the auditor
  • What makes a good GSM fraud risk assessment
  • Considerations for developing an effective fraud risk assessment
  • Preparing and executing the fraud risk assessment
  • Sample GSM fraud risk assessment framework
  • Addressing the identified fraud risks
  • Reporting the Results of the Fraud Risk Assessment
  • Protection and investigative measures

Introduction to Fraud in GSM

  • Principles of fraud in GSM
  • 3 M's Fraud classification, Motive, Means, and Methods
  • Motives
  • Means
  • Methods
  • Analyzing Motive: the fundamental objective of the fraud
  • GSM network fraud analysis
  • GSM security attacks
  • GSM network protection and audits
  • GSM fraud analysis
  • GSM fraud Investigations
  • Spam and viruses
  • SMS and MMS messages
  • ‘Phishing’ messages
  • Viruses and Mobile Phones
  • Examining the role of multi-service environments on fraud management programs
  • Fraud and Security Risks in the Machine-to-Machine (M2M) Environment
  • Know-Your-Enemy (KYE) principles

Categorization of Fraud in GSM

  • Types of fraud
  • Fraud categories
  • GSM subscribers
  • Prepaid vs. Postpaid
  • PSTN subscribers
  • Service fraud
  • Fraud using voicemail
  • Non-revenue fraud
  • Revenue fraud
  • GSM call selling
  • GSM Premium Rate Services (PRS) fraud
  • Surfing
  • Enterprisecustomers
  • Partners
  • Dealers
  • Sales Channels
  • Voucher systems
  • Hacking voucher codes
  • Supplier & 3rd party
  • Interconnect and GSM Gateway Fraud
  • GSM gateways
  • Bypass fraud
  • International bypass examples
  • Internal fraud
  • International fraud rings
  • Emerging online fraud threats
  • Other Operators
  • Employees of other operators
  • Account hijacking
  • Authorize payments and transactions
  • Cookieless device identification
  • Device fingerprint, device fingerprinting
  • Device identification
  • Mobile device identification
  • online fraud
  • Web Fraud
  • Techniques and tools
  • Importance of audit

GSM Fraud Vulnerability, Detection and Protection

  • Identifying fraud in GSM network
  • Fraud investigations
  • Product risks
  • Identifying techniques used by fraudsters
  • Voucher product testing for prepaid platforms
  • Exploiting fraud
  • Fraud risks
  • Fraud indicators
  • Fraud prevention
  • Fraud detection
  • Fraud indicators
  • GSM fraud KPIs
  • Protecting Roaming Revenues – an integrated approach
  • Optimizing Roaming fraud management
  • Fraudulent contracts, the growing problem of subscription fraud
  • Terrorism, Cyber-laundering & Social Media Risks
  • Case studies

mCommerce Fraud

  • what is mCommerce?
  • mCommerce products and services
  • mBanking fraud
  • Content fraud
  • mCommerce cntrol mechanisms
  • mComerce fraud detection & management

Overview of GSM Fraud Management Systems (FMS)

  • What is a FMS?
  • How to select FMS?
  • How to utilize a FMS?
  • FMS Generic Architecture
  • Usage Data
  • Customer Data
  • Detection
  • Analysis
  • Case Management
  • Reporting
  • Methods of responding to the risk of fraud and data mining for fraud schemes
  • Reviews, Assessment & Analysis
  • Effective Utilization of an FMS
  • FMS Rules
  • KPIs
  • Workflows
  • Reporting
  • Risk assessments & reporting
  • Innovative method for tracking and fighting fraud ring activity
  • Using forward location information based on GPS data
  • Real examples/case studies

Effective Utilization of FMS

  • Role of fraud analysts
  • Data collection principles from multiple formats and sources
  • Data preparation and mediation
  • Data filtering
  • Call assembly and call rating
  • Cross-relation of different data sources
  • Detection processes
  • Rule–based detection and profiling
  • Artificial Intelligence (AI) techniques like neural networks or decision trees
  • Set up and configure rules independently (reduce supplier costs)
  • Reduce false positive rates
  • Data mining functionality
  • Proactive fraud identification
  • Advanced neural predictive analytics and behavioral profiling
  • Comprehensive audit trail of user and system actions
  • Mediation Function
  • Data Pre-Processing
  • Event Analysis
  • Alarm Analysis

FMS Case Reporting and Investigations

  • Adaptive Feedback
  • Managing fraud throughout the customer lifecycle
  • Rules, thresholds, advanced profiling and behavioral modeling
  • Monitor their service usage and day-to-day activity
  • Highlight any suspect or anomalous behavior
  • Non-customer activity is monitored to detect fraud
  • Data mining functionality
  • User defined database queries
  • Creation of unique customer account lists based on user defined search criteria
  • Work-flow process for guiding processing of cases from start to conclusion
  • Ability to manually create cases
  • Investigation of alerts raised
  • A calculation of estimated loss, rate of loss and savings made
  • A propensity score to indicate the severity of the case
  • Flexible screen layout, allowing windows to be resized and rearranged
  • Ability to store files within cases, e.g. spreadsheets, letters, photographs etc.
  • Complete audit trail of actions taken by the system and users
  • Reporting and charting
  • Adaptive feedback function
  • Case results are used to support future detection and analysis
  • Automated email notification on specified alarm types
  • Case studies

Examples of GSM Fraud Types Managed by FMS

  • Application Fraud
  • Originations IRSF (International Revenue Share Fraud)
  • Bypass / SIM box fraud
  • Mobile payments fraud
  • Call Sell Fraud
  • Card cloning
  • Prepaid fraud
  • Clip On fraud
  • Card Skimming
  • Roaming Fraud
  • Crash For Cash Fraud
  • SIM Card Cloning
  • Credit / Debit Card Fraud Spamming
  • Dealer / Merchant / Agent / Broker Fraud Subscription Fraud
  • E / M Commerce Fraud
  • Subsidy Abuse
  • False Insurance Claims
  • VoIP Fraud
  • Identity Theft
  • Wangiri Fraud
  • Interconnect Fraud
  • Accessing all relevant information
  • Detailed client/account information
  • Associated CDR
  • Alert details
  • Client alert history
  • Alert clarification
  • Detected fraud cases
  • CDR details
  • Fraud tackling efficiency
  • Context-based approach for the detection of fraud
  • Fraud contexts in GSM
  • MSISDN (Mobile Subscriber ISDN)
  • Accounts
  • Network cell
  • Number origination
  • GSM handset
  • IMEI
  • IP address

Overview of GSM Security Requirements

  • Basic GSM security functions
  • GSM security Review
  • GSM security algorithms
  • GSM authentication and authorization procedures
  • GSM ciphering procedures
  • Security threats to GSM

Encryption and Ciphering in GSM

  • Encryption Technologies
  • Cryptography Keys
  • Symmetric and Asymmetric
  • Ciphers
  • Cipher Suites
  • Certificates
  • Overview of GSM Security Algorithms
  • A3, A5, and A8
  • A3/A8
  • 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3
  • 3GPP Confidentiality and Integrity Algorithms UEA2 and UIA2
  • 3GPP A5/3 and GEA3 algorithms
  • 3GPP A5/4 and GEA4 algorithms
  • GSM Milenage
  • Example A3/A8 algorithm COMP128-2
  • Example A3/A8 algorithm COMP128-3
  • Encryption algorithm A5/1
  • A5/1
  • A5/2

GPRS and UMTS/HSPA/HSPA+/LTE security algorithms

  • GPRS and UMTS authentication and authorization procedures
  • GPRS ciphering procedures
  • Kasumi, GEA1, GEA2 and GEA3
  • Security threats to GPRS
  • UMTS/HSPA/HSPA+ Security Review
  • Security in UTRAN
  • Security in the UMTS Core Network
  • UMTS security algorithms
  • UMTS authentication and authorization procedures
  • UMTS ciphering procedures
  • Security threats to UMTS
  • UMTS Authentication and Key Management
  • AKA Algorithms
  • Normal AKA procedure
  • AKA procedure in the AuC
  • AKA procedure in the USIM
  • AKA procedure in the VLR/SGSN
  • Integrity function f9, Confidentiality function f8
  • Milenage and KASUMI algorithms
  • LTE security algorithms

Request More Information

Please enter contact information followed by your questions, comments and/or request(s):
  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.