System and method for an automated system for continuous observation, audit and control of user activities as they occur within a mobile network

US 9,532,227 B2
Filed: 05/23/2016
Issued: 12/27/2016
Est. Priority Date: 09/13/2013
Status: Active Grant

First Claim

Patent Images

1. A method for detecting fraudulent transactions relating to a mobile device, comprising:

monitoring, at a first processing node associated with a first network interconnecting a provider agent and a customer care center, a first mirrored live-data flow of a first live data flow passing through the first processing node in a non-intrusive manner that does not affect the first live-data flow passing through the first processing node, wherein the first live-data flow comprises first data that is in active transmission between endpoints in the first network and prior to storage of the first data in a database;

monitoring, at a second processing node associated with a mobile device network, a second mirrored live-data flow of a second live data flow passing through the second processing node in the non-intrusive manner that does not affect the second live-data flow passing through the second processing node, wherein the second live-data flow comprises second data that is in active transmission between endpoints in the mobile device network and prior to onward storage of the second data in a second database;

comparing, at each of the first and second processing nodes, the first data associated with the first mirrored live-data flow and the second data associated with the second mirrored live-data flow respectively with predetermined or deduced conditions to detect a potentially fraudulent condition;

placing a hold on a transaction associated with the first live-data flow and the second live-data flow responsive to detection of the potentially fraudulent condition at the first processing node or the second processing node;

generating, at a third processing node, an interactive verification communication responsive to the first data associated with the first live-data flow and the second data associated with the second live-data flow to establish a validity of the transaction;

releasing the hold on the transaction responsive to the interactive verification communication determining the potentially fraudulent condition relates to a non-fraudulent transaction; and

generating a fraud detection response responsive to the interactive verification communication determining the potentially fraudulent condition relates to a fraudulent transaction before the transaction completes.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method monitors for fraudulent transactions relating to a mobile device. Either of first and second processing nodes places a hold on a transaction associated with the first live-data flow and the second live-data flow responsive to detection of a potentially fraudulent condition. A third processing node generates an interactive verification communication responsive to the first data associated with the first live-data flow and the second data associated with the second live-data flow to establish a validity of the transaction. The third processing node releases the hold on the transaction responsive to the interactive verification communication determining the potentially fraudulent condition relates to a non-fraudulent transaction and generates a fraud detection response responsive to the interactive verification communication determining the potentially fraudulent condition relates to a fraudulent transaction before the transaction completes.

Citations

30 Claims

1. A method for detecting fraudulent transactions relating to a mobile device, comprising:
- monitoring, at a first processing node associated with a first network interconnecting a provider agent and a customer care center, a first mirrored live-data flow of a first live data flow passing through the first processing node in a non-intrusive manner that does not affect the first live-data flow passing through the first processing node, wherein the first live-data flow comprises first data that is in active transmission between endpoints in the first network and prior to storage of the first data in a database;
  
  monitoring, at a second processing node associated with a mobile device network, a second mirrored live-data flow of a second live data flow passing through the second processing node in the non-intrusive manner that does not affect the second live-data flow passing through the second processing node, wherein the second live-data flow comprises second data that is in active transmission between endpoints in the mobile device network and prior to onward storage of the second data in a second database;
  
  comparing, at each of the first and second processing nodes, the first data associated with the first mirrored live-data flow and the second data associated with the second mirrored live-data flow respectively with predetermined or deduced conditions to detect a potentially fraudulent condition;
  
  placing a hold on a transaction associated with the first live-data flow and the second live-data flow responsive to detection of the potentially fraudulent condition at the first processing node or the second processing node;
  
  generating, at a third processing node, an interactive verification communication responsive to the first data associated with the first live-data flow and the second data associated with the second live-data flow to establish a validity of the transaction;
  
  releasing the hold on the transaction responsive to the interactive verification communication determining the potentially fraudulent condition relates to a non-fraudulent transaction; and
  
  generating a fraud detection response responsive to the interactive verification communication determining the potentially fraudulent condition relates to a fraudulent transaction before the transaction completes.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 2. The method of claim 1, wherein the potentially fraudulent transaction comprises a monetary transfer transaction.
  - 3. The method of claim 1, wherein the potentially fraudulent transaction comprises at least one of PIN issuance, SIM card issuance or purchase of the mobile device.
  - 4. The method of claim 1, wherein the potentially fraudulent transaction comprises a socially engineered fraud activity.
  - 5. The method of claim 1, wherein the potentially fraudulent transaction comprises a call using a known fraud number.
  - 6. The method of claim 1, wherein the step of placing the hold further comprises notifying parties to the potentially fraudulent transaction that the transaction has been placed on hold.
  - 7. The method of claim 1, wherein the step of placing the hold further comprises:
    - maintaining the hold for a predetermined period of time during the verification communication; and
      
      releasing the hold after expiration of the predetermined period of time.
  - 8. The method of claim 1, wherein the step of generating the verification communication further comprise generating a series of questions to a party to the potentially fraudulent transaction to verify the transaction, the series of questions based upon recent activities known by the party to the potentially fraudulent transaction.
  - 9. The method of claim 1 further comprising updating other first and second processing nodes of the potentially fraudulent condition responsive to a determination that the potentially fraudulent condition relates to the fraudulent transaction.
  - 10. The method of claim 1, wherein the step of generating the fraud detection response further comprises generating verification hurdles based upon activity derived from the mobile device network.
  - 11. The method of claim 1, wherein the potentially fraudulent conditions comprise fraud triggers including issuance of a PIN, replacement of the PIN, issuance of a SIM card, replacement of the SIM card, issuance of a mobile device or replacement of the mobile device.
  - 12. The method of claim 1, wherein the detection of the potentially fraudulent condition by the comparison further causes automatic updating of detection capabilities with respect to the potentially fraudulent condition.
  - 13. The method of claim 1, wherein the interactive verification communication includes at least one of an interactive dialog between the third processing node and a third party.
  - 14. The method of claim 1, wherein the potentially fraudulent condition comprises at least one of detecting a larger pattern of suspicious activity between the mobile device and a party to the transaction and detecting communications content indicating fraud is occurring.
  - 15. The method of claim 1, wherein the verification of the transaction while the transaction is underway provides an opportunity to allow or deny the transaction before the transaction completes and any associated monies are transferred.
  - 17. The system of claim 15, wherein the potentially fraudulent transaction comprises a monetary transfer transaction.
  - 18. The system of claim 15, wherein the potentially fraudulent transaction comprises at least one of PIN issuance, SIM card issuance or purchase of the mobile device.
  - 19. The system of claim 15, wherein the potentially fraudulent transaction comprises a socially engineered fraud activity.
  - 20. The system of claim 15, wherein the potentially fraudulent transaction comprise a call using a known fraud number.
  - 21. The system of claim 15, wherein the first and second processing nodes at each of the first and second processors further notifies parties to the potentially fraudulent transaction that the transaction has been placed on hold.
  - 22. The system of claim 15, wherein the first and second processing nodes at each of the first and second processors further:
    - maintains the hold for a predetermined period of time during the interactive verification communication; and
      
      releases the hold after expiration of the predetermined period of time.
  - 23. The system of claim 15, wherein the third processing node generates a series of questions to a party to the potentially fraudulent transaction to verify the transaction, the series of questions based upon recent activities known by the party to the potentially fraudulent transaction.
  - 24. The system of claim 15, wherein the third processing node further updates other first and second processing nodes of the potentially fraudulent condition responsive to a determination that the potentially fraudulent condition relates to the fraudulent transaction.
  - 25. The system of claim 15, wherein the generation of the fraud detection response further comprises generating verification hurdles based upon activity derived from the mobile network.
  - 26. The system of claim 15, wherein the potentially fraudulent conditions comprise fraud triggers including issuance of a PIN, replacement of the PIN, issuance of a SIM card, replacement of the SIM card, issuance of a mobile device or replacement of the mobile device.
  - 27. The system of claim 15, wherein the detection of the potentially fraudulent condition by the comparison further causes automatic updating of detection capabilities with respect to the potentially fraudulent condition.
  - 28. The system of claim 15, wherein the verification communication includes at least one of an interactive dialog between the third processing node and a third party.
  - 29. The method of claim 15, wherein the potentially fraudulent condition comprises at least one of detecting a larger pattern of suspicious activity between the mobile device and a party to the transaction and detecting communications content indicating fraud is occurring.
  - 30. The method of claim 15, wherein the verification of the transaction while the transaction is underway provides an opportunity to allow or deny the transaction before the transaction completes and any associated monies are transferred.

16. A system for detecting fraudulent transactions relating to a mobile device, comprising:
- a first processor associated with a first network interconnecting a provider agent and a customer care center, the first processor implementing a first processing node for monitoring a first mirrored live-data flow of a first live data flow passing through the first processing node in a non-intrusive manner that does not affect the first live-data flow passing through the first processing node, wherein the first live-data flow comprises first data that is in active transmission between endpoints in the first network prior to storage of the first data in a database;
  
  a second processor associated with a mobile device network, the second processor implementing a second processing node for monitoring a second mirrored live-data flow of a second live data flow passing through the second processing node in the non-intrusive manner that does not affect the second live-data flow passing through the second processing node, wherein the second live-data flow comprises second data that is in active transmission between endpoints in the mobile device network and prior to onward storage of the second data in a second database;
  
  wherein the first and second processing nodes at each of the first and second processors further compares the first data associated with the first mirrored live-data flow and the second data associated with the second mirrored live-data flow respectively to predetermined or deduced conditions to detect a potentially fraudulent condition;
  
  wherein the first or second processing nodes at each of the first and second processors further places a hold on a transaction associated with the first live-data flow and the second live-data flow responsive to detection of the potentially fraudulent condition at the first or second processing node;
  
  a third processor communicating with the first processor and the second processor, the third processor implementing a third processing node for;
  
  generating an interactive verification communication responsive to the first data associated with the first live-data flow and the second data associated with the second live-data flow to establish a validity of the transaction;
  
  releasing the hold on the transaction responsive to the interactive verification communication determining the potentially fraudulent condition relates to a non-fraudulent transaction; and
  
  generating a fraud detection response responsive to the verification communication determining the potentially fraudulent condition relates to a fraudulent transaction before the transaction completes.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Network Kinetix, Llc
Original Assignee
Network Kinetix, Llc
Inventors
Richards, Carissa, Ramachandran, Hariharan, Richards, Peter
Primary Examiner(s)
KATSIKIS, KOSTAS J

Application Number

US15/162,159
Publication Number

US 20160269908A1
Time in Patent Office

218 Days
Field of Search

709/224
US Class Current

1/1
CPC Class Codes

G06Q 20/08   Payment architectures

G06Q 20/3223   Realising banking transacti...

G06Q 20/4016   involving fraud or risk lev...

G06Q 30/0248   Avoiding fraud

H04L 43/062   related to network traffic

H04L 47/10   Flow control; Congestion co...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04W 12/065   Continuous authentication

H04W 12/126   Anti-theft arrangements, e....

H04W 12/128   Anti-malware arrangements, ...

H04W 24/08   Testing, supervising or mon...

System and method for an automated system for continuous observation, audit and control of user activities as they occur within a mobile network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for an automated system for continuous observation, audit and control of user activities as they occur within a mobile network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links