Abstract: A method of identifying recording of a conversation during a communication session, including establishing a communication session between a first participant and one or more remote participants, transmitting audio packets from a communication device of the first participant to the one or more remote participants, receiving audio packets from the one or more remote participants, including echo packets responsive to the transmitted audio packets, analyzing the received audio packets by an analysis application to identify delays in the echo packets relative to the transmitted packets providing an indication of the presence of a recording application at a communication device of a remote participant, notifying the communication device of the first participant.

Abstract: The claimed subject matter provides systems and/or methods that effectuate a simple protocol for tangible security on mobile devices. The system can include devices that generate sets of keys and associated secret identifiers, employs the one or more keys to encrypt a secret and utilizes the identifiers and encryptions of the secret to populate a table associated with a security token device that is used in conjunction with a mobile device to release sensitive information persisted on the mobile device for user selected purposes.

Abstract: A fraud early warning system and method for monitoring transactional behavior of an account holder and evaluating that behavior by comparing it to biographical data and/or the past behavior of the account holder. The system and method is applicable to real-time wire transfers, online transactions, automated teller machine transactions, point-of-sale transactions, etc.

Abstract: A method for supporting non-secure warning tones on packet-switched networks involves receiving a call attempt from a source phone to a destination phone, checking if a connection of the security domains of the source phone and the destination phone via a MLS voice gateway is allowed, and checking if a generation of a non-secure warning tone locally by the source phone is required. A call is established from the source phone to the destination phone upon acknowledgement of the local generation of the non-secure warning tone by the source phone.

Abstract: A network traffic control device, and a security policy configuration method. The network traffic control device identifies a source, a destination, and an application type of an input data stream; executes, based a predetermined enterprise organizational structure, first upward tracing processing to obtain a first source upward tracing point and a first destination upward tracing point; and generating a first security policy, where a source in a match condition of the first security policy is configured to the first source upward tracing point, a destination in the match condition of the first security policy is configured to the first destination upward tracing point. According to the security policy configuration method implemented by the network traffic control device, a security policy can be automatically generated, which reduces difficulty in configuring the security policy and increases a configuration success rate.

Abstract: An apparatus provides a method for analyzing a situation of a called terminal based on a sound source provided by a telecommunication service provider. The method includes storing feature informations of situation guidance sound sources provided by telecommunication service providers according to the situation of the called terminal; after a call connection request to a called terminal, receiving a sound source provided by a telecommunication service provider according to a situation of the called terminal; extracting at least one analysis duration of the received sound source with reference to a beep/tone of the received sound source, corresponding to feature informations of at least one candidate sound source among the situation guidance sound sources; and determining a situation of the called terminal based on a matching degree of the received sound source and the candidate sound source relating to a corresponding analysis duration, for respective analysis durations.

Abstract: Embodiments of the present invention perform speaker identification and verification by first prompting a user to speak a phrase that includes a common phrase component and a personal identifier. Then, the embodiments decompose the spoken phrase to locate the personal identifier. Finally, the embodiments identify and verify the user based on the results of the decomposing.

Abstract: A method for storage unit communication is provided. The method includes detecting an event associated with a loss of trust for the data stored within a storage unit and encrypting, at the storage unit, data that is being transmitted along an outbound path from the storage unit to a requestor, wherein the encrypting is responsive to detecting the event.

Abstract: A computer implemented method determines validity of web-based interactions. Web-based interaction data relating to a web-based interaction may be accessed. The web-based interaction data may include aggregate measure data that may include a number of unique queries per web-based session. The validity of the web-based interaction may be determined based on the aggregate measure data.

Abstract: A processor server receives transaction information associated with an online transaction between a user device and a merchant server, and provides embedded code to the user device based on receiving the transaction information. The processor server receives, based on execution of the embedded code, location information identifying a geographic location at which the user device is located, and an identifier associated with the user device. The processor server determines an authorization decision for the online transaction based on the transaction information, the location information, and the identifier, and forwards the authorization decision to the merchant server to permit the merchant server to approve or deny the online transaction.

Abstract: A method, system, and computer readable medium comprising instructions for providing Internet protocol enabled information delivery are provided. Information from a calling party is received at an Internet protocol enabled device. A lookup of information relating to the calling party is performed in a database via an Internet protocol connection. A message is received from the database comprising information relating to the calling party.

Abstract: Typical speaker verification systems usually employ speakers' audio data collected during an enrollment phase when users enroll with the system and provide respective voice samples. Due to technical, business, or other constraints, the enrollment data may not be large enough or rich enough to encompass different inter-speaker and intra-speaker variations. According to at least one embodiment, a method and apparatus employing classifier adaptation based on field data in a deployed voice-based interactive system comprise: collecting representations of voice characteristics, in association with corresponding speakers, the representations being generated by the deployed voice-based interactive system; updating parameters of the classifier, used in speaker recognition, based on the representations collected; and employing the classifier, with the corresponding parameters updated, in performing speaker recognition.

Abstract: The apparatus disclosed is a wireless vibration sensor monitor and recorder along with the associated system and method of use. The apparatus contains a digital accelerometer that operates off six axes. The apparatus may also include features such as a temperature sensor and ambient light sensor. The system actively monitors time and battery voltage level, as well as records information pertinent to the health of the apparatus. Once affixed to an appliance or piece of machinery, the apparatus monitors the duration of the cycle and the vibrations produced to compile a cycle profile. Once the apparatus has determined the cycle or predetermined period to be complete, a notification is sent to a remote user. This signal may be received by any compatible Bluetooth low energy device.

Abstract: An image processing apparatus includes a reception unit configured to receive a session start message, a determination unit configured to determine whether the session start message received by the reception unit is a session start message from a public Internet Protocol network or a session start message from a local Internet Protocol network, an acquisition unit configured to acquire a media type included in the session start message received by the reception unit, and a control unit configured to determine whether a start of a session is allowed, based on a result determined by the determination unit and the media type acquired by the acquisition unit.

Abstract: The invention relates to a system for providing an automated security management framework for an enterprise based on the enterprise's operations, infrastructure, and user-based processes, as well as industry-specific rules and regulations associated with the enterprise. The system is configured to generate recommendations or instructions based on correlation of enterprise's operations, infrastructure, and user-based processes with industry-specific rules and regulations. The recommendations or instructions are then provided to a user associated with the enterprise so as to facilitate actions to be taken to address a potential security threat.

Abstract: The present invention is a method and system for automatically recognizing which products a shopper intends to find or purchase based on the shopper's trajectory in a retail aisle. First, the system detects and tracks the person to generate the trajectory of the shopper. Then some of the dynamic features are extracted from the shopper trajectory. The shopper trajectory features of a given trajectory are typically the positions, the motion orientations, and speeds at each point of the trajectory. A shopper behavior model is designed based on some of the primitive actions of shoppers. The last step of the method is to analyze a given shopper trajectory to estimate the shopper's intention. The step either utilizes decision rules based on the extracted shopper trajectory features, or utilizes a trained Hidden Markov Model, to estimate the progression of the primitive actions from the trajectory.

Abstract: Verifying identities includes obtaining feature point information based at least in part on biometric information collected from a to-be-verified user to form a to-be-verified feature point information set, the to-be-verified feature point information set identifying the to-be-verified user, comparing the to-be-verified feature point information set with preset feature point information sets that were stored in advance, and in the event that a degree of match between the to-be-verified feature point information set and a preset feature point information set is less than a first predetermined threshold value, and is greater than a second predetermined threshold value: receiving verification data entered by the to-be-verified user, comparing the verification data with preset data corresponding to the preset feature point information set, and in the event that the verification data and the preset data are the same, verifying the to-be-verified user.

Abstract: A telephone switching system capable of enabling an administrator to easily change the setting when an illegal outgoing call is detected and the illegal outgoing call is regulated is provided. A telephone switchboard includes a detection section for detecting an occurrence of a predetermined event, an e-mail creation section for creating a notification mail in which a content of the detected event is described, and a transmitting section for transmitting the notification mail, and the management terminal includes a receiving section for receiving the notification mail, an e-mail creation section for creating a reply mail corresponding to the notification mail, and a transmitting section for transmitting the reply mail. Further, the telephone switchboard further includes a receiving section for receiving the reply mail, and a setting section for setting an operation condition for a predetermined operation performed by the telephone switchboard based on the reply mail received.

Abstract: A method of building a database for a linguistic recognition device is provided The method includes storing common linguistic model data configured to infer a word or a sentence from a character acquired by recognizing a language input by a user in a storage section of a linguistic recognition device, collecting recognition-related information related to the user after storing the common linguistic data, and analyzing the collected recognition-related information to be stored as individual linguistic model data.

Abstract: A system and method for preventing illicit use of a telephony platform that includes enrolling a plurality of accounts on a telecommunications platform, wherein an account includes account configuration; at a fraud detection system of the telecommunications platform, receiving account usage data, wherein the usage data includes at least communication configuration data and billing configuration data of account configuration and further includes communication history of the plurality of accounts; calculating fraud scores of a set of fraud rules from the usage data, wherein at least a sub-set of the fraud rules include conditions of usage data patterns between at least two accounts; detecting when the fraud scores of an account satisfy a fraud threshold; and initiating an action response when a fraud score satisfies the fraud threshold.

Abstract: Remote configuration ensures compliance of remote devices. A server polls a device for a configuration file. The server compares the configuration file to a compliance policy. If the configuration file fails the compliance policy, the server retrieves a compliant configuration file that conforms to the compliance policy. The server sends the compliant configuration file to the device with an instruction to replace the configuration file.

Abstract: The claimed subject matter provides systems and/or methods that effectuate a simple protocol for tangible security on mobile devices. The system can include devices that generate sets of keys and associated secret identifiers, employs the one or more keys to encrypt a secret and utilizes the identifiers and encryptions of the secret to populate a table associated with a security token device that is used in conjunction with a mobile device to release sensitive information persisted on the mobile device for user selected purposes.

Abstract: A method, system and terminal for communication between an encryption terminal and an encryption module in a cluster system are provided in the present document. The method includes: when it is required to make an encrypted call, a calling encryption terminal applying to a key management center for a key according to the type of the encrypted call; the calling encryption terminal and a called encryption terminal receiving working keys sent from the key management center, setting respective working states, and synchronizing the working keys and the working states to respective encryption modules; and the encryption module of the calling encryption terminal and the encryption module of the called encryption terminal respectively making an encrypted call by using the working keys. The system includes: a calling encryption terminal, a called encryption terminal and a key management center. The terminal includes: an applying module, a synchronization module and an encryption module.

Abstract: A system and method of verifying the identity of an authorized user in an authorized user group for enabling secure access to one or more services via a device includes receiving first voice information from a speaker through the device, calculating a confidence score based on a comparison of the first voice information with a stored voice model associated with the authorized user and specific to the authorized user, interpreting the first voice information as a specific service request, identifying a minimum confidence score for initiating the specific service request, determining whether or not the confidence score exceeds the minimum confidence score, and initiating the specific service request if the confidence score exceeds the minimum confidence score.

Abstract: A method for filtering a telephone call is provided. The method may comprise receiving from a caller the telephone call directed to a communication device associated with an intended call recipient. The received telephone call may be scored based on predetermined scoring criteria to create a score indicative of a desirability of the telephone call. Furthermore, the method may comprise comparing the score to a predetermined threshold score. Based on the comparison, the method may further comprise selectively classifying the telephone call as an unwanted telephone call. Furthermore, the method may comprise selectively rejecting the unwanted telephone call.

Abstract: A system and method are disclosed herein for providing mitigation of fraud in a hosted messaging service while having minimal impact on authorized messaging users. The method includes a system for detecting potential fraud based on multiple and configurable fraud indicators as well as historical data, which can be customized for individual users or groups. The system can terminate in-process messages that are potentially fraudulent and reset the network access credentials for the affected user accounts or devices that have been potentially compromised. The system uses historical data to block further messages from the compromised user accounts or devices to specific destination addresses where the presumed fraudulent messaging activity was directed. In a further aspect, the system and method can automatically reset the network access credentials for authorized users with minimal downtime.

Abstract: Embodiments of the present invention address deficiencies of the art in respect to applying application security to an extension point oriented application framework, and provide a novel and non-obvious method, system and computer program product for log-in module deployment and configuration in an extension point oriented application. In this regard, a method for log-in module deployment and configuration in an extension point oriented application can include installing a proxy to a login controller plug-in for the extension point oriented application, and proxying login module directives from an external security service to the login controller plug-in for the extension point oriented application.

Abstract: A network node for managing the control plane functions for a plurality of nodes within a software defined networking (SDN) domain, comprising a processor configured to collect a plurality of network information from the nodes, forward the network information based on a plurality of domain-specific policies, receive traffic optimization information based on the network information, and compute forwarding decisions for the nodes based on the traffic optimization information. In another embodiment, an Application Layer Traffic Optimization (ALTO) node, comprising a processor configured to import a first set of network information from one or more SDN nodes, aggregate the network information received from the SDN nodes, calculate a plurality of traffic optimization decisions based on the aggregated network information, and forward the traffic optimization decisions to the SDN nodes.

Abstract: A mobile communications fraud detection system is provided in which one or more probe devices are deployed to intercept predetermined types of data being carried over selected interfaces within the mobile communications network. In particular, the probe devices are arranged to intercept data being carried between equipment responsible for providing the air interface to mobile communications devices using the network and equipment interfacing with the mobile network's core switching equipment. Fraudulent activity relating to gateway fraud, revenue sharing fraud, credit or debit card fraud, spam generation and fraudulent or other activity indicative of the presence of malware executing on a mobile communications device.

Abstract: A system and method for preventing illicit use of a telephony platform that includes enrolling a plurality of accounts on a telecommunications platform, wherein an account includes account configuration; at a fraud detection system of the telecommunications platform, receiving account usage data, wherein the usage data includes at least communication configuration data and billing configuration data of account configuration and further includes communication history of the plurality of accounts; calculating fraud scores of a set of fraud rules from the usage data, wherein at least a sub-set of the fraud rules include conditions of usage data patterns between at least two accounts; detecting when the fraud scores of an account satisfy a fraud threshold; and initiating an action response when a fraud score satisfies the fraud threshold.

Abstract: A system and method of verifying the identity of an authorized user in an authorized user group through a voice user interface for enabling secure access to one or more services via a mobile device includes receiving first voice information from a speaker through the voice user interface of the mobile device, calculating a confidence score based on a comparison of the first voice information with a stored voice model associated with the authorized user and specific to the authorized user, interpreting the first voice information as a specific service request, identifying a minimum confidence score for initiating the specific service request, determining whether or not the confidence score exceeds the minimum confidence score, and initiating the specific service request if the confidence score exceeds the minimum confidence score.

Abstract: A report generation apparatus includes a user information storage unit that stores therein user identification information for identifying a user and regional information on a region where the user is located, so as to associated with each other; a regional information obtaining part that receives user identification information and obtains regional information associated with the received user identification information from the user information storage part; and a generator that obtains device management information relating to usage of a device and generates a report using the obtained device management information and the obtained regional information.

Abstract: Fraudulent VoIP calls are detected and blocked by automated procedures performed at a router server in the VoIP service provider's system which, usually, just analyzes call requests and sets up a route between the calling and called parties. The stringency of automated fraudulent call detection and blocking processes is based on calling customer credit worthiness and the destination of the call.

Abstract: The claimed subject matter provides systems and/or methods that effectuate a simple protocol for tangible security on mobile devices. The system can include devices that generate sets of keys and associated secret identifiers, employs the one or more keys to encrypt a secret and utilizes the identifiers and encryptions of the secret to populate a table associated with a security token device that is used in conjunction with a mobile device to release sensitive information persisted on the mobile device for user selected purposes.

Abstract: A server connectable to a client able to manage successively transitioned-to states. The server has a set storage unit for storing a set including a predetermined state; a server-side communication unit for communicating with the client using a privacy-preserving set-intersection protocol for detecting whether an element in a mutual set is a common element between mutual sets while preserving privacy; and a determining unit for determining whether the state of the client is included in the set stored by the set storage unit on the basis of ciphertext received in accordance with the privacy-preserving set-intersection protocol. Also provided is an information processing method which is able to manage successively transitioned-to-states.

Abstract: A fraud management system is configured to store rules for detecting fraud. The fraud management system is further configured to receive a transaction involving a consumer and a merchant; obtain network security information associated with malicious activity in a voice network or a data network, where the network security information indicates that the consumer has been involved in malicious activity in the voice network or in the data network; select a subset of rules based on the network security information and information associated with the transaction, the merchant, or the consumer; process the transaction using the subset of rules to generate alarms; process the alarms to generate a fraud score for the transaction; and output information regarding the fraud score to the merchant to assist the merchant in determining whether to accept, deny, or fulfill the transaction.

Abstract: Aspects of the disclosure relate to admission control of a communication session in a network. The admission control can be implemented by a network node at the boundary of the network or a subsystem thereof. In one aspect, the admission control can be implemented during a predetermined period and can be based at least on an admission criterion, which can be specific to an end-point device, e.g., a target device or an origination device. The admission criterion can be configurable and, in certain implementations, it can be obtained from historical performance associated with establishment of communication session. Such historical performance can be assessed within a period of a configurable span.

Abstract: Embodiments of the present invention are directed generally to use of biometric identification during a call for detecting an anomaly occurring in the call, such as a change in the parties participating on the call. Communication between parties of a call is monitored and biometric identification is performed using the communication. According to one exemplary embodiment, biometric prints, such as voice prints, face prints, etc., are obtained for parties that are authorized to participate on a call. The call is then monitored and biometric data (e.g., audio, video, etc.) captured from communication during the call is compared with the biometric prints of the authorized parties to detect changes in the parties participating on the call, such as a new, unauthorized party joining the call. Thus, a call processing system can detect anomalies occurring during monitored calls, such as three-way calling, a handoff of a call, etc.

Abstract: Devices and methods are provided for the controlling access to access point (AP) base stations. In particular, described herein are techniques for the automated configuration of AP base stations for restricted access. For example, the technique may involve receiving a contact list from an access terminal (AT) associated with the AP base station and a network operator. From the received contact list, saved contacts associated with the operator may be identified. The technique may further involve retrieving identifiers for the identified contacts, and generating an allowed user list from the identifiers, which may be used to configure the AP base station for restricted access.

Abstract: Provided are methods and systems for detecting and preventing bypass fraud in telecommunication networks, primarily for detecting and preventing SIM box fraud in telecommunication networks. The methods include generating one or more test calls from a remote agent to a local agent where the remote agent can be a roaming agent or a remote dialer. The local agent is a subscriber number. The methods further include facilitating call forwarding of the test calls from the local agent to a local number. The methods include identifying the presence of bypass fraud by analyzing caller identification information of the test call received on the local number. Finally, the methods include preventing future use of a detected SIM box.

Abstract: A system and method for preventing or facilitating communications between individuals who reside in detention environments (such as e.g., prisons or correctional facilities) and individuals who are not in such detention environments using an automated authentication or verification.

Abstract: Online fraud prevention including receiving a rules set to detect fraud, mapping the rules set to a data set, mapping success data to members of the rules set, filtering the members of the rules set, and ordering members of the data set by giving priority to those members of the data set with a greater probability for being fraudulent based upon the success data of each member of the rule set in detecting fraud. Further, a receiver coupled to an application server to receive a rules set to detect fraud, and a server coupled to the application server, to map the rules set to a data set, and to map the success data to each members of the rules set. The server is used to order the various members of the data set by giving priority to those members of the data set with a greatest probability for being fraudulent.

Abstract: Aspects of the disclosure relate to admission control of a communication session in a network. The admission control can be implemented by a network node at the boundary of the network or a subsystem thereof. In one aspect, the admission control can be implemented during a predetermined period and can be based at least on an admission criterion, which can be specific to an end-point device, e.g., a target device or an origination device. The admission criterion can be configurable and, in certain implementations, it can be obtained from historical performance associated with establishment of communication session. Such historical performance can be assessed within a period of a configurable span.

Abstract: A system capable of automated mapping between a connectivity request and an ordered security rule-set and a method of operating thereof. The system includes an interface operable to obtain data characterizing at least one connectivity request; a module for automated recognizing at least one rule within the rule-set, the rule controlling traffic requested in the at least one connectivity request, wherein the recognizing is provided by comparing a set of combinations specified in the connectivity request with a set of combinations specified in the rule and matching connectivity-related actions specified in the connectivity request; a module for automated evaluating relationship between traffic controlled by the recognized at least one rule and traffic requested in the at least one connectivity request; and a module for automated classifying, in accordance with evaluation results, the at least one connectivity request with respect to the at least one rules and/or vice versa.

Abstract: Improved methods of presenting speech prompts to a user as part of an automated system that employs speech recognition or other voice input are described. The invention improves the user interface by providing in combination with at least one user prompt seeking a voice response, an enhanced user keyword prompt intended to facilitate the user selecting a keyword to speak in response to the user prompt. The enhanced keyword prompts may be the same words as those a user can speak as a reply to the user prompt but presented using a different audio presentation method, e.g., speech rate, audio level, or speaker voice, than used for the user prompt. In some cases, the user keyword prompts are different words from the expected user response keywords, or portions of words, e.g., truncated versions of keywords.

Abstract: One exemplary embodiment provides a device comprising: a connection panel configured to accept a removable connection to a telephone of a controlled access residential institution; a network router connected to the connection panel and configured to connect to a remote network; and an access and security module connected to the network router and configured to control access by the telephone to telephone services provided by accessing a remote call processing center via the remote network. The connection panel, the network router, and access and security module can be at least partially enclosed within a portable enclosure. The device may further comprise a power distribution unit within the enclosure and connected to provide power to the network router and to the access and security module.

Abstract: A device for recording the content of live communications sessions allocates each session with a unique identifier which is also communicated to a server, exchange, switch or endpoint having control of that session. A log of events occurring in the session is updated with the unique identifier of the recorded content, and following the session, the log of events is communicated to the recording device, indexed under the unique identifier, and stored with the recorded content of the session itself.

Abstract: Aspects of the disclosure relate to admission control of a communication session in a network. The admission control can be implemented by a network node at the boundary of the network or a subsystem thereof. In one aspect, the admission control can be implemented during a predetermined period and can be based at least on an admission criterion, which can be specific to an end-point device, e.g., a target device or an origination device. The admission criterion can be configurable and, in certain implementations, it can be obtained from historical performance associated with establishment of communication session. Such historical performance can be assessed within a period of a configurable span.

Abstract: A method for controlling a call in a first controlled facility includes connecting an inmate in the first controlled facility to the call when each party of the call is verified, testing incoming audio on the call to detect a controlled facility tone from a second controlled facility, and transmitting a notification of a violation by the inmate when the controlled facility tone is detected in the incoming audio.

Abstract: Disclosed are systems, methods, and computer readable media for comparing customer voice prints comprising of uncommonly spoken words with a database of known fraudulent voice signatures and continually updating the database to decrease the risk of identity theft. The method embodiment comprises comparing a received voice signal against a database of known fraudulent voice signatures, denying the caller's transaction if the voice signal substantially matches the database of known fraudulent voice signatures, adding the caller's voice signal to the database of known fraudulent voice signatures if the voice signal does not substantially match a separate speaker verification database and received additional information is not verified.