Fraud detection techniques for wireless network operators

US 20030045270A1
Filed: 09/06/2001
Published: 03/06/2003
Est. Priority Date: 09/06/2001
Status: Active Grant

First Claim

Patent Images

1. A method of detecting unauthorized terminal use in a network, comprising:

recording a history of usage of a terminal;

analyzing the usage of said terminal;

monitoring current usage of said terminal; and

requesting clarification upon detection of a deviation between said statistical analysis of the usage of said terminal and said current usage of said terminal.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method are provided by which a network operator is able to detect fraudulent use of a subscriber'"'"'s terminal, regardless of whether or not the subscriber is aware of the fraudulent use of her terminal. Detecting unauthorized terminal use in a wireless network includes recording a history of terminal location and registration patterns, analyzing the recorded history of location and registration patterns of the terminal, monitoring current location and registration patterns of the terminal, and requesting clarification when a deviation between said statistical analysis of the location and registration patterns of said terminal and said current location and registration patterns of said terminal is detected.

37 Citations

View as Search Results

32 Claims

1. A method of detecting unauthorized terminal use in a network, comprising:
- recording a history of usage of a terminal;
  
  analyzing the usage of said terminal;
  
  monitoring current usage of said terminal; and
  
  requesting clarification upon detection of a deviation between said statistical analysis of the usage of said terminal and said current usage of said terminal.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein the usage of said terminal includes at least one of location and registration patterns of said terminal.
  - 3. The method of claim 2, wherein said recording is performed by a geographic location manager (GLM).
  - 4. The method of claim 3, wherein said GLM records the satellite-based positioning information regarding said terminal in a database.
  - 5. The method of claim 4, wherein said analyzing the usage of said terminal includes said GLM computing a statistical analysis of the usage of said terminal.
  - 6. The method of claim 5, wherein the statistical analysis of the usage of said terminal produces a probability distribution of location of said terminal.
  - 7. The method of claim 5, wherein a deviation between said statistical analysis of the usage of the usage of said terminal and said current usage of said terminal includes one of re-registration of said terminal at a location that is not included in the statistical analysis of the usage of said terminal, re-registration of said terminal at a time that is not included in the statistical analysis of the usage of said terminal, and repeated denials of re-registration for said terminal.
  - 8. The method of claim 7, wherein said monitoring of current usage of said terminal is performed by a network operator entity.
  - 9. The method of claim 8, wherein said network operator entity is at least one of an authentication, authorization, accounting entity of said network and a control entity of a cell of said network.
  - 10. The method of claim 8, wherein said requesting of clarification is performed by said network operator entity.
  - 11. The method of claim 10, wherein said requesting of clarification includes:
    - terminating registration of said terminal to said network; and
      
      denying said terminal further access to said network.
  - 12. The method of claim 10, wherein said requesting of clarification includes:
    - sending a query to the user of said terminal;
      
      comparing the user'"'"'s response to said query with user-security information stored in said network database; and
      
      terminating registration of said terminal to said network and denying said further access to said network if said user'"'"'s response to said query does not satisfy the user-security information stored in said network database.

13. A system for detecting fraudulent use of network subscribing terminals, comprising:
- a database that records a history of usage of a terminal in a network and analyzes the usage of said terminal;
  
  a control entity that monitors current usage of said terminal and requests clarification upon detection of a deviation between the statistical analysis of the usage of said terminal and the current usage of said terminal.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The system of claim 13, wherein the usage of said terminal includes at least one of location and registration patterns of said terminal.
  - 15. The system of claim 14, wherein said database is included in a geographic location manager (GLM) that receives satellite-based positioning information regarding said terminal.
  - 16. The system of claim 15, wherein the statistical analysis of the usage of said terminal produces a probability distribution of location of said terminal.
  - 17. The system of claim 14, wherein a deviation between said statistical analysis of the usage of the usage of said terminal and said current usage of said terminal includes one of re-registration of said terminal at a location that is not included in the statistical analysis of the usage of said terminal, re-registration of said terminal at a time that is not included in the statistical analysis of the usage of said terminal, and repeated denials of re-registration for said terminal.
  - 18. The system of claim 17, wherein said control entity is either of an authentication, authorization, accounting entity of said network and a transport entity of said network.
  - 19. The system of claim 14, wherein, upon detection of the deviation between the statistical analysis of the usage of said terminal and the current usage of said terminal, said control entity requests of clarification by terminating registration of said terminal to said network and denying said terminal further access to said network.
  - 20. The system of claim 14, wherein, upon detection of the deviation between the statistical analysis of the usage of said terminal and the current usage of said terminal, said control entity sends a query to the user of said terminal, compares the user'"'"'s response to said query with user-security information stored in said network database, and terminates registration of said terminal to said network and denying said further access to said network if said user'"'"'s response to said query does not satisfy the user-security information stored in said network database.

21. A computer-readable medium having computer-executable instructions for detecting unauthorized terminal use in a wireless network, said computer-executable instructions comprising:
- recording a history of usage of a terminal;
  
  analyzing the usage of said terminal;
  
  monitoring current usage of said terminal; and
  
  requesting clarification upon detection of a deviation between said statistical analysis of the usage of said terminal and said current usage of said terminal.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 22. The computer-executable instructions of claim 21, wherein the usage of said terminal includes at least one of location and registration patterns of said terminal.
  - 23. The computer-executable instructions of claim 22, wherein said recording is executed in a network database.
  - 24. The computer-executable instructions of claim 23, wherein said network database is included in a geographic location manager that receives satellite-based positioning information regarding said terminal.
  - 25. The computer-executable instructions of claim 24, wherein said analyzing the usage of said terminal includes said GLM computing a statistical analysis of the usage of said terminal.
  - 26. The computer-executable instructions of claim 25, wherein the statistical analysis of the usage of said terminal produces a probability distribution of location of said terminal.
  - 27. The computer-executable instructions of claim 25, wherein a deviation between said statistical analysis of the usage of the usage of said terminal and said current usage of said terminal includes one of re-registration of said terminal at a location that is not included in the statistical analysis of the usage of said terminal, re-registration of said terminal at a time that is not included in the statistical analysis of the usage of said terminal, and repeated denials of re-registration for said terminal.
  - 28. The computer-executable instructions of claim 27, wherein said monitoring of current usage of said terminal is performed by a network operator.
  - 29. The computer-executable instructions of claim 28, wherein said network operator is an authentication, authorization, accounting entity of said network or a control entity of said network.
  - 30. The computer-executable instructions of claim 29, wherein said requesting of clarification is performed by said network operator.
  - 31. The computer-executable instructions of claim 30, wherein said requesting of clarification includes:
    - terminating registration of said terminal to said network; and
      
      denying said terminal further access to said network.
  - 32. The computer-executable instructions of claim 30, wherein said requesting of clarification includes:
    - sending a query to the user of said terminal;
      
      comparing the user'"'"'s response to said query with user-security information stored in said network database; and
      
      terminating registration of said terminal to said network and denying said further access to said network if said user'"'"'s response to said query does not satisfy the user-security information stored in said network database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Four Batons Wireless LLC
Original Assignee
Telcordia Technologies Incorporated (Telefonaktiebolaget LM Ericsson), Toshiba Corporation
Inventors
Ohba, Yoshihiro, Agrawal, Prathima, Vakil, Faramak, Nakjima, Nobuyasu

Granted Patent

US 7,974,602 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/410
CPC Class Codes

H04M 1/66   with means for preventing u...

H04M 2203/6027   Fraud preventions

H04M 2207/18   wireless networks

H04M 2242/30   Determination of the locati...

H04M 3/2218   Call detail recording

H04M 3/36   Statistical metering, e.g. ...

H04M 3/38   Graded-service arrangements...

Fraud detection techniques for wireless network operators

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

37 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Fraud detection techniques for wireless network operators

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

37 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links