Executive summary
Every call, message, and data session a network rates becomes a charge. Most of those charges are normal. A small share are not: an account whose spend suddenly jumps, traffic steered to high-cost destinations, a fresh SIM billing like a seasoned fraud ring, a dormant line that wakes up and runs. Left unseen, these patterns turn into revenue leakage, fraud losses, disputes, and bill-shock complaints.
Loci is an explainable control-intelligence platform that can score charging events in real time and flag the ones that deviate from what is normal for that subscriber. It combines a subscriber-level view of history and behavior with controls your own team can read, test, and adjust. It also studies your own history to propose new controls as charge fraud evolves. Every decision arrives with a reason, so revenue-assurance and fraud analysts can act on it and auditors can stand behind it.
Loci does not replace your mediation, rating, or billing systems. It sits alongside them and adds a layer of real-time, explainable anomaly detection on the charges they produce.
The challenge
Charge anomalies are hard to catch well for three reasons.
- Volume and speed. Charging events arrive constantly and fraud typologies change quickly. By the time a monthly report surfaces a pattern, the loss has already happened and the method has moved on.
- Baselines, not thresholds. A flat threshold blocks legitimate high-spending customers and misses fraud that stays just underneath it. What counts as anomalous depends on the subscriber, the destination, the plan, and the moment.
- Explainability. Risk, finance, and regulatory stakeholders increasingly expect an automated decision to come with a defensible reason. An opaque score that cannot be explained is hard to operationalize and hard to defend.
Teams are often left choosing between rigid rules that generate noise and black-box scores they cannot interpret. Neither keeps pace with adaptive charge fraud.
What Loci does
Loci applies its explainable control model to charging data. It can evaluate each charging event against the subscriber's own history and current state, then return a clear signal with an explanation. The question it answers in real time is simple: is this charge normal for this subscriber, and if not, why.
- Baseline-aware anomaly detection. Loci compares a charge against the subscriber's recent spending baseline and flags statistical outliers, rather than applying one threshold to everyone.
- Velocity and burst detection. Rapid sequences of calls or charges that indicate automated abuse are caught as they build.
- Destination and reference intelligence. Charges to high-cost or premium-rate destinations, or to ranges the operator has flagged, raise the risk on the event.
- Lifecycle awareness. New-SIM and dormant-line behavior is treated in context, so early-life and reactivation fraud stand out.
- Explainable output. Every flag carries the evidence behind it, ready for analyst review and audit.
How it works
Loci can treat each charge as a decision event, enriched by two layers of context at the moment it is scored: what the subscriber has recently done, and what is currently true about the account. Derived facts, such as a rolling average charge or a spend baseline, provide the statistical reference the anomaly controls compare against.
Controls are authored as explainable specifications rather than opaque models. A revenue-assurance analyst can describe a control in plain language, for example "flag a charge that exceeds this subscriber's recent baseline by a wide margin, especially to a high-cost destination," and Loci turns it into a precise, auditable control. Because the specification is readable, it doubles as the documentation and the explanation.
New specifications can run in shadow mode against live traffic before they take any action, so teams can measure impact and tune sensitivity before deployment.
Patterns Loci can be configured to detect
The same controls that power Loci in other domains can be configured to target the charge-fraud and leakage typologies operators care about, including:
Discovering new charge-fraud patterns
Known typologies are only half the problem. Charge fraud evolves, and the next scheme rarely looks exactly like the last one. Loci Autographer can study your historical charging and confirmed-fraud data, find the combinations of behavior that separate suspicious charging from ordinary use, and propose new controls in plain, readable form.
Your analysts review each proposed control, test it in shadow mode against live traffic, and decide whether it goes live. Autographer accelerates discovery and authoring while your team stays in control of what deploys. Over repeated cycles, the patterns that prove themselves are surfaced for reuse, so your control library grows with your understanding of the fraud.
Why Loci is different
- Explainable by construction. Controls are readable and auditable. The specification is the explanation, which suits revenue assurance, finance, and regulatory review.
- Real-time and baseline-aware. Decisions are made as charges are rated, against each subscriber's own behavior, so legitimate high spenders are not treated like fraud.
- Authored by your team. Analysts describe controls in plain language and adjust sensitivity themselves, so new patterns become live controls in days.
- Discovers what to build next. Loci studies your historical charging data to propose new controls, so detection keeps pace with schemes you have not seen yet.
- Human stays in control. Loci assists discovery and authoring; your team reviews and approves; nothing high-stakes acts without oversight.
- Complements your stack. Loci works alongside existing mediation, rating, billing, and revenue-assurance systems through a clean integration, with no rip-and-replace.
How it deploys
Loci is API-first. Operators feed rated charge events and the reference data that gives them context, and Loci returns a real-time decision with its evidence. The platform is flexible about data, so it adapts to different charging schemas and product mixes rather than forcing a rigid model. It can run as a hosted service, with dedicated or on-premise options where data residency or infrastructure control is required.
A typical engagement starts with a short technical review of available charge event data and the highest-priority fraud and leakage patterns, followed by a controlled pilot.
Outcomes for revenue assurance and fraud teams
Applied to charging data, Loci is designed to help teams:
- Catch anomalous charging earlier, before leakage compounds into losses and disputes.
- Reduce false alarms on legitimate customers, because detection is measured against each subscriber's baseline.
- Give every alert an explanation the team can act on and an auditor can review.
- Turn new fraud methods into explainable controls quickly, authored in-house.
- Span voice, messaging, data, and roaming with one readable control layer.
What Loci is, and is not
Loci is an explainable fraud-control platform applied to charging data, designed to work alongside your existing revenue-assurance and fraud systems. It provides explainable, real-time anomaly controls that your team can read, test, and govern. It is not an opaque scoring engine, and it does not replace your charging or billing infrastructure. Loci helps discover and propose controls; your analysts approve them and your systems act. Loci does not promise a fixed recovery figure without first reviewing your data and workflows.
See it on your charging data
A short technical review, then a controlled pilot on your highest-priority patterns.