Abstract: The present invention provides a system and method of modifying policy settings in a network having a plurality of subscriber devices. An embodiment includes a plurality of base stations, each capable of wirelessly transmitting across a geographic region and a server. A cell-phone, capable of roaming between regions, is operable to establish a wireless link with the base stations and through the base stations, with the server. The network contains a communication policy determining from which other communication devices a subscriber device can receive voice calls. The communication policy is updated, by the server, based on requests from the subscriber devices. Once a request is received from a subscriber device, the determination whether to update the communication policy can be based on a record of rejections respective to the caller requested to be blocked.

Abstract: Disclosed are systems and methods which utilize information communication systems for transaction and information management. According to embodiments, an automated information management engine is provided enabling and facilitating the purchase of goods and services through various payment options resulting in increased profitability and visibility safely, securely and conveniently. Embodiments utilize a telephony system, and/or other information communication system, having access terminals disposed within a controlled environment facility for use by residents thereof to conduct transactions or other desirable exchanges of information, goods, services, etcetera. Embodiments provide integration across various aspects of transaction and information management, such as prepaid account management, collect calling services, and commissary services, to thereby facilitate seamless user interaction for account deposit, account status inquiry, commissary ordering, and collect calling.

Abstract: Methods and systems for detecting fraud based on velocity counts are disclosed.

Abstract: A method and a system for person/speaker verification via different communications systems. The system may include a control logic (SL) having access to a voice-controlled dialog system (DS) having verification dialogs stored for querying, a biometrics customer profile (BK), in which the personal biometric data of customers are stored and a provider database (PD), which contains information regarding protected database areas and services in conjunction with the biometric methods authorized for verification. The method for person/speaker verification is designed to ascertain, transmit, analyze and evaluate via telecommunications systems the different personal biometric data that are suitable to establish unequivocally the access authorization of a customer.

Abstract: Systems and methods for evaluating transactions to determine if suspicious activities are possibly present. Various methods include providing a reference designator list with information associated with one or more suspicious activities. Using the reference designator list, a first and a second transaction systems are evaluated. Various systems include two or more transaction systems utilizing information from a fraud detection system.

Abstract: Method for detecting possible frauds in payment transactions between at least two partners (1, 2), the payment transaction data and/or payment authorization data being transmitted over at least one mobile radio network, at least one multivalued parameter used for detecting a possible fraud attempt being determined in said mobile radio network, said payment transactions being performed over at least one payment service provider (4), at least a second multivalued parameter used for detecting a possible fraud attempt being determined by said payment service provider (4), and certain combinations of said first and second parameters are sought in said fraud detection module in order to detect fraud attempts.

Abstract: A system of operating a wireless handset capable of making clear and secure calls is claimed. A secure call may be made by pressing a key for a predetermined amount of time. The handset enters a secure mode if the key is held for a time period greater than the predetermined amount of time. The handset enters a clear mode if the key is held for a time period less than the predetermined amount of time.

Abstract: Security vulnerability assessment for wireless networks is provided. Systems and methods for security vulnerability assessment simulate an attack upon the wireless network, capture the response from the wireless network, and identify a vulnerability associated with the wireless network after analyzing the response from the wireless network.

Abstract: Real time detection of the fraudulent use of a telecommunications network is accomplished by analyzing data for each call that is occurring within the network. A signal protocol receiver is used to collect signaling protocol for each call that is occurring within the network. The signaling protocol data is collected, decoded and formatted into call information records (CIRs). The CIRs contain various operator specified parameters for each call that is occurring within the network. The CIRs are compared to operator defined thresholds. If any of the CIRs exceeds the thresholds, an alert is generated. The alerts are stored in a database where the operator can analyze them and take the appropriate corresponding action to resolve the alert. The alerts and the CIRs are archived in a database so that trends of fraudulent use can be detected and prevented. This method of fraud detection provides for the effective analysis of every call that is occurring within the network.

Abstract: A system, method and computer program product for processing event records. The present invention includes a detection layer, an analysis layer, an expert systems layer and a presentation layer. The layered system includes a core infrastructure and a configurable, domain-specific implementation. The detection layer employs one or more detection engines, such as, for example, a rules-based thresholding engine and a profiling engine. The detection layer can include an AI-based pattern recognition engine for analyzing data records, for detecting new and interesting patterns and for updating the detection engines to insure that the detection engines can detect the new patterns. In one embodiment, the present invention is implemented as a telecommunications fraud detection system. When fraud is detected, the detection layer generates alarms which are sent to the analysis layer. The analysis layer filters and consolidates the alarms to generate fraud cases.

Abstract: Disclosed are systems and methods that provide centralized or nodal inmate management and telephone call processing capabilities to controlled environment facilities. An inmate management and call processing system serves a plurality of facilities and includes an inmate information database. The database is shared across the facilities and contains inmate records that may be accessed and modified by each facility as the inmate is transferred among those facilities. Each inmate record may include, among other information, contact information of third parties whom may be notified of the inmate's arrest and/or subsequent transfers of the inmate to different facilities. The inmate management and telephone call processing system may use third party contact information to establish accounts used to charge calls or transactions made by an inmate while residing at the facility.

Abstract: A system is disclosed for the automatic detection of fraudulent activity on a transaction network, for which each transaction over the network has an associated identifier. In one embodiment, the system includes voice comparison means for comparing a first sampled voice of a user of a first transaction with a subsequently sampled voice of a user of a subsequent transaction having an identical identifier to that of the first transaction. Control means in the form of a voice-based fraud detection engine is provided for determining, from said comparison, a profile of user usage that is representative of a total number of different users of the associated identifier. In a preferred embodiment, the system also includes voice sampling means for sampling a voice of the user of the first transaction to generate a first voice sample.

Abstract: Disclosed is a secure telephone call management system for authenticating users of a telephone system in an institutional facility. Authentication of the users is accomplished by using a personal identification number, preferably in conjunction with speaker independent voice recognition and speaker dependent voice identification. When a user first enters the system, the user speaks his or her name which is used as a sample voice print. During each subsequent use of the system, the user is required to speak his or her name. Voice identification software is used to verify that the provided speech matches the sample voice print. The secure system includes accounting software to limit access based on funds in a user's account or other related limitations. Management software implements widespread or local changes to the system and can modify or set any number of user account parameters.

Abstract: A device acquires information relating to payment particulars and for transfer of this information to a server center of a banking organization. The device includes an apparatus for reading the payment particulars, a central processing unit to which the reading apparatus is connected, a modem for establishing a telephone link with the server center, and an apparatus for dialing telephone numbers such that the dialing apparatus is associated with the modem.

Abstract: In one embodiment, a method of configurably profiling data uses system comprising a pre-processor, a profiler, a post-processor and database. The pre-processor receives data and feedback data and performs configurable first calculations thereon to create data relating to profiling features. The profiler summarizes the profiling features data over a length of time by performing configurable second calculations thereon to create summarized data relating to profiled features. The post-processor performs configurable third calculations the profiled features data to create the feedback data and a profiled output data stream for further processing.

Abstract: An apparatus is disclosed. The apparatus is for comparing a set of production fraud parameters with one or more sets of test or proposed fraud parameters run against prepaid card production data in a prepaid card analysis.

Abstract: A predictive model system is used to detect telecommunications fraud. Call records (CDRs) provided by telephone companies are evaluated against specified rules. If one or more rules are matched, the system generates an alert. Pending alerts for a customer form a case, describing the caller's calling patterns. A predictive model determines a score that is predictive of the likelihood that the call involved fraud. Cases are queued for examination by analysts.

Abstract: Real time detection of the fraudulent use of a telecommunications network is accomplished by analyzing data for each call that is occurring within the network. A signal protocol receiver is used to collect signaling protocol for each call that is occurring within the network. The signaling protocol data is collected, decoded and formatted into call information records (CIRs). The CIRs contain various operator specified parameters for each call that is occurring within the network. The CIRs are compared to operator defined thresholds. If any of the CIRs exceeds the thresholds, an alert is generated. The alerts are stored in a database where the operator can analyze them and take the appropriate corresponding action to resolve the alert. The alerts and the CIRs are archived in a database so that trends of fraudulent use can be detected and prevented. This method of fraud detection provides for the effective analysis of every call that is occurring within the network.

Abstract: A system and method of telephony resource management and security for monitoring and/or controlling and logging access between an enterprise's end-user stations and their respective circuits into the public switched telephone network (PSTN). One or more rules are defined which specify actions to be taken based upon at least one attribute of a call. Calls are detected and sensed to determine attributes associated with each call. Actions are then performed on selected calls based upon their attributes in accordance with the defined rules.

Abstract: An access point to be installed in a wireless network is automatically discovered and associated with an authentication center adapted to provide remote authentication services for the wireless network. This may be accomplished by executing an address resolution protocol scan of nodes on the wireless network and identifying from the scan results the access point to be installed. Configuration information regarding the access point is then transmitted to the authentication center and the access point is configured to use the authentication center for 802.1x authentication services for the wireless network.

Abstract: A system for detecting three-way calls in a monitored telephone conversation includes a speech recognition processor that transcribes the monitored telephone conversation and associates characteristics of the monitored telephone conversation with a transcript thereof, a database to store the transcript and the characteristics associated therewith, and a three-way call detection processor to analyze the characteristics of the conversation and to detect therefrom the addition of one or more parties to the conversation. The system preferably includes at least one domain-specific language model that the speech recognition processor utilizes to transcribe the conversation. The system may operate in real-time or on previously recorded conversations. A query and retrieval system may be used to retrieve and review call records from the database.

Abstract: Real time detection of the fraudulent use of a telecommunications network is accomplished by analyzing data for each call that is occurring within the network. A signal protocol receiver is used to collect signaling protocol for each call that is occurring within the network. The Signaling protocol data is collected, decoded and formatted into call information records (CIRs). The CIRs contain various operator specified parameters for each call that is occurring within the network. The CIRs are compared to operator defined thresholds. If any of the CIRs exceeds the thresholds, an alert is generated. The alerts are stored in a database where the operator can analyze them and take the appropriate corresponding action to resolve the alert. The alerts and the CIRs are archived in a database so that trends of fraudulent use can be detected and prevented. This method of fraud detection provides for the effective analyzation of every call that is occurring within the network.

Abstract: Likelihood of fraud is reduced by having at least one of an identifier of a location from where a request is submitted or information that can lead to identification of the location, submitted with or in addition to a request. Then, determination is made to whether to service the request, based at least in part on the location from where the request is submitted. In various embodiments, the location may be compared against predetermined permissible location(s) or a current user location. The request may be a request to charge an amount against an account, such as a credit card account, a request to access a physical resource, such as a VPN, or an informational resource, such as account information, or a request to access a secured area.

Abstract: A system and related methods for configuring and monitoring a spraying application system for installation and use at a site that is remotely located from the spraying system manufacturing site. The system provides a remote access module that provides spraying system operation and parametric information to be monitored at the manufacturing site to determine how the spraying system is operating and whether repair or maintenance should be initiated. Timer circuits are provided for determining time of usage so that repair/replacement alerts can be issued. Safety related parameters may also be monitored as a backup to the primary monitoring performed at the customer's site. The system also provides an extranet or other suitable site available, for example, via the Internet or other communication link, is used to provide an accessible database for historical data and configuration/installation information. A call-in feature is also provided as well as a system query log.

Abstract: Systems and methods for evaluating transactions to determine if suspicious activities are possibly present. Various methods include providing a reference designator list with information associated with one or more suspicious activities. Using the reference designator list, a first and a second transaction systems are evaluated. Various systems include two or more transaction systems utilizing information from a fraud detection system.

Abstract: A printer has voice recognition capabilities to transcribe a recorded voice message into printed text. The printer has a communication interface that is connected to a communication line for receiving a voice message. The printer also has an extended memory that stores the voice message, and a speech bank that stores speech patterns and vocabulary words. After the voice message is stored in the extended memory, a speech recognizer compares the voice message to the speech patterns and vocabulary words in the speech bank and translates the voice message into text data. The text data is stored into a print buffer, where the text data may be accessed by a central processing unit (CPU). The CPU controls a print mechanism that actually prints the text data.

Abstract: In an information processing system, a mobile phone obtains a setting program which makes security settings for ensuring security of communication by performing authentication with a communication destination on an unsecured communication link, from a registration server through a secure, first communication link; an information processing device executes the setting program obtained from the mobile phone to make security settings, communicates with a relay server through an unsecured, second communication link; the registration server receives access from the mobile phone through the first communication link, authenticates a user, and sends the setting program to the mobile phone; the relay server authenticates an information processing device in response to a connection request from the information processing device, makes security settings, and relays access from the information processing device to a communication network through the second communication link.

Abstract: A subscriber determines and verifies using a simple and reliable unit whether or not unauthorized use such as cloning, etc. A fraud audit mode (fraud detection mode, fraud verification mode, and fraud stop mode) is provided on the subscriber data of the HLR in the UE and the core network, and detect, verifies, and stops illegal use in the wireless communications depending on the mode.

Abstract: A telephone station interface is provided with apparatus for detecting when a called party has or is attempting to patch or bridge one telephone call with another telephone call. The detecting of such bridging or conferencing is accomplished through the detection of tones which are commonly associated with such activities, such as a ring signal, a busy signal, special information tones (SIT tones), dual tone multi-frequency (DTMF) tones or so-called Touch Tones, call progress tones, or other tones that occur when calls are placed. The present invention does not have the capability of sensing clicks, pops, or other audio signals associated with the conferencing of multiple communications circuits. The method and apparatus herein are for managing institutional telephone activity, and utilize a computer control unit to control a trunk management unit, which connects institutional telephones to outside telephone lines.

Abstract: A system and method to provide secure access across the untrusted public switched telephone network is described. The system and method can be initiated by a security policy defining actions to be taken based upon at least one attribute of the call.

Abstract: Methods to identify inter-carrier telephone calls in a telephone system that are being mis-routed in such a way as to violate existing regulatory tariffs and/or established inter-carrier contracts. The common name for this manipulation is “arbitrage”, and the intent of the perpetrators is to take advantage of lower rates associated with the delivery of telephone traffic via other routes. Through the processes of collecting call detail records and their correlation in representative embodiments, various call “legs” associated with the same call can be identified, and a more accurate “compound” call record can be made that incorporates call routing information obtained from the individual call legs. A statistical analysis can then be performed to more clearly illuminate any arbitrage.

Abstract: A fraud monitoring system is disclosed for a communications system. The fraud monitoring system analyzes records of usage activity in the system and applies fraud pattern detection algorithms to detect patterns indicative of fraud. The fraud monitoring system advantageously accommodates transaction both records resulting from control of a packet-switched network and those from a circuit-switched network gateway.

Abstract: A predictive model system is used to detect telecommunications fraud. Call records (CDRs) provided by telephone companies are evaluated against specified rules. If one or more rules are matched, the system generates an alert. Pending alerts for a customer form a case, describing the caller's calling patterns. A predictive model determines a score that is predictive of the likelihood that the call involved fraud. Cases are queued for examination by analysts.

Abstract: A method, system, and program providing identification usage fraud protection are provided. A context for a use of an identification via a communication line is detected at a fraud protection service. The context for use of the identification is analyzed in view of multiple previous uses of the identification. A level of suspicion of fraudulent use of the identification is specified according to the analysis of the context. Depending on the level of suspicion, further use of the identification may require additional authentication or may be barred. The identification may include a user name, an account number, a password, or other identifier that may be utilized to represent an individual in accessing products and services.

Abstract: A method and apparatus for detecting whether a remote party has added a secondary telephone destination to a telephone call, for example through the activation of three-way calling service, conference calling or two lining bridging, by identifying an echo characteristic to the telephone connection between the local and the remote telephone and monitoring the echo characteristic to determine whether there is a significant change. The addition of a secondary telephone destination can be verified by continuing to monitor the echo characteristic to determine whether it has returned to its original value.

Abstract: A system and method of telephony resource management and security for monitoring and/or controlling incoming and outgoing calls between an enterprise's end-user stations and a public circuit-switched network and/or a public packet-switched network. A security policy is made up of one or more rules designating at least one action to be performed based on at least one attribute of the incoming or outgoing call. Calls are detected and sensed on the line, trunk and/or cabling, and analyzed to determine attributes associated with each call. Actions are performed based upon the determined attributes, in accordance with the security policy rules.

Abstract: The phone number used by a caller accessing a telecommunication service is derived. For example, this phone number may be used to look up in a first database the name of the user registered with the service, and in a second database the name of the subscriber assigned the phone number. If the two names correspond, the caller is provided with the telecommunication service. Otherwise, a fraud has been detected and various consequences may be visited upon the caller or the user. Some of these consequences include denying use of the service, charging the caller extra for use of the service, etc.

Abstract: Disclosed herein is a three-way call detection system and method for detecting the addition of a third party to a pre-existing telephonic connection between a first party and a second party.

Abstract: Rather than employing simple static personal identification numbers (PINs) that are susceptible to hacking, the disclosed security system provides multiple levels of security that may be selected by a user, based on his or her particular level of sensitivity at any given time or with respect to any given data. One level employs an algorithm that changes values, where the algorithm is known by the user. For example, the algorithm may be a series of digits based on the following: hour of day, day of week, quarter of the year, a.m. or p.m., day of the month, and month of the year. If the user knows the order of such, the user can readily generate the appropriate numeric code corresponding to the current time, and since the time continually changes, the code necessarily changes likewise. Another level sends a random part to a user, such as over their pager or phone, which they append to some user-defined, fixed portion of their PIN, or used in addition to their PIN.

Abstract: Disclosed are systems and methods which detect unauthorized, impermissible, or otherwise undesired call activity through a silence detection technique employing multiple samples. One embodiment monitors a call in progress to detect an event such as might be indicative of unauthorized call activity. Thereafter, a sampling process may be invoked which analyzes multiple samples of the call to make a determination as to whether or not a particular unauthorized call activity is being attempted. A party to the call may be muted to thereby prevent that party from thwarting the unauthorized call activity determination. Embodiments implement techniques for defeating parties to calls learning the unauthorized call activity detection system in order to avoid detection, such as by implementing a plurality of detection techniques.

Abstract: Discloses are systems and methods for detecting undesired call activity. Preferred embodiment systems and methods comprise detecting a call signal level, determining if the call signal level is below a predetermined silence level threshold, and measuring a duration the call signal level remains below the predetermined silence level threshold.

Abstract: Methods and systems for detecting and mitigating call routing arbitrage in a telecommunications network are disclosed. A network routing node, such as a signaling gateway (SG), intercepts call setup signaling messages. An arbitrage detector/processor examines parameters contained in an intercepted message to identify the presence of call routing arbitrage. For messages that indicate the presence of call routing arbitrage, the arbitrage detector/processor may perform a mitigating action, including redirecting the call to an interactive voice response (IVR) node, blocking the call, and/or inserting missing information in the call setup message and completing the call.

Abstract: Methods and systems for detecting intrusion events, such as war dialing events are disclosed. According to one method, signaling messages associated with calls being made or attempted in a telecommunications network are analyzed. Based on the signaling messages, it is determined whether a war dialing event has occurred or is in progress. In response to determining that a war dialing event has occurred or is in progress, a war dialing event mitigating action is performed.

Abstract: The invention protects the security of a communication between a mobile radio and a radio access network (RAN). A connection is established through the RAN to support a communication with the mobile radio. The connection is configured with a first security configuration. One or more messages are sent over the connection using the first security configuration, each message having a message sequence number. When the connection needs to be configured to a second security configuration, an activation message sequence number associated with the reconfiguration is set. When the reconfiguration process is complete and the second security configuration is to be activated, the next message is sent over the connection with the activation message sequence number. Until that time and during the reconfiguration, when the mobile radio transmits a message with a message sequence number lower than the activation message sequence number to the RAN, it uses the first security configuration.

Abstract: An enterprise communications system for implementing, accessing, using, and managing enterprise-specific resources includes one or more Mandate clients, each Mandate client including a wireless communication device and an enterprise-specific identity module installed in such wireless communication device, a digital mobile communications network operative to provide a wireless communications link to each Mandate client, a Mandate server interfaced with the digital mobile communications network and interconnected to the enterprise-specific resources, each enterprise-specific identity module having stored therein a unique authentication key and cryptographic algorithms, the unique authentication key and the cryptographic algorithms of each enterprise-specific identity module being available to the digital mobile communications network and the Mandate server, wherein each Mandate client, the digital mobile communications network and the Mandate server utilize the unique authentication key and the cryptographic al

Abstract: A home network system that makes it possible to build a network with assured security, wherein network users need not have security expertise. For access attempts offered from a home node 21-1 in a community area network 5-1 toward an outside public network 1 through a path N2, a security server 11-1 need not execute an authentication process. The home node 21-1 rejects access attempts directly transferred from the public network 1. The security server 11-1 executes the authentication process for an access attempt transferred from the public network 1 through a path N42. When the authentication is successful, connection of the access attempt to the home node 21-1 through a path N9 is permitted.

Abstract: A method of identifying fraud in a telecommunications system. The method includes receiving data related to a current call placed from an originating automatic number indicator (ANI), where the received data includes at least the originating ANI, a billing number and an identification code. A threshold number and a time interval corresponding to the identification code for the originating ANI are retrieved, for example, from a memory. In addition, billing numbers for prior calls from the originating ANI, if any, and corresponding indicia of the times of the calls are retrieved. A determination is made of whether the number of billing numbers used for the current and prior calls from the originating ANI over a prior period of time equal to or less than the time interval exceeds the threshold number. If the threshold number is exceeded, a fraud alert is generated.

Abstract: Disclosed herein is a three-way call detection system and method for detecting the addition of a third party to a pre-existing telephonic connection between a first party and a second party. The system comprises a meter for measuring the amplitude of a line voltage of a telephonic connection between a first party and a second party.

Abstract: A system and method to provide secure communication across the untrusted public switched telephone network includes a set of rules in a security policy which are implemented by a virtual private switched telecommunications network (VPSTN). The VPSTN provides for intercepting voice calls and modifying their set-up to include a request for bearer capability to support a data call.

Abstract: A predictive model system is used to detect telecommunications fraud. Call records (CDRs) provided by telephone companies are evaluated against specified rules. If one or more rules are matched, the system generates an alert. Pending alerts for a customer form a case, describing the caller's calling patterns. A predictive model determines a score that is predictive of the likelihood that the call involved fraud. Cases are queued for examination by analysts.