Method and System for Preventing Illicit Use of a Telephony Platform

1. A method comprising: at a telecommunication platform: enrolling a plurality of parent accounts in the telecommunication platform; within a first enrolled account, enrolling at least one sub-account that is managed by the first account; at a fraud detection system of the telecommunication platform, receiving sub-account usage data of a plurality of sub-accounts of the telecommunication platform, wherein the sub-account usage data of each of the plurality of sub-accounts includes at least configuration data of the sub-account and communication history data; calculating fraud scores of a set of fraud scores from the sub-account usage data; and when the set of fraud scores of a sub-account satisfy a fraud threshold, programmatically notifying the corresponding parent account through the telecommunication platform, wherein receiving sub-account usage data comprises collecting application media configuration; and wherein for a first fraud rule, detecting a sub-account using application media files identical to media files used by at least a second sub-account.

2. The method of claim 1 , wherein detecting a sub-account using application media files identical to media files used by at least a second sub-account comprises: calculating fingerprints of media files encountered during a communication session; and identifying corresponding media file fingerprints in two sub-accounts.

3. A method comprising: at a telecommunication platform: enrolling a plurality of parent accounts in the telecommunication platform; within a first enrolled account, enrolling at least one sub-account that is managed by the first account; at a fraud detection system of the telecommunication platform, receiving sub-account usage data of a plurality of sub-accounts of the telecommunication platform, wherein the sub-account usage data of each of the plurality of sub-accounts includes at least configuration data of the sub-account and communication history data; calculating fraud scores of a set of fraud scores from the sub-account usage data; and when the set of fraud scores of a sub-account satisfy a fraud threshold, programmatically notifying the corresponding parent account through the telecommunication platform, wherein receiving sub-account usage data comprises collecting application uniform resource identifiers (URIs) mapped to communication endpoints of a sub-account; and wherein for a first fraud rule, detecting corresponding application URIs configured in at least two sub-accounts.

4. A method comprising: at a telecommunication platform: enrolling a plurality of parent accounts in the telecommunication platform; within a first enrolled account, enrolling at least one sub-account that is managed by the first account; at a fraud detection system of the telecommunication platform, receiving sub-account usage data of at least one sub-account of the telecommunication platform, wherein the sub-account usage data of each sub-account includes at least configuration data of the sub-account and communication history data; calculating fraud scores of a set of fraud scores from the sub-account usage data; and when the set of fraud scores of a sub-account satisfy a fraud threshold, programmatically notifying the corresponding parent account through the telecommunication platform, wherein receiving sub-account usage data of a sub-account comprises collecting payment mechanism configuration of the sub-account; and wherein in response to a first fraud rule, detecting diversity of payment mechanism in a sub-account.

5. A method comprising: at a telecommunication platform: enrolling a plurality of parent accounts in the telecommunication platform; within a first enrolled account, enrolling at least one sub-account that is managed by the first account; at a fraud detection system of the telecommunication platform, receiving sub-account usage data of a plurality of sub-accounts of the telecommunication platform, wherein the sub-account usage data of each of the plurality of sub-accounts includes at least configuration data of the sub-account and communication history data; calculating fraud scores of a set of fraud scores from the sub-account usage data; in a case where the set of fraud scores of a sub-account satisfy a fraud threshold, programmatically notifying the corresponding parent account of illicit behavior of the sub-account, the notification being provided via the telecommunication platform, wherein illicit behavior includes at least one of toll fraud, spamming, terms of service violations, denial of service attacks, credit card fraud, suspicious behavior, and phishing attacks, wherein the parent account is an account of an external service provider system, and wherein each sub-account is an account of a system that uses a service of the external service provider system.

6. The method of claim 5 , wherein receiving sub-account usage data comprises collecting application media configuration; and wherein for a first fraud rule, detecting a sub-account using application media files identical to media files used by at least a second sub-account.

7. The method of claim 6 , wherein detecting a sub-account using application media files identical to media files used by at least a second sub-account comprises: calculating fingerprints of media files encountered during a communication session; and identifying corresponding media file fingerprints in two sub-accounts.

8. The method of claim 5 , wherein receiving sub-account usage data comprises collecting application uniform resource identifiers (URIs) mapped to communication endpoints of a sub-account; and wherein for a first fraud rule, detecting corresponding application URIs configured in at least two sub-accounts.

9. The method of claim 5 , wherein receiving sub-account usage data of a sub-account comprises collecting payment mechanism configuration of the sub-account; and wherein in response to a first fraud rule, detecting diversity of payment mechanism in a sub-account.