Background: Mobile network technology has exponentially advanced in the last decade and with this development, fraud activities have risen in equal measure resulting in companies and customers losing huge amounts of money as a result of, especially in developing economies that lag in the regulatory frameworks when it comes to Mobile network fraud. The purpose of the study was to explore Mobile network fraud in Kenya identifying the most common types of fraud, ways which service providers and regulators are employing to prevent or reduce fraud, methods currently used to detect fraud, and gaps thereof. Finally, the effect of concept drift in the automated fraud detection process. Method: A qualitative research method was adopted for the study and using a semi-structured question guide, four focus group discussions composed of 23 participants were conducted. The criteria used for selecting and placing participants into focus groups considered the following: The expert area of the participant, years of experience in the fraud ecosystem of the participant, and the organization to which the participant is attached. The availability and willingness of the participants were also considered in the selection process. The focus group approach was selected as it facilitated balanced discussion amongst all the players in the Kenyan fraud ecosystem, harnessing the power of group dynamics as it involved the regulators and the service providers who were drawn from different organizations. Results: The mobile network fraud ecosystem was stratified into three dimensions namely Fraud prevention which looked at the policies and methods used by both regulators and service providers to reduce fraud, Fraud categorization which aimed at categorizing different types of mobile frauds, and finally the Fraud detection which looked at the current tools being used to detect fraud. From the study, it emerged that although the regulators have provided strict guidelines on the customer onboarding process, not all service providers are currently using biometric approaches while onboarding new customers as this was highlighted as the entry point of most fraud cases. The study established five major types of Mobile network fraud in Kenya: SIM swap, SIM boxing, Wangiri, Commission arbitrage, and Hoax SMS and scams. Most of this fraud is committed using either SMS or voice channels; in some cases, both channels are used. Different matrixes derived from multiple factors are used by service providers while evaluating the criticality of fraud cases though not enforced by the regulators. The study also revealed that most of the fraud detection processes amongst the service providers still use manual tools that constantly require human input. While some of the detection processes are automated, concept drift is a major challenge for automated classification models due to the constant evolution of fraud patterns. Conclusion: The study revealed gaps in Mobile Network fraud prevention processes in Kenya as service providers still use non-biometric customer validation processes that are open to forgery and exploitation. A strict customer onboarding process that is fully automated and integrated should be used to address this gap. In the fraud categorization, there is no clear universal categorization matrix to guide the service providers while assessing the criticality of fraud and in this regard, a qualitative scientific model should be developed and used by all the stakeholders as a reference point. When it comes to fraud detection, concept drift is a major challenge, and service providers in Kenya still rely on manual processes due to the dynamic nature of mobile fraud. This exposes a huge gap in the detection process and there is a need to address this by developing systems and processes that will automatically detect and react to concept drift while automating the detection processes.
Read full abstract