We're Losing AI Fight to Fraudsters, Says BICS Exec
BICS is struggling to keep up with fraudsters who have taken advantage of artificial intelligence (AI) to exploit vulnerabilities in network systems and make phishing attacks even harder to spot, says a senior executive at the Belgian operator.
Phishing is a form of cyber attack in which an email asking for a user's personal information appears to come from a real company, such as a bank or insurance provider. Fraudsters are now using AI to make their communications appear even more genuine, says Katia Gonzalez, the head of fraud prevention for BICS, citing recent industry research.
While BICS is carrying out AI trials to combat fraud and make other service improvements, it is struggling to recruit staff with both AI and networks expertise and says vendor offerings have not measured up.
"We haven't found any specialists who combine telco knowledge and tech knowledge on AI," says Gonzalez. "The few vendors that have any knowledge of telecom are rather focused on the retail business and not on international."
BICS is expanding into fraud prevention as part of a growth strategy designed to offset declines at its mainstream connectivity business. A subsidiary of Belgian incumbent Proximus, it provides international carrier services to some of the world's biggest operators and saw revenues for the first three months of 2018 drop 4%, to €332 million ($391 million), compared with the year-earlier period. (See Why TeleSign Takeover Could Be Game-Changer for BICS.)
The growing cybersecurity threat has put the company under additional pressure to make use of AI. Gonzalez says that traditional fraud management systems were set up to analyze "more obvious spikes" in data usage, and not the traffic patterns that come with emerging Internet of Things services.
While AI remains in its infancy, there is growing industry concern that operators will struggle to manage 5G and other complex network technologies through manual processes. (See Robot Wars: Telecom's Looming AI Tussle.)
Gonzalez agrees telcos are under pressure. "The business is getting more and more complex and pricing is becoming more granular," she says. "AI can help in these areas and not only on fraud prevention."
Some of the world's best-known telco brands are now using AI-based technologies in their retail activities and customer service operations. Through a partnership with Microsoft Corp. (Nasdaq: MSFT), Spain's Telefónica has built a voice-activated digital assistant that can deal with customer enquiries and control various "smart home" services, for example.
Orange (NYSE: FTE), Vodafone Group plc (NYSE: VOD) and Telecom Italia (TIM) are other European incumbents developing similar tools in partnership with either Microsoft or IBM Corp. (NYSE: IBM). (See Telecom Italia's AI Tie-Up With Microsoft May Bring Job Cuts, Orange Plans Bank Raid With AI, Digital Weapons and Chatbot Takes Charge: Vodafone's Customer Services Overhaul.)
But AI seems at a much earlier stage of development on the networks side. That could be a bigger worry for a wholesale player like BICS than a telco with only retail operations, according to Gonzalez.
"In retail it is easier to foresee customer behavior," she says. "In wholesale the situations are more dynamic and you don't always know the triggering elements."
BICS is running trials using a mixture of internal resources and vendor expertise. Gonzalez will not divulge details of the vendors but said they are "close" to the telecom industry. IBM, with its Watson technology, is not involved, she says.
The Belgian company says trials are necessary to see if AI can really solve problems, and if it makes sense commercially. "We need to see if there is a business case because the technology is quite expensive," says Gonzalez.
BICS' current focus on fraud prevention follows its $230 million takeover last year of TeleSign, a Californian software company that sells two-factor authentication and other security services to some of the world's biggest websites.
"We're working closely with the TeleSign business unit," says Gonzalez. "They are focused on user authentication and we are focused on fraud prevention. They are not exactly the same but the areas are quite complementary."
— Iain Morris, International Editor, Light Reading