System, method and apparatus for authenticating calls
First Claim
Patent Images
1. A method for authenticating a calling device comprising the steps of:
- receiving a call from the calling device to a called device, at a controller, wherein the controller intercepts the call from the calling device to the called device;
sending a first authentication request for the call from the controller to the calling device;
receiving, at the controller, a first authentication response for the call from the calling device, wherein the first authentication response for the call comprises calling device encrypted data generated by the calling device, wherein the calling device encrypted data includes a hash of a caller identification for the calling device and a called number using a shared secret key;
extracting, by the controller, the caller identification and the called number from the encrypted data using the shared secret encryption key;
determining, by the controller, whether the extracted caller identification and the extracted called number are valid; and
transferring, by the controller, the call to the called device in response to determining that the extracted caller identification and the extracted called number are valid.
22 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a system, method and apparatus for authenticating calls that is a robust Anti-vishing solution. The present invention can identify Caller ID spoofing, verify dialed number to detect man-in-the middle and verify called party against dialed digits to detect impersonation. This solution can handle calls coming from any phone any where with little impact on user experience. Two separate solutions are tailored for smart phones (communication devices capable of running application software) and traditional phones to reduce the impact to user experience while providing robust verification.
-
Citations
10 Claims
-
1. A method for authenticating a calling device comprising the steps of:
-
receiving a call from the calling device to a called device, at a controller, wherein the controller intercepts the call from the calling device to the called device; sending a first authentication request for the call from the controller to the calling device; receiving, at the controller, a first authentication response for the call from the calling device, wherein the first authentication response for the call comprises calling device encrypted data generated by the calling device, wherein the calling device encrypted data includes a hash of a caller identification for the calling device and a called number using a shared secret key; extracting, by the controller, the caller identification and the called number from the encrypted data using the shared secret encryption key; determining, by the controller, whether the extracted caller identification and the extracted called number are valid; and transferring, by the controller, the call to the called device in response to determining that the extracted caller identification and the extracted called number are valid. - View Dependent Claims (2, 3, 4)
-
-
5. A system for authenticating a calling device comprising:
a controller communicably coupled to a communications network wherein the controller comprises a communications interface communicably coupled to the communications network and a processor communicably coupled to the communications interface, and wherein the processor (a) receives a call from the calling device that is directed to a called device using a called number, wherein the call is intercepted by the controller, (b) sends a first authentication request to the calling device, (c) receives a first authentication response from the calling device, wherein the first authentication response comprises calling device encrypted data generated by the calling device comprising a hash of a caller identification, the called number and a shared secret encryption key, (d) extracts the caller identification and the called number from the encrypted data using the shared secret encryption key, (e) determines whether the extracted caller identification and the extracted called number are valid, and (f) transfers the call to the called device whenever the extracted caller identification and the extracted called number are valid. - View Dependent Claims (6)
-
7. A method for authenticating a calling device comprising the steps of:
-
trapping by an agent on the calling device the called number; receiving a call from the calling device to a called device, at a controller, wherein the controller intercepts the call from the calling device to the called device; sending a first authentication request for the call from the controller to the calling device; receiving, at the controller, a first authentication response for the call from the calling device, wherein the first authentication response for the call comprises calling device encrypted data generated by the calling device, wherein the calling device encrypted data includes a hash of a caller identification for the calling device and a called number using a shared secret key; extracting, by the controller, the caller identification and the called number from the encrypted data using the shared secret encryption key; determining, by the controller, whether the extracted caller identification and the extracted called number are valid; and transferring, by the controller, the call to the called device in response to determining that the extracted caller identification and the extracted called number are valid, wherein the step of transferring the call to the called device whenever the extracted caller identification and the extracted called number are valid comprises the steps of; in response to determining that the extracted caller identification and the extracted called number are valid, sending a second authentication request for the call to the calling device, wherein the second authentication request for the call comprises controller device encrypted data generated by a controller using the calling number, the called number, the controller generated encryption key, the calling device generated encryption key and the shared secret encryption key; receiving a second authentication response for the call from the calling device; transferring the call to the called device whenever the second authentication response for the call indicates success; and terminating the call whenever the second authentication response for the call indicates failure. - View Dependent Claims (8, 9, 10)
-
Specification