Challenge
A mobile network operator's money service had grown faster than its controls. Account-takeover fraud was rising month over month, agent-assisted social engineering was industrializing, and the operator's own support tooling had become an attack surface. Every incident was a direct customer loss in a market where trust is the product.
Approach
We assessed the platform end to end: the USSD and app channels, the agent network tooling, the SIM-swap handoff with the parent telco, and the internal case-management system. The findings drove a redesigned control stack: velocity and device-binding rules at the transaction layer, a hardened SIM-swap verification flow agreed with the telco's own security team, and tightened privilege boundaries in support tooling. We then trained the fraud operations team on the new signals they would be triaging.
Result
Account-takeover incidents fell 63 percent in the first full quarter after deployment, with false-positive holds on legitimate transactions kept below the operator's customer-experience threshold.
Engagement under NDA; the operator's identity is withheld by agreement.