Adaptive fraud monitoring and control

US 5,465,387 A
Filed: 10/08/1993
Issued: 11/07/1995
Est. Priority Date: 10/08/1993
Status: Expired due to Term

First Claim

Patent Images

1. The method of monitoring access to a system, comprising:

establishing a rate of interruption for demanding authentication from a potential accessor;

denying access in the event of failure to authenticate in response to each demand; and

automatically varying the rate of interruption to a another rate in response to predetermined conditions;

one of the predetermined conditions including prior failed authentications.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Access to a resource such as a telecommunications system is monitored and prevented adaptively on a real-time basis by establishing with the customer, a steady state low level of surveillance and arbitrary intermittent interruption during which the telecommunications company demands authentication, by personal identification number (PIN), of a given fraction of access demands (for example, telephone calls), and, in response to signals indicating that arrival of an alert condition, and preferably at least one prior invalid call, raising the level of authentication demands.

173 Citations

22 Claims

1. The method of monitoring access to a system, comprising:
- establishing a rate of interruption for demanding authentication from a potential accessor;
  
  denying access in the event of failure to authenticate in response to each demand; and
  
  automatically varying the rate of interruption to a another rate in response to predetermined conditions;
  
  one of the predetermined conditions including prior failed authentications.
- View Dependent Claims (2, 3, 6, 7, 8, 9, 19, 20)
- - 2. The method as in claim 1, wherein the rate of interruption is varied on the basis of the rate of failed authentications.
  - 3. The method as in claim 1, wherein a further one of the predetermined conditions is an alert condition related to time.
  - 6. The method as in claim 1, wherein the established rate of interruption is P, where P is equal to any value of from 0 to 1.0 and each 1/P-th call is interrupted.
  - 7. The method as in claim 1, wherein the step of varying the rate of interruptions includes raising the rate of interruptions if the number of authentication failures exceeds a given number over a period of time, and decreasing the rate of interruptions if the number of authentication failures is less than a given amount over a period of time.
  - 8. The method as in claim 1, wherein predetermined conditions include an alert condition related to time and the number of failed authentications.
  - 9. The method as in claim 1, wherein the step of varying the rate of interruptions includes setting three default rates, and varying between the three rates on the basis of the rate of failed authentications.
  - 19. The method as in claim 1, wherein the step of establishing a rate of interruption includes determining whether calls are suspicious and determining the rate of interruptions on the basis of the rate of failed suspicious calls.
  - 20. The method as in claim 19, wherein automatically varying the rate of interruption to a another rate includes determining the rate of failed authentication demands and adjusting the rate of interruption on the basis of the rate of failed authentication demands.

4. The method of monitoring access to a system, comprising:
- establishing a rate of interruption for demanding authentication from a potential accessor;
  
  denying access in the event of failure to authenticate in response to each demand; and
  
  automatically varying the rate of interruption to a another rate in response to predetermined conditions;
  
  the step of establishing a rate of interruption including determining whether calls are suspicious and determining the rate of interruptions on the basis of only the rate of failed suspicious calls.
- View Dependent Claims (5)
- - 5. The method as in claim 4, wherein automatically varying the rate of interruption to a another rate includes determining the rate of failed authentication demands and adjusting the rate of interruption on the basis of the rate of failed authentication demands.

10. An apparatus for monitoring access to a system, comprising:
- means for establishing a rate of interruption for demanding authentication from a potential accessor;
  
  means for denying access in the event of failure to authenticate in response to each demand; and
  
  means for varying the rate of interruption to another in response to predetermined conditions selected by the customer, one of the predetermined conditions including prior failed authentications.
- View Dependent Claims (11, 12, 15, 16, 17, 18, 21, 22)
- - 11. An apparatus as in claim 10, wherein the means for varying the rate of interruption includes means for varying on the basis of the rate of failed authentications.
  - 12. An apparatus as in claim 10, wherein one to the predetermined conditions is an alert condition related to time.
  - 15. An apparatus as in claim 10, wherein the established rate of interruption is P, where P is equal to any value of from 0 to 1.0 and each 1/P-th call is interrupted.
  - 16. An apparatus as in claim 10, wherein the means for varying the rate of interruptions includes means for raising the rate of interruptions if the number of authentication failures exceeds a given number over a period of time, and decreasing the rate of interruptions if the number of authentication failures is less than a given amount over a period of time.
  - 17. An apparatus as in claim 10, wherein further predetermined conditions include an alert condition related to time and the number of failed authentications.
  - 18. An apparatus as in claim 10, wherein the means for varying the rate of interruptions includes means for setting three default rates, and means for varying between the three rates on the basis of the rate of failed authentications.
  - 21. An apparatus as in claim 10, wherein the means for establishing a rate of interruption includes means for determining whether calls are suspicious and means for varying the rate of interruptions on the basis of the rate of failed suspicious calls.
  - 22. An apparatus as in claim 21, wherein the means for automatically varying the rate of interruption to another rate includes means for determining the rate of failed authentication demands and means for adjusting the rate of interruption on the basis of the rate of failed authentication demands.

13. An apparatus for monitoring access to a system, comprising:
- means for establishing a rate of interruption for demanding authentication from a potential accessor;
  
  means for denying access in the event of failure to authenticate in response to each demand; and
  
  means for varying the rate of interruption to another in response to predetermined conditions selected by the customer,the means for establishing a rate of interruption including means for determining whether calls are suspicious and means for determining the rate of interruptions on the basis of only the rate of failed suspicious calls.
- View Dependent Claims (14)
- - 14. An apparatus as in claim 13, wherein the means for automatically varying the rate of interruption to a another rate includes means for determining the rate of failed authentication demands and means for adjusting the rate of interruption on the basis of the rate of failed authentication demands.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
American Telephone & Telegraph Company (AT&T, Inc.)
Original Assignee
AT&T Corporation (AT&T, Inc.)
Inventors
Mukherjee, Arabinda
Primary Examiner(s)
Barron, Jr., Gilberto

Application Number

US08/134,358
Time in Patent Office

760 Days
Field of Search

455/26.1, 379/62, 380/23
US Class Current

455/26.1
CPC Class Codes

H04M 15/00 Arrangements for metering, ...

H04M 3/38 Graded-service arrangements...

Adaptive fraud monitoring and control

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

173 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Adaptive fraud monitoring and control

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

173 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links