Why risk management and revenue assurance can’t be left behind when upgrading your B/OSS
This particular use case is just one example among many possible scenarios where CSPs can allocate different 5G slices to different services at different billing models and prices. Ultimately, these new use cases will require defining which devices on a data plan are allowed higher data demands, tracking the levels of network congestion at any given time, and offering slower bandwidth options through a variety of competitive pricing models to meet customer demand. From a billing and charging perspective, these changes will put tremendous pressure on CSPs to upgrade their policy and charging solutions in order to keep up with the demand that connected devices will generate—and monitor and control any potential for revenue leakage with their customers and B2B partners.
As a CSP’s value proposition shifts towards an ecosystem-driven model that includes not only connectivity but also partner management, shared customers, and shared revenues, these opportunities will come with new risks from the many stakeholders, and also new requirements for risk management.
By releasing new services beyond the traditional communications portfolio, 5G adds the availability of real-time data streams and increases the number of customer interactions with CSPs. This potentially results in a better customer experience and contributes to increased retention, and also allows for a 360-degree view of the customer for risk management purposes, such as fraud. The analysis of the new data streams increases the understanding of risks and the customer base, which can lead to the assurance of the next generation of products and services.
However, CSPs need to be aware that, by releasing new services that fall outside of their traditional communications portfolio, the datapoints for risk management no longer remain solely in their own OSS/BSS. All communications data is now the sum of data generated by the relationships of the partners themselves. How they process the data they receive—and how they respond and act upon it—in itself will affect how far CSPs extend their risk-management coverage. Take, for example, identity management: unlike traditional mobile voice services, where the user identity is kept in-house with the CSP, with the IoT the role of identity management expands along the value chain. In short, it is no longer just about identifying people and managing their access to services. In the 5G world, identity management must be able to identify devices and sensors, monitor and then manage their access to sensitive and non-sensitive data along the overall value chain—which is becoming increasingly complex.
Using a traditional risk management governance model and strategy to assure 5G networks, services and business models will largely fail, because the key auditing functionalities have been relegated to isolated selections of tactical technologies, management features, and operational procedures along the value chain. Every day, the level of sophistication and organization among fraudsters increases. Gone are the days when a simple set of rules built on top of OSS/BSS data would be enough for CSPs to stop revenue leakages from telecom fraud. For many years, CSPs focused primarily on event monitoring within clear organizational boundaries and business support systems. This legacy approach must change, however, as CSPs move up the value chain and position themselves as IoT service providers in order to properly monetize 5G opportunities.
The infinite number of potential use cases for connecting things to the Internet and the growing ecosystem of players will bring added complexity that will increase the opportunity for bad actors to find new ways of cheating the system. For example, IoT and eSIMs welcome new opportunities for traditional types of telecom fraud—such as
