Detection of fraudulently registered mobile phones
First Claim
1. A method of detecting fraudulent use of a mobile station in a wireless telecommunications network, the mobile station having, a unique identifier associated therewith, the method comprising the steps of:
- determining at least two actual elapsed time periods between successive registrations associated with the unique identifier of the mobile station; and
detecting a suspected fraudulent event when the actual elapsed time periods between successive registrations are substantially non-periodic.
6 Assignments
0 Petitions
Accused Products
Abstract
A system and method is provided for detecting fraudulent use of a unique identifier associated with an authorized mobile station in a wireless telecommunications network. A monitoring system passively collects data associated with the registration of one or more mobile stations utilizing the unique identifier. A fraud detection processor analyzes the collected data using a first pattern recognition device. The pattern recognition device determines the periodicity of successive registration messages associated with the unique identifier of the authorized mobile station and a suspected fraudulent event is identified when the time between successive registration messages is non-periodic. A second pattern recognition device may be utilized alone or in combination with the first pattern recognition device to identify suspected fraudulent activity when an apparent velocity of the mobile station utilizing the unique identifier between successive registration messages exceeds a predetermined maximum velocity. The apparent velocity is based upon the approximated geographical distance and time between successive registration messages. Upon the detection of a suspected fraudulent event by the first and/or second pattern recognition devices, an authentication system may be utilized to identify a suspected mobile station as an unauthorized mobile station when a response to an authentication challenge received from the suspected mobile station is not substantially the same as a predicted response calculated by the authentication system based upon at least the unique identifier of the authorized mobile station.
-
Citations
29 Claims
-
1. A method of detecting fraudulent use of a mobile station in a wireless telecommunications network, the mobile station having, a unique identifier associated therewith, the method comprising the steps of:
-
determining at least two actual elapsed time periods between successive registrations associated with the unique identifier of the mobile station; and detecting a suspected fraudulent event when the actual elapsed time periods between successive registrations are substantially non-periodic. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method of detecting fraudulent use of a unique identifier associated with an authorized mobile station in a wireless telecommunications network, comprising the steps of:
-
monitoring registration messages associated with the unique identifier; determining a first elapsed time between successive first and second registration messages associated with the unique identifier; determining a second elapsed time between the second registration and a successive third registration associated with the unique identifier; detecting a suspected fraudulent event when the first and second elapsed times are not substantially the same. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A system for detecting fraudulent use of a unique identifier associated with an authorized mobile station in a wireless telecommunications network, comprising:
-
a monitoring system for collecting data associated with the registration of one or more mobile stations utilizing the unique identifier; and a fraud detection processor in communication with the monitoring system for analyzing the data collected by the monitoring system, the processor comprising a first pattern recognition device for determining the periodicity of successive registration messages associated with the unique identifier, wherein a suspected fraudulent event is identified when the time periods between successive registration messages are non-periodic. - View Dependent Claims (25, 26, 27, 28, 29)
-
Specification