System for detection and prevention of telecommunications fraud prior to call connection

US 6,307,926 B1
Filed: 05/20/1998
Issued: 10/23/2001
Est. Priority Date: 05/20/1998
Status: Expired due to Fees

First Claim

Patent Images

1. In a telecommunications network, a method for determining whether to block an attempted call from being connected to a dialed number due to a likelihood that the attempted call is fraudulent, said attempted call being defined by information carried in a data message provided by a querying system, said method comprising, in combination:

receiving said data message into a computer system, said computer system including a database holding a plurality of fraud decision nodes cooperatively defining fraud screening trees each having a starting node, a first subset of said fraud decision nodes cooperatively defining a first fraud screening tree;

applying said first fraud screening tree to said attempted call based on said information carried in said data message, said first fraud screening tree producing a determination of whether or not to block said attempted call due to a likelihood that the attempted call is fraudulent; and

before said attempted call is connected to said dialed number, returning to said querying system a response data message indicative of said determination, whereby, if said determination is to block said attempted call, said attempted call is not connected to said dialed number.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An improved system for detecting and preventing telecommunications fraud prior to call connection, in which attempted calls are screened for fraud at the point of calling card validation in the SCP. The SCP accesses a database holding a variety of fraud decision nodes that may be interrelated and grouped together to cooperatively define fraud screening trees against which attempted calls may be tested. A fraud screening tree ultimately produces a fraud prediction based on a variety of information concerning the attempted call. The present invention therefore facilitates fraud screening with greater granularity and customization.

Citations

81 Claims

1. In a telecommunications network, a method for determining whether to block an attempted call from being connected to a dialed number due to a likelihood that the attempted call is fraudulent, said attempted call being defined by information carried in a data message provided by a querying system, said method comprising, in combination:
- receiving said data message into a computer system, said computer system including a database holding a plurality of fraud decision nodes cooperatively defining fraud screening trees each having a starting node, a first subset of said fraud decision nodes cooperatively defining a first fraud screening tree;
  
  applying said first fraud screening tree to said attempted call based on said information carried in said data message, said first fraud screening tree producing a determination of whether or not to block said attempted call due to a likelihood that the attempted call is fraudulent; and
  
  before said attempted call is connected to said dialed number, returning to said querying system a response data message indicative of said determination, whereby, if said determination is to block said attempted call, said attempted call is not connected to said dialed number.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. A method as claimed in claim 1, wherein said data message defines a billing number associated with said attempted call, and wherein said method further comprises selecting the starting node of said first fraud screening tree based on said billing number.
  - 3. A method as claimed in claim 2, wherein said billing number is associated with a service code designation defining a predetermined level of fraud screening for said billing number, and wherein selecting the starting node of said first fraud screening tree comprises referring to a tree mapping table keyed to said service code designation.
  - 4. A method as claimed in claim 3, wherein said service code designation further defines a predetermined market class of said billing number.
  - 5. A method as claimed in claim 1, wherein said data message defines a billing number associated with said attempted call, said billing number is associated with a predetermined level of fraud screening, and said method further comprises selecting the starting node of said first fraud screening tree based on said predetermined level of fraud screening.
  - 6. A method as claimed in claim 1, wherein said data message defines a billing number associated with said attempted call, said billing number is associated with a market class, and said method further comprises selecting the starting node of said first fraud screening tree based on said market class.
  - 7. A method as claimed in claim 1, wherein said fraud decision nodes are selected from the group consisting of date/time nodes, call origination nodes, information digits nodes, originating point code nodes, and dialed number nodes.
  - 8. A method as claimed in claim 1, wherein each of said fraud decision nodes comprises a database table, and wherein a row in each fraud decision node defines a next fraud decision node based on specified criteria.
  - 9. A method as claimed in claim 1, wherein said data message defines a billing number, and said method further comprises, before applying said first fraud screening tree to said attempted call, verifying said billing number by reference to a validation database.
  - 10. A method as claimed in claim 1, wherein said computer system comprises an SCP.
  - 11. A method as claimed in claim 1, wherein said querying system comprises a telecommunications switch.
  - 12. A method as claimed in claim 1, wherein said querying system comprises an operator center.
  - 13. A method as claimed in claim 1, wherein said data message comprises a transaction capabilities application part (TCAP) message.
  - 14. A method as claimed in claim 13, wherein said data message further comprises a signaling connection control part (SCCP).

15. In a telecommunications network, a method of determining that an attempted call is likely to be fraudulent and responsively preventing said attempted call from being connected to a dialed number, said attempted call defining a customer billing number, a call origination number and said dialed number, said telecommunications network including a querying system and a service control point (SCP), said querying system receiving an indication of said attempted call and responsively passing a data message to said SCP, said data message defining information about said attempted call, said method comprising, in combination:
- storing, in a database accessible by said SCP, a plurality of fraud decision nodes, wherein each of said decision nodes defines criteria against which said attempted call may be tested and wherein, based on satisfaction of said criteria, said fraud decision node points to a next one of said fraud decision nodes, a given group of said fraud decision nodes thereby cooperatively defining a fraud screening tree through which said attempted call may be tested, said fraud screening tree including a final fraud decision node that defines a fraud prediction for said attempted call;
  
  receiving said data message at said SCP;
  
  verifying said customer billing number;
  
  selecting, based on said customer billing number, a first fraud decision node of said fraud screening tree;
  
  applying said fraud screening tree to said attempted call;
  
  based on said fraud prediction, generating a response data message indicating whether or not to block said attempted call from being connected to said dialed number;
  
  passing said response data message to said querying system; and
  
  if said response data message indicates to block said attempted call from being connected, preventing said attempted call from being connected to said dialed number.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 16. A method as claimed in claim 15, wherein said billing number is associated with a service code designation defining a predetermined level of fraud screening for said billing number, and wherein selecting the first fraud decision node of said fraud screening tree comprises referring to a tree mapping table keyed to said service code designation.
  - 17. A method as claimed in claim 16, wherein said service code designation further defines a predetermined market class of said billing number.
  - 18. A method as claimed in claim 15, wherein said billing number is associated with a predetermined level of fraud screening, and said method further comprises selecting the first fraud decision node of said fraud screening tree based on said predetermined level of fraud screening.
  - 19. A method as claimed in claim 15, wherein each of a plurality of groups of said fraud decision nodes define a unique fraud screening tree that may be selectively applied to a given attempted call.
  - 20. A method as claimed in claim 15, wherein each of said fraud decision nodes is selected from the group consisting of date/time nodes, call origination nodes, information digits nodes, originating point code nodes and dialed number nodes.
  - 21. A method as claimed in claim 15, wherein said querying system comprises a switch.
  - 22. A method as claimed in claim 15, wherein said querying system comprises an operator center.
  - 23. A method as claimed in claim 15, wherein said data message comprises a transaction capabilities application part (TCAP).
  - 24. A method as claimed in claim 23, wherein said data message further comprises a signaling connection control part (SCCP).

25. In a telecommunications network, a method for determining whether to block an attempted call from being connected to a dialed number due to a likelihood that the attempted call is fraudulent, said attempted call being defined by information carried in a data message provided by a querying system, said information including a customer billing number, said method comprising, in combination:
- receiving said data message into a computer system, said computer system including a database holding a plurality of fraud decision nodes defining criteria against which said attempted call may be tested and wherein, based on satisfaction of said criteria, said fraud decision nodes cooperatively defining fraud screening trees each having a starting node, a first subset of said fraud decision nodes cooperatively defining a first fraud screening tree;
  
  selecting, based on said customer billing number, the starting node of said first fraud screening tree;
  
  starting with the starting node, applying the plurality of fraud decision nodes defining the first fraud screening tree, said first fraud screening tree producing a determination of whether or not to block said attempted call due to a likelihood that the attempted call is fraudulent; and
  
  before said attempted call is connected to said dialed number, returning to said querying system a response data message indicative of said determination, whereby, if said determination is to block said attempted call, said attempted call is not connected to said dialed number.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 26. A method as claimed in claim 25, wherein said billing number is associated with a service code designation defining a predetermined level of fraud screening for said billing number, and wherein selecting the starting node of said first fraud screening tree comprises referring to a tree mapping table keyed to said service code designation.
  - 27. A method as claimed in claim 26, wherein said service code designation further defines a predetermined market class of said billing number.
  - 28. A method as claimed in claim 25, wherein said billing number is associated with a predetermined level of fraud screening, and said method further comprises selecting the starting node of said first fraud screening tree based on said predetermined level of fraud screening.
  - 29. A method as claimed in claim 25, wherein said billing number is associated with a market class, and said method further comprises selecting the starting node of said first fraud screening tree based on said market class.
  - 30. A method as claimed in claim 25, wherein said fraud decision nodes are selected from the group consisting of a date/time node, a call origination node, an information digits node, an originating point code node, and a dialed number node.
  - 31. A method as claimed in claim 25, wherein each of a plurality of said fraud decision nodes comprises a database table, and wherein a row in each fraud decision node defines a next fraud decision node based on specified criteria.
  - 32. A method as claimed in claim 25, wherein said computer system comprises an SCP.
  - 33. A method as claimed in claim 25, wherein said querying system comprises a telecommunications switch.
  - 34. A method as claimed in claim 25, wherein said querying system comprises an operator center.
  - 35. A method as claimed in claim 25, wherein said data message comprises a transaction capabilities application part (TCAP) message.
  - 36. A method as claimed in claim 35, wherein said data message further comprises a signaling connection control part (SCCP).

37. In a telecommunications network, a method for determining whether to block an attempted call from being connected to a dialed number due to a likelihood that the attempted call is fraudulent, said attempted call being defined by information carried in a data message provided by a querying system, said method comprising, in combination:
- receiving said data message into a computer system, said computer system including a database holding a plurality of fraud decision nodes defining criteria against which said attempted call may be tested and wherein, based on satisfaction of said criteria, each of a plurality of said fraud decision nodes points to a next one of said fraud decision nodes, a first subset of said fraud decision nodes defining a fraud screening tree, said fraud screening tree including a starting node and a final fraud decision node that determines a fraud prediction for said attempted call;
  
  applying the starting node of said fraud screening tree to said attempted call based on said information carried in said data message, and applying the next one of said fraud decision nodes pointed to by the starting node based on satisfaction of the starting node criteria;
  
  based on satisfaction of the criteria in each applied fraud decision node, applying the next one of each fraud decision nodes pointed to by each applied decision node until the final fraud decision node determines the fraud prediction;
  
  based on said fraud prediction, generating a response message indicating whether or not to block said attempted call from being connected to said dialed number;
  
  passing said response message to said querying system; and
  
  if said response message indicates to block said attempted call from being connected, preventing said attempted call from being connected to said dialed number.
- View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48)
- - 38. A method as claimed in claim 37, wherein said data message defines a billing number associated with said attempted call, and wherein said method further comprises selecting the starting node of said first fraud screening tree based on said billing number.
  - 39. A method as claimed in claim 38, wherein said billing number is associated with a service code designation defining a predetermined level of fraud screening for said billing number, and wherein selecting the starting node of said fraud screening tree comprises referring to a tree mapping table keyed to said service code designation.
  - 40. A method as claimed in claim 39, wherein said service code designation further defines a predetermined market class of said billing number.
  - 41. A method as claimed in claim 37, wherein said billing number is associated with a predetermined level of fraud screening, and said method further comprises selecting the starting node of said fraud screening tree based on said predetermined level of fraud screening.
  - 42. A method as claimed in claim 37, wherein each of a plurality of groups of said fraud decision nodes defines a unique fraud screening tree that may be selectively applied to a given attempted call.
  - 43. A method as claimed in claim 37, wherein each of said fraud decision nodes is selected from the group consisting of a date/time node, a call origination node, an information digits node, an originated point code node and a dialed number node.
  - 44. A method as claimed in claim 37, wherein said querying system comprises a switch.
  - 45. A method as claimed in claim 37, wherein said querying system comprises an operator center.
  - 46. A method as claimed in claim 37, wherein said data message comprises a transaction capabilities application part (TCAP).
  - 47. A method as claimed in claim 46, wherein said data message further comprises a signaling connection control part (SCCP).
  - 48. A method as claimed in claim 37, wherein said data message defines a billing number, and said method further comprises, before applying the starting node said fraud screening tree to said attempted call, verifying said billing number by a reference to a validation database.

49. In a telecommunications network, a method for determining whether to block an attempted call from being connected to a dialed number due to a likelihood that the attempted call is fraudulent, said attempted call being defined by information carried in a data message provided by a querying system, said information including a customer billing number associated with a predetermined level of fraud screening, said method comprising, in combination:
- receiving said data message into a computer system, said computer system including a database holding a plurality of fraud decision nodes defining criteria against which said attempted call may be tested and wherein, based on satisfaction of said criteria, said fraud decision nodes cooperatively defining fraud screening trees each having a starting node, a first subset of said fraud decision nodes cooperatively defining a first fraud screening tree;
  
  selecting, based on said predetermined level of fraud screening, the starting node of said first fraud screening tree;
  
  starting with the starting node, applying the plurality of fraud decision nodes defining the first fraud screening tree, said first fraud screening tree producing a determination of whether or not to block said attempted call due to a likelihood that the attempted call is fraudulent; and
  
  before said attempted call is connected to said dialed number, returning to said querying system a response data message indicative of said determination, whereby, if said determination is to block said attempted call, said attempted call is not connected to said dialed number.
- View Dependent Claims (50, 51, 52, 53, 54, 55, 56, 57, 58, 59)
- - 50. A method as claimed in claim 49, wherein said billing number is associated with a service code designation defining a predetermined level of fraud screening for said billing number, and wherein selecting the starting node of said first fraud screening tree comprises referring to a tree mapping table keyed to said service code designation.
  - 51. A method as claimed in claim 50, wherein said service code designation further defines a predetermined market class of said billing number.
  - 52. A method as claimed in claim 49, wherein said billing number is associated with a market class, and said method further comprises selecting the starting node of said first fraud screening tree based on said market class.
  - 53. A method as claimed in claim 49, wherein said fraud decision nodes are selected from the group consisting of a date/time node, a call origination node, an information digits node, an originating point code node, and a dialed number node.
  - 54. A method as claimed in claim 49, wherein each of a plurality of said fraud decision nodes comprises a database table, and wherein a row in each fraud decision node defines a next fraud decision node based on specified criteria.
  - 55. A method as claimed in claim 49, wherein said computer system comprises an SCP.
  - 56. A method as claimed in claim 49, wherein said querying system comprises a telecommunications switch.
  - 57. A method as claimed in claim 49, wherein said querying system comprises an operator center.
  - 58. A method as claimed in claim 49, wherein said data message comprises a transaction capabilities application part (TCAP) message.
  - 59. A method as claimed in claim 58, wherein said data message further comprises a signaling connection control part (SCCP).

60. In a telecommunications network, a method for determining whether to block an attempted call from being connected to a dialed number due to a likelihood that the attempted call is fraudulent, said attempted call being defined by information carried in a data message provided by a querying system, said information including a customer billing number said billing number associated with a market class, said method comprising, in combination:
- receiving said data message into a computer system, said computer system including a database holding a plurality of fraud decision nodes defining criteria against which said attempted call may be tested and wherein, based on satisfaction of said criteria, said fraud decision nodes cooperatively defining fraud screening trees each having a starting node, a first subset of said fraud decision nodes cooperatively defining a first fraud screening tree;
  
  selecting the starting node of said first fraud screening tree based on said market class;
  
  starting with the starting node, applying the plurality of fraud decision nodes defining the first fraud screening tree, said first fraud screening tree producing a determination of whether or not to block said attempted call due to a likelihood that the attempted call is fraudulent; and
  
  before said attempted call is connected to said dialed number, returning to said querying system a response data message indicative of said determination, whereby, if said determination is to block said attempted call, said attempted call is not connected to said dialed number.
- View Dependent Claims (61, 62, 63, 64, 65, 66, 67, 68, 69)
- - 61. A method as claimed in claim 60, wherein said billing number is associated with a service code designation defining a predetermined level of fraud screening for said billing number, and wherein selecting the starting node of said first fraud screening tree comprises referring to a tree mapping table keyed to said service code designation.
  - 62. A method as claimed in claim 61, wherein said service code designation further defines a predetermined market class of said billing number.
  - 63. A method as claimed in claim 60, wherein said fraud decision nodes are selected from the group consisting of a date/time node, a call origination node, an information digits node, an originating point code node, and a dialed number node.
  - 64. A method as claimed in claim 60, wherein each of a plurality of said fraud decision nodes comprises a database table, and wherein a row in each fraud decision node defines a next fraud decision node based on specified criteria.
  - 65. A method as claimed in claim 60, wherein said computer system comprises an SCP.
  - 66. A method as claimed in claim 60, wherein said querying system comprises a telecommunications switch.
  - 67. A method as claimed in claim 60, wherein said querying system comprises an operator center.
  - 68. A method as claimed in claim 60, wherein said data message comprises a transaction capabilities application part (TCAP) message.
  - 69. A method as claimed in claim 68, wherein said data message further comprises a signaling connection control part (SCCP).

70. In a telecommunications network, a method for determining whether to block an attempted call from being connected to a dialed number due to a likelihood that the attempted call is fraudulent, said attempted call being defined by information carried in a data message provided by a querying system, said information including a customer billing number, said method comprising, in combination:
- receiving said data message into a computer system, said computer system including a database holding a plurality of fraud decision nodes defining criteria against which said attempted call may be tested and wherein, based on satisfaction of said criteria, said fraud decision nodes cooperatively defining fraud screening trees each having a starting node, a first subset of said fraud decision nodes cooperatively defining a first fraud screening tree, each of the plurality of said fraud decision nodes comprising a database table, wherein a row in each fraud decision node defines a next fraud decision node based on specified criteria;
  
  selecting, based on said customer billing number, the starting node of said first fraud screening tree;
  
  starting with the starting node, applying the plurality of fraud decision nodes defining the first fraud screening tree, said first fraud screening tree producing a determination of whether or not to block said attempted call due to a likelihood that the attempted call is fraudulent; and
  
  before said attempted call is connected to said dialed number, returning to said querying system a response data message indicative of said determination, whereby, if said determination is to block said attempted call, said attempted call is not connected to said dialed number.
- View Dependent Claims (71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81)
- - 71. A method as claimed in claim 70, wherein said billing number is associated with a service code designation defining a predetermined level of fraud screening for said billing number, and wherein selecting the starting node of said first fraud screening tree comprises referring to a tree mapping table keyed to said service code designation.
  - 72. A method as claimed in claim 71, wherein said service code designation further defines a predetermined market class of said billing number.
  - 73. A method as claimed in claim 70, wherein each of a plurality of said fraud decision nodes comprises a database table, and wherein a row in each fraud decision node defines a next fraud decision node based on specified criteria.
  - 74. A method as claimed in claim 70, wherein said billing number is associated with a market class, and said method further comprises selecting the starting node of said first fraud screening tree based on said market class.
  - 75. A method as claimed in claim 70, wherein said fraud decision nodes are selected from the group consisting of a date/time node, a call origination node, an information digits node, an originating point code node, and a dialed number node.
  - 76. A method as claimed in claim 70, wherein said step of verifying said billing number is preformed by a reference to a validation database.
  - 77. A method as claimed in claim 70, wherein said computer system comprises an SCP.
  - 78. A method as claimed in claim 70, wherein said querying system comprises a telecommunications switch.
  - 79. A method as claimed in claim 70, wherein said querying, system comprises an operator center.
  - 80. A method as claimed in claim 70, wherein said data message comprises a transaction capabilities application part (TCAP) message.
  - 81. A method as claimed in claim 80, wherein said data message further comprises a signaling connection control part (SCCP).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sprint Communications Company LP (Deutsche Telekom AG)
Original Assignee
Sprint Communications Company LP (Deutsche Telekom AG)
Inventors
Abbasi, Zahid Ali, Barton, Richard Hillix, Allen, Isaac Shane
Primary Examiner(s)
Matar, Ahmad
Assistant Examiner(s)
BUI, BING Q

Application Number

US09/082,233
Time in Patent Office

1,252 Days
Field of Search

379/34, 379/91.01, 379/93.02, 379/114.14, 379/188, 379/189, 379/190, 379/191, 379/192, 379/194, 379/196, 379/114.15, 379/114.03, 379/145
US Class Current

379/189
CPC Class Codes

H04M 15/47   Fraud detection or preventi...

H04M 17/00   Prepayment of wireline comm...

H04M 17/103   using SIMs (USIMs) or calli...

H04M 2017/12   using calling, telephone cr...

H04M 2215/0148   Fraud detection or preventi...

System for detection and prevention of telecommunications fraud prior to call connection

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

81 Claims

Specification

Solutions

Use Cases

Quick Links

System for detection and prevention of telecommunications fraud prior to call connection

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

81 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links