The challenge

Operating in 26 countries, with partnerships in 55 more, Vodafone is one of the world’s leading mobile communications providers. The company made the first ever mobile phone call on 1 January 1985, and today delivers mobile communications to almost 444 million customers.

Jake Francis, Head of Technology Security for the Information Security Technology Group (ISTG) for Vodafone in Ghana, initially approached RiverSafe to help with some log monitoring.

The company had been using Splunk in its environment for two years. While some of Vodafone Ghana’s systems were being analysed by Splunk, many crucial systems including Bluecoat, VPN, email servers, routers and switches and firewall logs were not—leaving blind spots in the team’s monitoring processes and leaving them unable to see the complete picture.

“There were gaps or loopholes which create opportunities for theft,” Jake explains. “These can then be easily manipulated by those who understand where they are and how to penetrate them.”

“Every transaction that goes onto the system needs to be vetted to make sure that it’s a legitimate transaction. This is especially important in Ghana where we operate a prepaid market and need to ensure that authorisation for data and payments are legitimate.”

“For example, if a customer has paid for one gigabit of data then this is what should be issued to their account. What we found, however, was that some of the retail shops were raising fraudulent claims. We now have the ability to see this more easily.”

Jake realised that Vodafone needed better real-time anti-fraud capability in order to prevent internal fraud between Vodafone’s retail stores and its back office systems.

“We found that there wasn’t a Splunk app available to combat internal fraud,” recalls Jake, “and we needed this so that we could effectively reconcile revenue.”

The solution

To tackle this costly action, Jake again turned to RiverSafe to develop a new anti-fraud app.

RiverSafe developed scripts and analytics that would address Vodafone Ghana’s unique needs. This additional layer of checks and balances is particularly crucial in Ghana, where the IT and telco infrastructure is developing and often underserved.

RiverSafe also reviewed Vodafone’s existing log management scripts, including configured searches and logic. This data was then mapped to documented use cases and consumer requirement reporting, enabling the company’s Revenue Assurance team could verify revenue growth against usage.

The outcome

With RiverSafe’s help, Vodafone have now implemented bespoke new criteria, metrics, analytics and reporting around fraud trends. The team now also has access to in-depth forensic data so that the ISTG can assist other departments with any internal fraud issues.

“Now I can store all this information in my server and go back and write a script against these logs to find out what’s happened if I believe there’s an issue. This enables us to look out for possible trends and scenarios. Now we’re being proactive, not just reactive, and helping the fraud department with reconciliation and revenue assurance.”

The anti-fraud app is now being rolled out to other Vodafone Ghana offices, with plans to implement it in other parts of Vodafone in Africa and Asia, where there is also a large prepaid market.

“RiverSafe helped us to meet our security audit requirements… now we’re being proactive, not just reactive. The team has been terrific and their expertise and support has been second to none” Jake Francis, Head of Technology Security for the Information Security Technology Group (ISTG) Vodafone

Book a consultation

Get the perspective and insight you need to create unified solutions and make informed business decisions.