WO1998000956A2 - System and method for preventing cellular fraud - Google Patents

System and method for preventing cellular fraud Download PDF

Info

Publication number
WO1998000956A2
WO1998000956A2 PCT/US1997/011316 US9711316W WO9800956A2 WO 1998000956 A2 WO1998000956 A2 WO 1998000956A2 US 9711316 W US9711316 W US 9711316W WO 9800956 A2 WO9800956 A2 WO 9800956A2
Authority
WO
WIPO (PCT)
Prior art keywords
telephone
call
response
authentication platform
identification information
Prior art date
Application number
PCT/US1997/011316
Other languages
French (fr)
Other versions
WO1998000956A3 (en
Inventor
David P. Jordan
Elaine Reed
Kevin Mcmahon
Original Assignee
Mci Communications Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mci Communications Corporation filed Critical Mci Communications Corporation
Priority to AU35844/97A priority Critical patent/AU3584497A/en
Publication of WO1998000956A2 publication Critical patent/WO1998000956A2/en
Publication of WO1998000956A3 publication Critical patent/WO1998000956A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • H04M3/38Graded-service arrangements, i.e. some subscribers prevented from establishing certain connections
    • H04M3/382Graded-service arrangements, i.e. some subscribers prevented from establishing certain connections using authorisation codes or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/126Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A system and method for authenticating a telephone to a telecommunications network prior to connecting a telephone call. The present invention programs a cellular telephone with a telephone identifier. When a caller uses the cellular telephone to make a call, the telecommunications network automatically routes the call to an authentication platform. There is one authentication platform in the telecommunications network for receiving all cellular calls. The cellular telephone sends a call origination (404) to the authentication platform including an electronic serial number (ESN) and a mobile identification number (MIN). The authentication generates a response by encrypting the random challenge with its ESN, MIN and a unique telephone identifier and sends the response to the authentication platform (408). The authentication platform compares (410) the response from the cellular telephone with its anticipated response to authenticate the call. If the response and the anticipated response match (412), the authentication platform allows the call to complete; otherwise, the authentication platform terminates the call (414).

Description

System and Method for Preventing Cellular Fraud
Background of the Invention
Field of the Invention
This invention relates to cellular telephones, and more particularly to a telecommunications network having a central authentication platform for communicating with a cellular telephone for the purpose of preventing cellular fraud.
Related Art
There have been many attempts to reduce the abuse of cellular telephone service, but none has been completely successful. In recent statistics, the Cellular Telephone Industry Association reports that cellular fraud is now exceeding $1.5 million dollars in losses per day.
Conventional analog cellular telephone service is based on a technology that has few, if any, inherent fraud deterrents. In operation, a cellular telephone transmits in the clear a mobile identification number (MIN) and an electronic serial number (ESN) to a mobile telephone switching office (MTSO). The MIN and ESN identify the cellular telephone to the MTSO. Because the transmission is made in the clear, the MIN and ESN codes are readily available to fraud perpetrators who use inexpensive radio scanners and dual tone multi-frequency (DTMF) decoders to capture the ESN and MIN transmissions. This technique of acquiring these codes and modifying cellular telephones to transmit these codes is known as cloning.
Conventional attempts of reducing cellular fraud due to cloning are directed to developing suspect traffic monitoring systems. Although such monitoring systems are effective to a degree, suspect traffic monitoring systems are only mechanisms for monitoring losses due to abuse that has already occurred. Therefore, the only effective way to curtail the detected abuse is to terminate the service. Termination of cellular service results in a valid customer losing his existing cellular telephone service once the abuse is detected until the customer can get his cellular telephone reprogrammed with a new ESN and MIN.
Another conventional attempt of reducing fraud due to cloning is directed to the use of personal identification numbers (PINs). A PIN is a unique number, e.g. the four digit number associated with an automatic teller machine (ATM) debit card, that is assigned to each customer. In operation, the customer dials and sends a telephone number via his cellular telephone. Afterwhich, the customer enters his PIN which is verified by the telecommunications network. If the PIN is valid, the telecommunications network allows the telephone call to proceed.
The use of a PIN assists in reducing the impact of cloning fraud on the customer and the telecommunications carrier, but it does not eliminate the fraud. First, the fraud perpetrator must intercept the ESN, MIN, and PIN from the cellular telephone transmissions which the cellular telephone transmits at different times. Second, upon the detection of cloning fraud, the customer does not have to get his cellular telephone reprogrammed. Instead, the customer receives a new PIN which has a lesser impact than having the cellular telephone reprogrammed. As with suspect traffic monitoring systems, the use of a PIN is only effective once the fraud is detected. A PIN cannot eliminate cellular fraud.
Therefore, there is a need for a system and method to detect cellular fraud before allowing a fraudulent telephone call to occur. Summary of the Invention
The present invention provides a system and method for authenticating a cellular telephone to a telecommunications network prior to connecting a telephone call. More specifically, the present invention modifies a cellular telephone to include a programmable telephone identifier. When a caller uses the modified cellular telephone to make a telephone call, the telecommunications network automatically routes the call to a central authentication platform. The authentication platform receives and processes all cellular telephone calls.
When the authentication platform receives a call, it sends a random challenge to the cellular telephone. The random challenge is different, in a non-predictable fashion, every time the authentication platform challenges a cellular telephone. The cellular telephone then generates a response to the random challenge by encrypting the challenge with its electronic serial number (ESN), mobile identification number (MIN), and a unique internal telephone identifier and returns the response to the authentication platform. The authentication platform uses the response to verify whether a legitimate cellular telephone is being used. Therefore, the present invention eliminates cellular telephone cloning fraud because the authentication handshake between a cellular telephone and the authentication platform is different for every telephone call. An advantage of the present invention is that it removes all negative impact to a cellular telephone customer. When a conventional cellular fraud monitoring system identifies the occurrence of cloning fraud, the customer loses his cellular service until his cellular telephone is reprogrammed with a new ESN and MIN. Also, when cloning fraud is detected and the customer uses a PIN, the customer loses telephone service until he receives a new PIN. In contrast, the present invention does not require a customer to lose his cellular service nor to have his cellular telephone reprogrammed with a new ESN and MIN. The present invention uses a unique telephone identifier that is never transmitted in the clear. The cellular telephone transmits its telephone identifier encrypted with the ESN and MIN. Therefore, fraud perpetrators cannot use radio scanners and dual tone multi-frequency (DTMF) decoders to capture the telephone identifier. The fraud perpetrators would need the encryption algorithm to retrieve the telephone identifier. A second advantage of the present invention pertains to the reduction in the cost of providing cellular telephone services. The present invention provides for the detection of cellular cloning fraud before the cost of the telephone call is incurred. The present invention detects an occurrence of cloning fraud before the call is actually connected. Furthermore, the present invention eliminates the cost in reprogramming a customer's cellular telephone with a new ESN and MIN, or in providing a customer with a new PIN.
Brief Description of the Figures
The present invention is described with reference to the accompanying drawings. In the drawings, like reference numbers indicate identical or functionally similar elements. Additionally, the left-most digit(s) of a reference number identifies the drawing in which the reference number first appears.
FIG. 1 is a block diagram illustrating an overview of call processing;
FIG. 2 is a block diagram illustrating authentication of a cellular telephone;
FIG. 3 is a block diagram illustrating an exemplary computer system in which the preferred embodiment of the present invention operates;
FIG. 4 is a control flow diagram illustrating the operation of a preferred embodiment of a cellular telephone; and FIG. 5 is a control flow diagram illustrating the operation of a preferred embodiment of an authentication platform;
Detailed Description of the Preferred Embodiments
1. Overview of the preferred embodiment of the present invention
The present invention provides a system and method for preventing cellular fraud by authenticating a cellular telephone to a telecommunications network prior to connecting a call. FIG. 1 is a data flow block diagram illustrating an overview of a preferred embodiment of call processing according to the present invention. A data flow diagram represents how data is transmitted between the multiple components. Therefore, FIG. 1 illustrates the components of a telecommunications network and the data flow between the components.
The preferred embodiment of call processing 100 of the present invention comprises a mobile telephone switching office (MTSO) 106, authentication platform 112, local exchange carrier (LEC) 116, and inter-exchange carrier (IXC) 120. The MTSO 106 is a cellular site that is dedicated to receiving only cellular telephone calls. Therefore, when a cellular telephone 102 makes a telephone call, the cellular telephone 102 transmits the call origination 104, which includes the electronic serial number (ESN) and mobile identification number (MIN), to the MTSO 106. The MTSO forwards all calls 108 from modified cellular telephones 102 to an authentication platform 112. If the call origination 104 is a fraud clone call, i.e. the cellular telephone 102 transmits a stolen ESN and MIN, the MTSO 106 still transmits the call to the authentication platform 112.
There is one central authentication platform 112 in the telecommunications network. The authentication platform 112 receives all cellular telephone calls regardless of where in the network the call originated. It would be readily apparent to one of ordinary skill in the relevant art to develop a central authentication platform 112 for receiving all cellular telephone calls made within a telecommunications network.
Because there is only one authentication platform 112 within the telecommunications network, a cellular phone 102 always connects to the authentication platform 112 prior to collecting the customer dialed digits. The authentication platform 112 authenticates the call to determine whether or not to process the call. Call authorization is described in greater detail below. If the authentication platform 112 authenticates the call, the authentication platform 112 sends the call to either a local exchange carrier (LEC) 116 or an inter-exchange carrier (IXC) 120. If the call is a local call, the authentication platform 112 sends a local call termination 114 to the LEC 116, wherein LEC represents any local telecommunications carrier. However, if the call is a long distance call, the authentication platform 112 sends a long distance termination 118 to the IXC 120, wherein IXC 120 represents any long distance telecommunications carrier. In the case where the authentication platform 112 does not authenticate the call, the authentication platform 112 returns a cell call termination 110 to the MTSO 106. A cell call termination 110 indicates that the call origination 104 originated from a cellular clone and is a fraudulent call.
FIG. 2 is a block diagram illustrating authentication of a cellular telephone 102 by an authentication platform 112. As described above a cellular telephone 102 transmits a call origination 104 to an authentication platform 112 via a MTSO 106. The MTSO 106 is not shown in FIG. 2 for convenience purpose only. It should be understood, however, that the MTSO 106 is used in the preferred embodiment of the present invention to regulate communication between the cellular telephone 102 and the authentication platform 112.
The call origination 104 includes the electronic serial number (ESN) and the mobile identification number (MIN) of the cellular telephone 102. Both ESNs and MINs are well known in the field of telecommunications. An ESN is typically a 7-14 digit number, whereas a MIN typically represents a 10 digit telephone number. It would be readily apparent to one of ordinary skill in the relevant art to generate an ESN and MIN.
Upon receiving the call origination 104, the authentication platform 112 generates a unique random challenge 202 and sends it to the cellular telephone 102. The technique of generating a random challenge 202 is known to one of ordinary skill in the relevant art. It would be readily apparent to a person of ordinary skill in the relevant art to implement and transmit a unique random challenge 202 for each call origination 104.
Upon receiving the random challenge 202 from the authentication platform 112, the cellular telephone 102 combines the ESN and MIN with its unique telephone identifier to encrypt the random challenge 202 into a response. The preferred embodiment of a telephone identifier is a random number of alphanumeric or numeric digits. It would be readily apparent to one of ordinary skill in the relevant art to implement a telephone identifier or comparable unique identifier. After generating the response, the cellular telephone 102 then sends the ESN, MIN and telephone identifier (ID) encrypted 204 to the authentication platform 112.
Upon receiving the ESN, MIN, and ID encrypted 204 from the cellular telephone 102, the authentication platform 112 authenticates the cellular telephone 102. More specifically, the authentication platform 112 accesses a local database for the telephone identifier corresponding to the ESN and MIN provided in the call origination 104. It would be readily apparent to one of ordinary skill in the relevant art to create and maintain a local database of telephone identifiers. The authentication platform 112 then encrypts the random challenge 202 that it had sent to the cellular phone 102 with the ESN, MIN and telephone identifier. Therefore, the authentication platform 102 generates an anticipated response that represents the response that it expects to receive from the cellular phone 102.
After generating the anticipated response, the authentication platform 102 compares its anticipated response with the response (ESN, MIN and telephone identifier encrypted 204) that it received from the cellular telephone 102. If the anticipated response matches the response, the authentication platform 112 allows the call to proceed. However, if the anticipated response does not match the response, the authentication platform 112 denies the call. Therefore, the authentication platform 112 returns a proceed or call denied 206 message to the cellular telephone 102.
2. Host system for executing a preferred environment of the present invention
The chosen embodiment of the present invention is computer software executing within a computer system. FIG. 3 shows an exemplary computer system. The computer system 302 includes one or more processors, such as a processor 304. The processor 304 is connected to a communication bus 306.
The computer system 302 also includes a main memory 308, preferably random access memory (RAM), and a secondary memory 310. The secondary memory 310 includes, for example, a hard disk drive 312 and/or a removable storage drive 314, representing a floppy disk drive, a magnetic tape drive, a compact disk drive, a compact disk drive, a program cartridge and cartridge interface (such as that found in video game devices), a removable memory chip (such as EPROM, or PROM), etc. which is read by and written to by a removable storage unit 316. Removable storage unit 316, also called a program storage device or a computer program product, represents a floppy disk, magnetic tape, compact disk, etc. As will be appreciated, the removable storage unit 316 includes a computer usable storage medium having stored therein computer software and/or data. The removable storage drive 314 reads from and/or writes to a removable storage unit 316 in a well known manner.
The computer system 302 may also include other similar means for allowing computer programs or other instructions to be loaded. Such means can include, for example, a communications interface 318. Communications interface 318 allows software and data to be transferred between computer system 302 and external devices. Examples of communications interface 318 can include a modem, a network interface (such as an Ethernet card), a communications port, etc. Software and data transferred via communications interface 318 are in the form of signals which can be electronic, electromagnetic, optical or other signals capable of being received by communications interface 318.
In this document, the term "computer program product" is used to generally refer to removable storage unit 316, a hard disk installed in hard disk drive 312, and signals transferred via communications interface 318. These computer program products are means for providing software to a computer system 302. In an embodiment where the invention is implemented using software, the software may be stored in main memory 308, or in a computer program product and loaded into computer system 302 using removable storage drive 314, hard disk drive 312, or communications interface 318. The software, when executed by the processor 304, causes the processor 304 to perform the functions of the invention as described herein.
In another embodiment, the invention is implemented primarily in hardware using, for example, a hardware state machine. Implementation of the hardware state machine so as to perform the functions described herein will be apparent to persons skilled in the relevant arts. The preferred embodiment of the present invention is implemented in software, and more specifically, is written in the programming language C++ and uses a database management system such as DB2 or Sybase. Furthermore, the preferred embodiment of the present invention is directed to execute within a computer system 302 that can handle the programming language C++. The preferred embodiment is described in these terms for convenience purpose only. Other comparable computer systems 302, programming languages, and database management systems could alternatively be used. 3. Control flow of a preferred embodiment of a cellular phone
FIG. 4 is a control flow diagram illustrating the operation of a preferred embodiment of a cellular telephone 102. Processing begins at step 402 and immediately proceeds to step 404. In step 404, the cellular telephone 102 sends a call origination 104 to the authentication platform 112, wherein the call origination 104 contains the cellular telephone's 102 ESN and MIN codes. Continuing to step 406, the cellular telephone 102 waits to receive a random challenge 202 from the authentication platform 112.
Upon receiving the random challenge 202, the cellular telephone 102 continues to step 408. In step 408, the cellular telephone 102 uses its ESN, MIN and a unique telephone identifier to encrypt the random challenge 202 and generate a response. The cellular telephone 102 is programmed with a unique telephone identifier. After generating the response, the cellular telephone 102 sends the ESN, MIN, and telephone identifier (ID) encrypted 204 to the authentication platform 112. The cellular telephone 102 then continues to step 410.
In step 410, the cellular telephone 102 waits for a response from the authentication platform 112 informing the cellular telephone 102 that the call can proceed or is denied 206. If the cellular telephone 102 determines that the call can proceed, the cellular telephone 102 proceeds to step 412. In step 412, the cellular telephone 102 completes the call. When the call is complete, the cellular telephone 102 continues to step 416. In step 416, the cellular telephone 102 has completed its processing of the call and exits.
Referring again to step 410, if the cellular telephone 102 determines that the call cannot proceed, the cellular telephone 102 proceeds to step 414. In step 414, the cellular telephone 102 generates an alarm and displays a termination message to the caller indicating that authentication has failed. Continuing to step 416, the cellular telephone 102 has completed its processing of the call and exits. 4. Control flow of a preferred embodiment of an authentication platform
FIG. 5 is a control flow diagram illustrating the operation of a preferred embodiment of an authentication platform 112. Processing begins at step 502 and immediately proceeds to step 504. In step 504, the authentication platform 112 receives a call origination 104 from a cellular telephone 102, wherein the call origination 104 includes the cellular telephone's 102 ESN and MIN. Continuing to step 506, the authentication platform 112 issues a random challenge 202 to the cellular telephone 102. The authentication platform 112 then continues to step 508. In step 508, the authentication platform 112 receives a response from the cellular telephone 102 comprising the random challenge 202 encrypted with the cellular telephone's ESN, MIN, and telephone identifier 204. Continuing to step 510, the authentication platform 112 accesses a local database containing telephone identifiers for each ESN and MIN combination. The authentication platform 112 then continues to step 512. In step 512, the authentication platform 112 generates an anticipated response to the random challenge 202 that it had sent to the cellular telephone 102. The anticipated response is the random challenge encrypted with the cellular telephone's ESN, MIN, and telephone identifier. The authentication platform 112 then continues to step 514.
In step 514, the authentication platform 112 authenticates the call by comparing its anticipated response with the response (ESN, MIN and telephone identifier encrypted 204) from the cellular telephone 102. If the anticipated response equals the response from the cellular telephone 102, the authentication platform 112 proceeds to step 516. In step 516, the authentication platform 112 allows the call to complete. If the call is a local call, the authentication platform 112 routes the local call termination 114 to a local exchange carrier (LEC) 116. If the call is a long distance call, the authentication platform 112 routes the long distance termination 118 to an inter-exchange carrier (IXC) 120. Continuing to step 518, the authentication platform 112 waits for the call to complete. After the call has completed, the authentication platform 112 continues to step 522. In step 522, the authentication platform 112 has completed its processing of the call and exits.
Referring again to step 514, if the authentication platform 112 determines that its anticipated response does not equal the response from the cellular telephone 102, the authentication platform 112 proceeds to step 520. In step 520, the authentication platform 112 returns a call denied 206 message to the cellular telephone 102 to terminate the call. The authentication platform 112 then continues to step 522 in which it has completed its processing of the call and exits.
5. Alternative Embodiments
The preferred embodiment of the present invention is described in terms of cellular fraud within a telecommunications network. It should be understood, however, that the present invention is equally applicable to clip-on fraud. Clip-on fraud is similar to the cloning of a cellular telephone, but pertains to wire-line telephones. When cloning a cellular telephone, a fraud perpetrator captures the ESN and
MIN transmissions from the cellular telephone and modifies another cellular telephone to transmit those codes, thereby accessing the telecommunications service of a valid customer. When performing clip-on fraud, a fraud perpetrator clips-on to the actual telephone wire, or line, of a valid customer, such as the telephone wire that comes into a building. Therefore, when the customer uses a telephone from within the building, d e fraud perpetrator utilizes the compromised wire. Similar to cloning, once the line is compromised, the fraud perpetrator uses the access to the valid customer's telecommunications service to make unauthorized calls.
It would be readily apparent to one of ordinary skill in the relevant art to apply the present invention to the prevention of clip-on fraud. More specifically, a wireline telephone could be programmed with a unique telephone identifier. Therefore, when a telephone call is placed from within a building, the telephone would receive a random challenge from the telecommunications network and encrypt the random challenge with the automatic number identification (ANI or caller ID) and telephone identifier before transmitting it back to the telecommunications network. This embodiment provides a mechanism by which a telecommunications network authenticates a wire-line telephone before allowing a telephone call to be connected.
Conclusion
While various embodiments of the present invention have been described above, it should be understood that they have been presented by the way of example only, and not limitation. It should be understood by those skilled in the art that various changes in form and details may be made therein widiout departing from the spirit and scope of the invention as defined in the appended claims. Thus, the breadth and scope of the present invention should not be limited by any of the above- described exemplary embodiments, but should be defined in accordance with the following claims and their equivalents.

Claims

What Is Claimed Is:
1. A telephone, comprising: a call origination means for transmitting a call origination for a call to an authentication platform within a telecommunications network, said call origination having identification information, said telecommunications network having one said authentication platform; a receiving means for receiving from said authentication platform a random challenge; a response means for transmitting to said authentication platform a response to said random challenge, said response encrypting said random challenge with said identification information and a telephone identifier, wherein said telephone identifier is not sent over said telecommunications network in the clear; a call proceed means for receiving from said authentication platform a message to proceed with said call and for completing said call; and a call denied means for receiving from said authentication platform a message to terminate said call and for terminating said call.
2. The telephone of claim 1 , wherein the telephone is programmed with said telephone identifier.
3. The telephone of claim 1 , wherein the telephone is a cellular telephone.
4. The telephone of claim 3, wherein said identification information is an electronic serial number (ESN) and a mobile identification number (MIN).
5. The telephone of claim 1 , wherein the telephone is a wire-line telephone.
6. The telephone of claim 5, wherein said identification information is an automatic number identification (ANI).
7. An authentication platform of a telecommunications network, wherein said telecommunications has one authentication platform, comprising a receiving means for receiving a call origination for a call from a telephone, said call origination having identification information; a random challenge means for generating a random challenge and transmitting said random challenge to said telephone; a second receiving means for receiving a response from said telephone, said response encrypting said random challenge with said identification information and a telephone identifier; a retrieving means for retrieving from a database a copy of said telephone identifier, wherein said copy of said telephone identifier corresponds to said identification information from said call origination; a generating means for generating an anticipated response to said random challenge, said anticipated response encrypting said random challenge with said identification information from said call origination and said copy of said telephone identifier; a determining means for determining whether said response from said telephone matches said anticipated response; a termination means for terminating said call and sending said telephone a termination message if said determining means determines that said response does not match said anticipated response; and an allowing means for allowing said call to complete and waiting for said call to complete if said determining means determines that said response matches said anticipated response.
8. The authentication platform of claim 7, wherein the telephone is a cellular telephone.
9. The authentication platform of claim 8, wherein said identification information is an electronic serial number (ESN) and a mobile identification number (MIN)
10. The authentication platform of claim 7, wherein the telephone is a wireline telephone.
11. The telephone of claim 10, wherein said identification information is an automatic number identification (ANI).
12. A method for authenticating a telephone over a telecommunications network, the method comprising the following steps that are performed by the telephone:
( 1 ) programming the telephone with a telephone identifier;
(2) transmitting a call origination for a call, said call origination having identification information;
(3) receiving a random challenge;
(4) generating a response to said random challenge, said response encrypting said random challenge with said identification information and said telephone identifier; (5) transmitting said response, wherein said telephone identifier is not transmitted over the telecommunications network in the clear;
(6) receiving a call proceed message or a call denied message;
(7) proceeding with said call if step (6) receives a call proceed message; and (8) denying said call if step (6) receives a call denied message.
13. The method of step 12, wherein step (8) comprises:
(8. a) generating an alarm; and (8.b) displaying a message.
14. The method of claim 12, wherein the telephone is a cellular telephone.
15. The method of claim 14, wherein said wherein said identification information is an electronic serial number (ESN) and a mobile identification number (MIN).
16. The method of claim 12, wherein the telephone is a wire-line telephone.
17. The method of claim 16, wherein said identification information is an automatic number identification (ANI).
18. A method for authenticating a telephone over a telecommunications network, the method comprising the following steps that are performed by an authentication platform of the telecommunications network, the telecommunications network having one authentication platform: (1 ) receiving a call origination for a call from a telephone, said call origination having identification information;
(2) generating a random challenge;
(3) transmitting said random challenge to the telephone;
(4) receiving a response from the telephone, said response encrypting said random challenge with said identification information and a telephone identifier;
(5) retrieving from a database a copy of said telephone identifier, wherein said copy of said telephone identifier corresponds to said identification information from said call origination; (6) generating an anticipated response to said random challenge, said anticipated response encrypting said random challenge with said identification information from said call origination, and said copy of said telephone identifier; (7) determining whether said response from the telephone matches said anticipated response;
(8) terminating said call and sending the telephone a call denied message if it is determined in step (7) that said response does not match said anticipated response; and (9) allowing said call and sending the telephone a call proceed message if it is determined in step (8) that said response matches said anticipated response.
19. The method of claim 18, wherein the telephone is a cellular telephone.
20. The method of claim 19, wherein said identification information is an electronic serial number (ESN) and a mobile identification number (MIN).
21. The method of claim 18, wherein the telephone is a wire-line telephone.
22. The method of claim 21 , wherein said identification information is an automatic number identification (ANI).
23. A computer program product for use with a computer system of a telephone, comprising: a computer usable medium having computer readable program code means embodied in said medium for authenticating a telephone over a telecommunications network, said computer program product having: a first computer readable program code means for enabling a processor to transmit a call origination for a call to an authentication platform within a telecommunications network, said call origination having identification information, said telecommunications network having one said authentication platform; a second computer readable program code means for enabling said processor to receive from said authentication platform a random challenge; a third computer readable program code means for enabling said processor to transmit to said authentication platform a response to said random challenge, said response encrypting said random challenge with said identification information and a telephone identifier, wherein said telephone identifier is not transmitted over said telecommunications network in the clear; a fourth computer readable program code means for enabling said processor to receive from said authentication platform a message to proceed with said call and for completing said call; and a fifth computer readable program code means for enabling said processor to receive from said authentication platform a message to terminate said call and for terminating said call.
24. The computer program product of claim 23, wherein the telephone is programmed with said telephone identifier.
25. The computer program product of claim 23, wherein said identification information is an electronic serial number (ESN) and a mobile identification number (MIN).
26. The computer program product of claim 23, wherein said identification information is an automatic number identification (ANI).
27. A computer program product for use with a computer system of an authentication platform, comprising: a computer usable medium having computer readable program code means embodied in said medium for authenticating a telephone over a telecommunications network, the telecommunications network having one authentication platform, said computer program product having: a first computer readable program code means for enabling a processor to receive a call origination for a call from a telephone, said call origination having identification information; a second computer readable program code means for enabling said processor to generate a random challenge and transmitting said random challenge to said telephone; a third computer readable program code means for enabling said processor to receive a response from said telephone, said response encrypting said random challenge with said identification information and a telephone identifier; a fourth computer readable program code means for enabling said processor to retrieve from a database a copy of said telephone identifier, wherein said copy of said telephone identifier corresponds to said identification information from said call origination; a fifth computer readable program code means for enabling said processor to generate an anticipated response to said random challenge, said anticipated response encrypting said random challenge with said identification information from said call origination and said copy of said telephone identifier; a sixth computer readable program code means for enabling said processor to determine whether said response from said telephone matches said anticipated response; a seventh computer readable program code means for enabling said processor to terminate said call and sending said telephone a termination message if said sixth computer readable program code means determines that said response does not match said anticipated response; and an eighth computer readable program code means for enabling said processor to allow said call to complete and waiting for said call to complete if said sixth computer readable program code means determines that said response matches said anticipated response.
28. The computer program product of claim 27, wherein said identification information is an electronic serial number (ESN) and a mobile identification number (MIN)
29. The computer program product of claim 27, wherein said identification information is an automatic number identification (ANI).
PCT/US1997/011316 1996-06-28 1997-06-30 System and method for preventing cellular fraud WO1998000956A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU35844/97A AU3584497A (en) 1996-06-28 1997-06-30 System and method for preventing cellular fraud

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US67463796A 1996-06-28 1996-06-28
US08/674,637 1996-06-28

Publications (2)

Publication Number Publication Date
WO1998000956A2 true WO1998000956A2 (en) 1998-01-08
WO1998000956A3 WO1998000956A3 (en) 1998-02-12

Family

ID=24707375

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1997/011316 WO1998000956A2 (en) 1996-06-28 1997-06-30 System and method for preventing cellular fraud

Country Status (2)

Country Link
AU (1) AU3584497A (en)
WO (1) WO1998000956A2 (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000005685A1 (en) * 1998-07-22 2000-02-03 Michael Schweers Method for confirming a fact or data at the request of a person
WO2000007347A1 (en) * 1998-07-30 2000-02-10 Pathfinder Technical Resources Limited A telephone
GB2366938A (en) * 2000-08-03 2002-03-20 Orange Personal Comm Serv Ltd Method of authentication in a mobile communication network
EP1241907A1 (en) * 2001-03-13 2002-09-18 Sony International (Europe) GmbH Identification of a mobile terminal in a wireless network
WO2004043051A1 (en) * 2002-11-06 2004-05-21 Telkom Sa Limited A telephone fraud prevention system
KR100675150B1 (en) * 2000-09-09 2007-01-29 엘지전자 주식회사 A method of assigning new id for wll terminal
EP2141883A1 (en) * 2008-07-04 2010-01-06 Alcatel, Lucent A method in a peer for authenticating the peer to an authenticator, corresponding device, and computer program product therefore
US7764955B1 (en) * 2003-04-02 2010-07-27 Sprint Spectrum L.P. Method and system for routing a call based on calling device type
CN102265161A (en) * 2008-11-28 2011-11-30 巴斯德研究院 Use of basicity prolin-rich lacrimal gene products, such as opiorphin, as biomarker
WO2017127160A1 (en) * 2016-01-19 2017-07-27 Google Inc. Identifying a mobile computing device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5150412A (en) * 1990-04-28 1992-09-22 Nec Corporation Security module for radio telephone
US5311596A (en) * 1992-08-31 1994-05-10 At&T Bell Laboratories Continuous authentication using an in-band or out-of-band side channel
US5351296A (en) * 1993-03-29 1994-09-27 Niobrara Research & Development Corporation Financial transmission system
US5420908A (en) * 1993-03-11 1995-05-30 At&T Corp. Method and apparatus for preventing wireless fraud
US5455863A (en) * 1993-06-29 1995-10-03 Motorola, Inc. Method and apparatus for efficient real-time authentication and encryption in a communication system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5150412A (en) * 1990-04-28 1992-09-22 Nec Corporation Security module for radio telephone
US5311596A (en) * 1992-08-31 1994-05-10 At&T Bell Laboratories Continuous authentication using an in-band or out-of-band side channel
US5420908A (en) * 1993-03-11 1995-05-30 At&T Corp. Method and apparatus for preventing wireless fraud
US5351296A (en) * 1993-03-29 1994-09-27 Niobrara Research & Development Corporation Financial transmission system
US5455863A (en) * 1993-06-29 1995-10-03 Motorola, Inc. Method and apparatus for efficient real-time authentication and encryption in a communication system

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000005685A1 (en) * 1998-07-22 2000-02-03 Michael Schweers Method for confirming a fact or data at the request of a person
WO2000007347A1 (en) * 1998-07-30 2000-02-10 Pathfinder Technical Resources Limited A telephone
GB2345225A (en) * 1998-07-30 2000-06-28 Pathfinder Tech Resources Ltd A telephone
GB2345225B (en) * 1998-07-30 2000-09-27 Pathfinder Tech Resources Ltd A telephone
GB2366938A (en) * 2000-08-03 2002-03-20 Orange Personal Comm Serv Ltd Method of authentication in a mobile communication network
GB2366938B (en) * 2000-08-03 2004-09-01 Orange Personal Comm Serv Ltd Authentication in a mobile communications network
KR100675150B1 (en) * 2000-09-09 2007-01-29 엘지전자 주식회사 A method of assigning new id for wll terminal
EP1241907A1 (en) * 2001-03-13 2002-09-18 Sony International (Europe) GmbH Identification of a mobile terminal in a wireless network
WO2004043051A1 (en) * 2002-11-06 2004-05-21 Telkom Sa Limited A telephone fraud prevention system
US7764955B1 (en) * 2003-04-02 2010-07-27 Sprint Spectrum L.P. Method and system for routing a call based on calling device type
EP2141883A1 (en) * 2008-07-04 2010-01-06 Alcatel, Lucent A method in a peer for authenticating the peer to an authenticator, corresponding device, and computer program product therefore
WO2010000588A1 (en) * 2008-07-04 2010-01-07 Alcatel Lucent A method in a peer for authenticating the peer to an authenticator, corresponding device, and computer program product therefore
CN102265161A (en) * 2008-11-28 2011-11-30 巴斯德研究院 Use of basicity prolin-rich lacrimal gene products, such as opiorphin, as biomarker
WO2017127160A1 (en) * 2016-01-19 2017-07-27 Google Inc. Identifying a mobile computing device
US9942757B2 (en) 2016-01-19 2018-04-10 Google Inc. Identifying a mobile computing device

Also Published As

Publication number Publication date
AU3584497A (en) 1998-01-21
WO1998000956A3 (en) 1998-02-12

Similar Documents

Publication Publication Date Title
US5708710A (en) Method and apparatus for authentication in a communication system
US5809125A (en) Method and apparatus for intercepting potentially fraudulent telephone calls
US6799272B1 (en) Remote device authentication system
US5343529A (en) Transaction authentication using a centrally generated transaction identifier
US5696824A (en) System for detecting unauthorized account access
US6173172B1 (en) System and method for preventing the unauthorized use of a mobile communication device
CA2257992C (en) A method and system for communication access restriction
EP0976278B1 (en) Preventing misuse of a copied subscriber identity in a mobile communication system
US5822691A (en) Method and system for detection of fraudulent cellular telephone use
US5572193A (en) Method for authentication and protection of subscribers in telecommunications systems
US5517554A (en) Apparatus and method for locking a mobile communication unit
US20010044295A1 (en) Communication control apparatus and radio communications system
JP3479634B2 (en) Personal authentication method and personal authentication system
EP1023794A1 (en) System for detecting unauthorized account access
GB2335568A (en) Method for enabling the locking of a mobile phone hand set to a specified network by the network operator
WO2003007121B1 (en) Method and system for determining confidence in a digital transaction
US6295446B1 (en) Method and apparatus to detect fraudulent calls in a radio network
WO1998000956A2 (en) System and method for preventing cellular fraud
JP3139483B2 (en) Personal communication system and communication method therefor
WO1991001067A2 (en) Method for authentication and protection of subscribers in telecommunication systems
JP2002229951A (en) Person identification system
US5812650A (en) Method and apparatus for intercepting potentially fraudulent
WO1993021720A1 (en) Methods and apparatus for controlling access to toll free telephone service
JPH11510019A (en) Access restriction process for communication networks, communication systems and units for such systems
EP1119147A1 (en) Provision of secure access for telecommunications system

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AU CA JP MX

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: JP

Ref document number: 98504361

Format of ref document f/p: F

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: CA