Fraud detection techniques for wireless network operators

US 7,974,602 B2
Filed: 09/06/2001
Issued: 07/05/2011
Est. Priority Date: 09/06/2001
Status: Active Grant

First Claim

Patent Images

1. A method of detecting unauthorized terminal use in a wireless network environment having a geographic location manager that receives positioning information regarding movement of a terminal, said method comprising:

filtering received positioning information about locations of a terminal;

performing a statistical analysis of the locations of said terminal;

monitoring a current location of said terminal substantially in real-time; and

requesting clarification from a user of said terminal upon detection of a deviation between said statistical analysis of the location of said terminal and said current location of said terminal,wherein said geographic location manager receives, filters, and performs a statistical analysis on the positioning information regarding said terminal in a database, andwherein the statistical analysis of the location of said terminal produces a normalized histogram of a location of said terminal and records said histogram in said database.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method are provided by which a network operator is able to detect fraudulent use of a subscriber'"'"'s terminal, regardless of whether or not the subscriber is aware of the fraudulent use of her terminal. Detecting unauthorized terminal use in a wireless network includes recording a history of terminal location and registration patterns, analyzing the recorded history of location and registration patterns of the terminal, monitoring current location and registration patterns of the terminal, and requesting clarification when a deviation between said statistical analysis of the location and registration patterns of said terminal and said current location and registration patterns of said terminal is detected.

13 Citations

View as Search Results

26 Claims

1. A method of detecting unauthorized terminal use in a wireless network environment having a geographic location manager that receives positioning information regarding movement of a terminal, said method comprising:
- filtering received positioning information about locations of a terminal;
  
  performing a statistical analysis of the locations of said terminal;
  
  monitoring a current location of said terminal substantially in real-time; and
  
  requesting clarification from a user of said terminal upon detection of a deviation between said statistical analysis of the location of said terminal and said current location of said terminal,wherein said geographic location manager receives, filters, and performs a statistical analysis on the positioning information regarding said terminal in a database, andwherein the statistical analysis of the location of said terminal produces a normalized histogram of a location of said terminal and records said histogram in said database.
- View Dependent Claims (2, 3, 4, 5, 6, 19)
- - 2. The method of claim 1, wherein a deviation between said normalized histogram and said current location of said terminal includes one of re-registration of said terminal at a location that is not included in the normalized histogram of the location of said terminal, re-registration of said terminal at a location that is not likely from a probability distribution of the usage of said terminal, and repeated denials of re-registration for said terminal.
  - 3. The method of claim 2, wherein said monitoring of current location of said terminal is performed by a network control entity.
  - 4. The method of claim 3, wherein said network control entity is at least one of an authentication, authorization, and accounting entity of said network.
  - 5. The method of claim 4, wherein said requesting of clarification is performed by said network control entity.
  - 6. The method of claim 5, wherein said requesting of clarification includes:
    - sending a query to the user of said terminal;
      
      comparing the user'"'"'s response to said query with user-security information stored in said database; and
      
      terminating registration of said terminal to said network and denying said further access to said network if said user'"'"'s response to said query does not satisfy the user-security information stored in said database.
  - 19. The method of claim 1, wherein said positioning information is satellite-based positioning information.

7. A system for detecting fraudulent use of network subscribing terminals in a wireless network environment having a geographic location manager that receives positioning information regarding the movement of a terminal, comprising:
- a database that derives and records a normalized histogram of a location of said terminal in a network; and
  
  a control entity that monitors a current location of said terminal substantially in real-time and requests clarification from a user of said terminal upon detection of a deviation between the normalized histogram of the location said terminal and the current location of said terminal.
- View Dependent Claims (8, 9, 10, 11, 20)
- - 8. The system of claim 7, wherein said database is included in said geographic location manager that receives positioning information regarding said terminal.
  - 9. The system of claim 7, wherein a deviation between said normalized histogram of the location of said terminal and said current location of said terminal includes one of re-registration of said terminal at a location that is not included in the normalized histogram of the location of said terminal, re-registration of said terminal at a location that is not likely from a probability distribution of the usage of said terminal, and repeated denials of re-registration for said terminal.
  - 10. The system of claim 9, wherein said control entity is an authentication, authorization, accounting entity of said network.
  - 11. The system of claim 7, wherein, upon detection of the deviation between the normalized histogram of the location of said terminal and the current location of said terminal, said control entity sends a query to the user of said terminal, compares the user'"'"'s response to said query with user-security information stored in said database, and terminates registration of said terminal to said network and denies further access to said network if said user'"'"'s response to said query does not satisfy the user-security information stored in said database.
  - 20. The system of claim 7, wherein said positioning information is satellite-based positioning information.

12. A non-transitory computer-readable medium having computer-executable instructions for detecting unauthorized terminal use of a terminal in a wireless network environment having a geographic location manager that receives positioning information regarding a movement of said terminal, said computer-executable instructions comprising:
- filtering the received information about locations of a terminal;
  
  performing a statistical analysis of the location of said terminal;
  
  monitoring a current location of said terminal substantially in real-time; and
  
  requesting clarification from a user of said terminal upon detection of a deviation between said statistical analysis of the location of said terminal and said current location of said terminal,wherein the statistical analysis of the location of said terminal produces a normalized histogram of a location of said terminal, and records said normalized histogram in a database.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 21)
- - 13. The non-transitory computer-readable medium of claim 12, wherein said database is included in the geographic location manager that receives, filters, and performs a statistical analysis on positioning information regarding said terminal.
  - 14. The non-transitory computer-readable medium of claim 12, wherein a deviation between said normalized histogram of the location of said terminal and said current location of said terminal includes one of re-registration of said terminal at a location that is not included in the normalized histogram of the location of said terminal, re-registration of said terminal at a location that is not likely from a probability distribution of the usage of said terminal, and repeated denials of re-registration for said terminal.
  - 15. The non-transitory computer-readable medium of claim 14, wherein said monitoring of current location of said terminal is performed by a network operator.
  - 16. The non-transitory computer-readable medium of claim 15, wherein said network operator is an authentication, authorization, accounting entity of said network.
  - 17. The non-transitory computer-readable medium of claim 16, wherein said requesting of clarification is performed by said network operator.
  - 18. The non-transitory computer-readable medium of claim 17, wherein said requesting of clarification includes:
    - sending a query to the user of said terminal;
      
      comparing the user'"'"'s response to said query with user-security information stored in said database; and
      
      terminating registration of said terminal to said network and denying further access to said network if said user'"'"'s response to said query does not satisfy the user-security information stored in said database.
  - 21. The non-transitory computer-readable medium of claim 12, wherein said positioning information is satellite-based positioning information.

22. A method of detecting unauthorized terminal use in a wireless network environment having a geographic location manager that receives positioning information regarding movement of a terminal, said method comprising:
- receiving previous positioning information about locations of a terminal;
  
  performing a statistical analysis of the previous locations of said terminal and producing a normalized histogram of the previous locations;
  
  receiving a current position of said terminal substantially in real-time; and
  
  challenging a user of said terminal upon detection of a deviation between said normalized histogram of said statistical analysis of the previous locations of said terminal and said current location of said terminal.
- View Dependent Claims (23, 24)
- - 23. The method according to claim 22, wherein said current position of said terminal is received from said terminal when said terminal registers with said wireless network.
  - 24. The method according to claim 22, wherein said positioning information is satellite-based positioning information from said terminal.

25. A system for detecting fraudulent use of network subscribing terminals in a wireless network environment having a geographic location manager that receives positioning information regarding the movement of a terminal, comprising:
- a database that derives and records a normalized histogram of a location of said terminal in a network; and
  
  a control entity that monitors a current location of said terminal substantially in real-time and challenges a user of said terminal upon detection of a deviation between the normalized histogram of the previous locations of said terminal and the current location of said terminal.
- View Dependent Claims (26)
- - 26. The system according to claim 25, wherein said positioning information is satellite-based positioning information from said terminal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Four Batons Wireless LLC
Original Assignee
Telcordia Technologies Incorporated (Telefonaktiebolaget LM Ericsson), Toshiba Corporation
Inventors
Ohba, Yoshihiro, Vakil, Faramak, Nakjima, Nobuyasu, Agrawal, Prathima
Primary Examiner(s)
Edouard; Patrick N
Assistant Examiner(s)
Genack; Matthew W

Application Number

US09/946,795
Publication Number

US 20030045270A1
Time in Patent Office

3,589 Days
Field of Search

455/403, 455/410, 455/411, 709/229
US Class Current

455/410
CPC Class Codes

H04M 1/66   with means for preventing u...

H04M 2203/6027   Fraud preventions

H04M 2207/18   wireless networks

H04M 2242/30   Determination of the locati...

H04M 3/2218   Call detail recording

H04M 3/36   Statistical metering, e.g. ...

H04M 3/38   Graded-service arrangements...

Fraud detection techniques for wireless network operators

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

13 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Fraud detection techniques for wireless network operators

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links