Telecommunications – Radiotelephone system – Security or fraud prevention
Reexamination Certificate
2000-11-13
2003-01-07
Kincaid, Lester G. (Department: 2685)
Telecommunications
Radiotelephone system
Security or fraud prevention
C455S405000, C455S411000, C455S067700
Reexamination Certificate
active
06505039
ABSTRACT:
BACKGROUND OF THE INVENTION
The present invention is directed to call-switching equipment for telephone networks and in particular to devices for curbing abuse of direct-inward-access systems.
The combination of electronic, stored-program telephone switching systems with discounted bulk toll offerings gives rise to a feature that provides a convenient way to reduce telecommunications costs. In accordance with this feature, an authorized person at remote location can place a call to a “home office” private branch exchange (PBX), receive dial tone from the PBX, and place an outgoing call just as if he were calling from his office.
The industry uses the acronyms RSA (Remote Service Access) and DISA (Direct Inward Service Access) interchangeably to refer to this feature, to which we refer herein as DISA. DISA features are currently available primarily in conjunction with PBX systems, and we will accordingly refer to PBX systems for the purpose of concreteness. However, DISA-like features are also available to users of certain central-office-based services, and it will become apparent that the invention to be described below is applicable to these types of arrangements, too, as well as to a host of non-voice-based services, including but not limited to data networks and modem pools. The invention is equally powerful in providing protection of sensitive internal destinations, such as the maintenance ports of communications and computer systems.
DISA offers both cost and administrative advantages. If the firm that owns the PBX subscribes to bulk-rate toll services, such as WATS, placing a call through remote service access can reduce the cost of the call. For example, an employee whose home office is in Seattle but who has traveled to San Diego may want to call a customer in Fort Lauderdale. If he uses his telephone-company calling card, a ten-minute call at AT&T daytime rates may cost around $3.00. In contrast, his company may pay around $0.09 a minute on the average for both incoming and outgoing bulk services, so if the employee places the call instead to his Seattle office, which then switches it to the customer in Fort Lauderdale, the cost may be only about $1.80.
Moreover, the company's call-accounting system can thereby keep track of such calls automatically, relieving the company's accounting department of the need to allocate telephone costs manually among its various departments. In certain circumstances, it also provides a tool for measuring the performance of personnel whose jobs involve high levels of telephone activity.
Unfortunately, unscrupulous people can sometimes discover the passwords by which the DISA systems' owners attempt to restrict access to their facilities. Indeed, such occurrences have happened frequently, some of them resulting in large losses to the company that has availed itself of the DISA feature. In like manner, loss and system damage have resulted from fraudulent abuse of voice mail and massaging systems, to which the application of the invention is equally applicable.
Responses to this problem have been various. Some users have simply discontinued the DISA feature because of the risk of significant loss. Others have reconfigured to disable its use for calls to destination area codes known to be favorites of “hackers,” and they may also monitor telephone traffic so as to identify unusual activity.
Of course, discontinuing the DISA service does eliminate the problem, but it also eliminates the savings that ordinarily result from DISA-service use. The other approaches can be fairly effective in general, but they lack flexibility, require excessive attention from the telecommunications manager or both
SUMMARY OF THE INVENTION
The present invention is a method and apparatus for reducing the vulnerability of the telecommunications system to unauthorized use that is easy to implement and that can reduce the instances of unauthorized access even during periods when telecommunications personnel are not able to give attention to the traffic on the system.
In accordance with the invention, the telecommunications system collects statistics of each user's pattern of telecommunications usage. Typically, these statistics will be in the form of, say, the average number of calls per day or the average number of calls per day on given days of the week. It may also include the mean busy hour for the given days of the week. Moreover, daily averages may be taken not only for all calls but also for all calls of a particular type, e.g., of all international calls.
These statistics are taken for a reference period, such as the preceding thirty days, and the corresponding quantity for the current day is also computed. If the current statistics are not excessive as compared with the reference statistics, then access to a communications resource—e.g., an outgoing trunk line—is granted to the call without any supplemental access restrictions. But if a predetermined deviation is detected between the current statistics and the reference statistics, then a supplemental restriction is placed upon the call.
For instance, the caller might be required to say his name before the connection is made, he might be transferred to a human operator for verification of access, or the requested connection may simply be denied. Additionally, the system would typically give the system administrator some kind of an alerting message to indicate that abnormal usage is occurring.
With this type of system, the restrictions are imposed, in some sense, in “real time”; there is ordinarily no need for a human administrator to take initiative to impose the restrictions or, even to analyze records for unusual activity.
In accordance with one aspect of the invention, moreover, the invention can be practiced in a way that makes it very easy for the administrator to implement. Specifically, apparatus for practicing the invention can be provided in the form of circuitry that is simply connected to one of the communications system's ordinary lines. In the case of a PBX, that line would be one of the PBX's internal extensions. The PBX is then simply configured so that it connects the DISA trunk line or lines to that extension whenever an incoming call comes over that DISA line. The access-control circuit at that extension takes the call, checks for the user's identifier and password, requests the number of the called party, and, if the above-mentioned statistical requirements are met, simply sends the conventional transfer signal, e.g., a hook flash, to the PBX to obtain (typically) an outgoing trunk and delivers to the PBX the destination indicated by the incoming call. The PBX then makes the necessary connections in the conventional manner, and the access-control circuit is free to handle the next DISA call.
Clearly, such an arrangement is simple to implement, since it requires only that the access-control circuit be connected to an extension and that the PBX undergo the minor reconfiguration required to direct DISA calls to that extension.
REFERENCES:
patent: 4182934 (1980-01-01), Keys et al.
patent: 4463348 (1984-07-01), Sidebottom
patent: 4481384 (1984-11-01), Matthews
patent: 4829554 (1989-05-01), Barnes
patent: 4876717 (1989-10-01), Barron et al.
patent: 4893330 (1990-01-01), Franco
patent: 4893335 (1990-01-01), Fuller et al.
patent: 4896346 (1990-01-01), Belfield et al.
patent: 4908850 (1990-03-01), Masson et al.
patent: 4953198 (1990-08-01), Daly et al.
patent: 4955049 (1990-09-01), Ghisler
patent: 4958368 (1990-09-01), Parker
patent: 5091942 (1992-02-01), Dent
patent: 5109408 (1992-04-01), Greenspan et al.
patent: 5144649 (1992-09-01), Zicker et al.
patent: 5163086 (1992-11-01), Ahearn et al.
patent: 5168517 (1992-12-01), Waldman
patent: 5220593 (1993-06-01), Zicker
patent: 5237612 (1993-08-01), Raith
patent: 5309501 (1994-05-01), Kozik
patent: 5335265 (1994-08-01), Cooper
patent: 5335278 (1994-08-01), Matchett
patent: 5345595 (1994-09-01), Johnson
patent: 5392357 (1995-02-01), Bulfer et al.
patent: 5615408 (1997-03-01), Johnson
patent: 5852811 (1998-12-01), Atk
AtComm Corporation
Galbi Elmer
Kincaid Lester G.
LandOfFree
Call security system which detects fraud by examination of... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Call security system which detects fraud by examination of..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Call security system which detects fraud by examination of... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3037437