This is the final article in a four-part series highlighting promising telco data monetization use cases identified in a recent global poll conducted by Intersec. The first article revealed the results of the poll and explored how Communications Service Providers (CSPs) are leveraging the data they collect about their customers to sell additional services. In the second article, we covered the growing opportunity for telcos to monetize anonymized data externally by sharing it with enterprise customers and partners. The third article looked at how combining 5G connectivity, IoT devices, and geolocation can lead to new enterprise revenue. Here, we look at the potential for CSPs to leverage data for services focusing on security and risk management.
Author: Sébastien Synold, Product Manager, Intersec
CSPs are uniquely positioned to provide services that guarantee privacy, security, and trust. The control they have over their network infrastructure lets them monitor, detect, predict, and mitigate security threats in real time. In addition, most telcos are heavily regulated. Compliance with rules like the EU’s GDPR requires that they implement strict data governance, privacy, and security practices. This makes them trusted partners for handling sensitive data.
Surprising poll data
In Intersec’s recent poll asking people which data monetization use cases interest them most or are aligned with their current investment focus, security and risk management garnered the fewest votes – only 21% of people chose it as their top pick. This is surprising because industry research points to security as an important growth area for CSPs.
“Security, especially cybersecurity, is a growing challenge for all enterprises as they accelerate digitization of their networks, operations and relationships with customers. It is an issue for communications service providers (CSPs), too, but it is also one of their best opportunities to tap new revenue as providers of managed security services,” write Mark Newman and Dean Ramsay in TM Forum’s first telco revenue benchmark report.
“CSPs’ security services businesses will grow with more deployment of new connectivity and computing services such as 5G, cloud, edge, IoT and mobile private networks,” they add.
In surveys accompanying TM Forum’s research for the past two years, the group has found that security, in fact, tops the list of products and services representing the best opportunities for telco revenue growth. The graphic below from TM Forum’s latest benchmark report shows that nearly two-thirds of CSP respondents believe security is a significant opportunity. The report further finds that year-on-year revenue growth of 10% to 25% for security services is possible.
Source: TM Forum, 2023
Promising use cases
CSPs can use customer and network data to provide fraud detection and prevention and other security services to banks and companies in other verticals. For example, operators can use geolocation and customer data to verify bank transactions. Each time a bank customer makes a transaction, the banking application can check to see whether the customer’s mobile phone is located where the transaction is occurring. If the mobile phone is not near the credit or debit card being used, the transaction will not go through, helping financial institutions to reduce fraud.
Similarly, as noted in a previous blog, geolocation data can protect against insurance fraud by confirming driving habits and distance driven. And in manufacturing facilities, tools or vehicles equipped with IoT sensors can be geolocated to protect against theft. Further, the International Mobile Equipment Identity (IMEI), a unique numeric identifier for mobile devices, can be shared between mobile network operators. So, if a stolen device requests access to the network, an operator can detect it in real time and block access.
CSPs can also use geolocation data internally to prevent SIM fraud and manage their network infrastructure. If a new SIM card is inserted into a phone that does not belong to the real SIM owner, for example, the SIM owner can be alerted to detect potential identity theft. Geolocation can also identify unusual traffic patterns or detect potential threats based on the geographic origin of traffic.
Leveraging 5G for security
The deployment of 5G enhances these capabilities by empowering mobile operators to open their network infrastructure to developers through APIs using the Network Exposure Function (NEF). This enables new network-as-a-service and network-as-a-platform offers, which can lead to revenue growth. Intersec is supporting and participating in the work that standards-development and open-source groups like TM Forum, the GSMA Open Gateway Initiative and the CAMARA project are doing to advance 5G network APIs.
Using NEF, CSPs can provide detailed visibility into an enterprise’s network traffic and give them control over how their data is routed and managed. This might include providing dedicated network slices with customized security protocols, real-time monitoring of traffic for potential problems or faults, and the ability to dynamically adjust network configurations.
NEF can also support identity and access management services that use network data to authenticate devices and users more securely. This could include using geolocation, device profiling, and behavioral analytics to ensure that only authorized users and devices can access an enterprise’s resources.
In a real-world example of the types of services CSPs can offer using NEF, Brazilian operators Claro, TIM Brazil and Telefónica’s Vivo recently joined forces to launch three new security-related network API services resulting from their work in the Open Gateway Initiative. The Number Verify API service confirms a subscriber’s location and identity, while another called SIM Swap can be used to verify whether a phone number recently changed SIM cards. A third service, Device Location, confirms the location of specified devices. All the services are aimed at banks and other fintech organizations.
“Through the GSMA Open Gateway initiative, Brazil’s mobile operators are leading the way, helping enterprise developers and cloud providers launch new services to tackle fraud and improve digital security,” said Mats Granryd, Director General of the GSMA, in a statement. “By taking this approach we can ensure new digital services not only work seamlessly across all of Brazil’s mobile networks, but also hundreds of others around the world. Next year we will see more and more Brazilians benefit from the launch of these APIs, making them feel more at ease knowing their mobile services are more secure.”
