Telephonic communications – Call or terminal access alarm or control – Fraud or improper use mitigating or indication
Reexamination Certificate
1998-02-25
2001-04-03
Smith, Creighton (Department: 2742)
Telephonic communications
Call or terminal access alarm or control
Fraud or improper use mitigating or indication
C379S114030, C379S134000, C379S145000
Reexamination Certificate
active
06212266
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to a telecommunications network and more particularly to a method of, and a system for, improving fraud detection within a telecommunications network.
2. Description of Related Art
Rule-based fraud detection systems attempt to detect fraudulent usage by comparing details of individual calls over the telecommunications network with a series of one or more predefined rules. If a particular usage of the network to be referred to throughout this specification as a “call record”) triggers one or more of the predefined rules, an alarm is generated, enabling a human operator to take the necessary action. While such systems have had some success in combating fraud, they tend to be labor intensive since the rules tend to be specific to one particular area, and need to be set up and continually maintained by skilled personnel. One set of rules, for example, needs to be set up and maintained to deal with potential mobile telephone fraud, another set for calling card and credit card fraud, another set for PSTN fraud, and so on. A further serious drawback is that in time fraudsters get to know (deduce) the rules and/or thresholds that are being applied, and can modify their behavior accordingly (e.g., “surfing under the thresholds”). For example, if a fraudster knows that he will be detected if he makes a fraudulent international telephone call to a particular number lasting more than thirty minutes, he is likely to start ensuring that all of his calls last for less than that. Conventional systems have difficulty in coping with this, since the rules need to be changed by experienced personnel who are frequently in possession of insufficient information to determine what the effect on the system would be if they were for example to set a reduced time limit of say twenty minutes.
SUMMARY OF THE INVENTION
It is an object of the present invention at least to alleviate these problems of the prior art.
It is a further object to provide a method and system for improving fraud detection within a telecommunications network which can be applied to a variety of specific areas, and which requires less use of skilled personnel to keep the rules up to date.
According to a first aspect of the invention there is provided a system for improving fraud detection within a telecommunications network, the system comprising:
(a) means for receiving call records representative of calls on the network;
(b) rule-matching means arranged to compare each call record against an alarm-rule and
(i) to determine a match if the alarm-rule matches the call record;
(ii) to determine a near-match if the alarm-rule just fails to match the call record;
(c) validation means for validating the individual matched records and the near-matched records with an indication of expected fraud; and
(d) rule-update means arranged to alter the said alarm rule in dependence upon the validated matched and validated near-matched records.
The system preferably attempts to detect fraudulent usage by measuring and comparing the parameters values of individual calls, over the telecommunications network, against pre-set thresholds within defined detection rules. Preferably, the rule matching means is arranged to calculate a rule-matching value dependent upon the closeness of match of the call record parameters to the alarm rule, the rule matching means determining a match if the rule matching value exceeds a first threshold parameter of the alarm rule. It will be understood of course that the first threshold parameter merely acts as a limit value, which will be exceeded in the upward-going direction if the rule-matching value increases with the accuracy of the match, and will be exceeded in the downwardly-going direction in the opposite but mathematically equivalent alternative in which the rule-matching value decreases with the accuracy of the match.
Typically, the matched records will be stored in a positive matching file, and the near-matched records in a negative matching file. Entries are stored within the positive matching file if the first threshold parameter is exceeded, by a parameter of the call record and in the negative matching file if a second threshold parameter is exceeded, but the first is not. The second threshold parameter may be defined by the first threshold parameter adjusted by a tolerance value, for example 10%. In this way, the records stored within the negative matching file are representative of calls which almost, but not quite, resulted in an alarm.
In a practical arrangement, the system may include a plurality of different rules, each having its own first threshold and tolerance value. The rules may be updated individually, each individual rule being updated in dependence upon the validated matched and validated near-matched records which correspond with that rule.
According to a second aspect of the invention there is provided a method of improving fraud detection within a telecommunications network, the method comprising:
(a) receiving call records representative of calls on the network;
(b) comparing each call record against an alarm rule and
(i) determining a match if the alarm rule matches the call record;
(ii) determining a near-match if the alarm-rule just fails to match the call record;
(c) validating the individual matched records and the near-matched records with an indication of expected fraud; and
(d) altering the said alarm rule in dependence upon the validated matched and validated near-matched records.
REFERENCES:
patent: 4182934 (1980-01-01), Keys et al.
patent: 5420910 (1995-05-01), Rudokas et al.
patent: 5495521 (1996-02-01), Rangachar
patent: 5524145 (1996-06-01), Parker
patent: 5602906 (1997-02-01), Phelps
patent: 5768354 (1998-06-01), Lange et al.
patent: 5875236 (1999-02-01), Sankowitz et al.
patent: 5907602 (1999-05-01), Peel et al.
patent: 0583135 A2 (1994-02-01), None
patent: 0618713 A2 (1994-10-01), None
patent: 0653868 A2 (1995-05-01), None
patent: 0661863 A2 (1995-07-01), None
patent: WO 94/11959 (1994-05-01), None
British Telecommunications public limited company
Nixon & Vanderhye
Smith Creighton
LandOfFree
Fraud prevention in a telecommunications network does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Fraud prevention in a telecommunications network, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Fraud prevention in a telecommunications network will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2516740