Methods, apparatus, scripts, and computer readable media for facilitating secure capture of sensitive data for a voice-based transaction conducted over a telecommunications network

Description

BRIEF DESCRIPTIONS OF THE DRAWINGS

FIG. 1 is a block diagram of apparatus constructed according to an illustrative embodiment of the invention.

FIG. 2 is a flowchart of a process provided by an illustrative embodiment of the invention.

FIGS. 3
a-3d illustrate various embodiments of a script constructed in accordance with various aspects of the invention.

DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENTS

FIG. 1 is a block diagram of apparatus 100 constructed according to an illustrative embodiment of the invention. As shown in FIG. 1, a caller uses conventional telephone equipment, shown collectively as 110, to access the public switched telephone network (PSTN) 120 to exchange voice data 115 with a call processing center (not shown). The call center includes at least an automated call processing system 130 that executes a script specifying a call flow for the interaction with the caller 110.

It will be understood that either the call center or the caller 110 could initiate the voice-based interaction. For example, the caller 110 may dial a toll-free number serviced by the call center to order or inquire about goods or services marketed by a client of the call center. Conversely, the call center could initiate the call as part of an outbound telemarketing campaign. In either event, the caller 110 may enter into a transaction that involves disclosure of certain data pertaining to the caller 110.

The automated call processing system 130 is adapted to obtain both sensitive data and non-sensitive data (shown collectively as 125) from the caller 110. To receive any non-sensitive data 125a from the caller 110, the automated call processing system 130 transfers the caller 110 to a live operator 140, who may be physically located either on the premises of the call center or at a facility remote from the call center, such as the live operator's residence. From the standpoint of the caller 110, the call transfer performed by the automated call processing system 130 during the capture of non-sensitive data 125a is substantially transparent. In essence, the automated call processing system creates a virtual direct link 128 between the caller and the live operator, as indicated by the dashed line in FIG. 1 running from the PSTN 120 to the live operator 140.

When the script executing on the automated call processing system 130 indicates that sensitive data 125b is to be captured from the caller 110, the system 130 transfers the call from the live operator 140 back to itself. The caller 110 then provides the sensitive data 125b to the automated call processing system 130, which in turn stores the sensitive data 125 in a transaction record 135. Likewise, any non-sensitive data 125a obtained from the caller 110 by the live operator 140 is also stored in the transaction record 135.

In this manner, the telephone call from/to the caller 110 may be transferred between the live operator 140 and the automated call processing system 130, as dictated by the script executed by the automated call processing system 130, as many times and in whatever order is Hi necessary to capture both sensitive data 125b and non-sensitive data 125a from the caller 110. Preferably, this call transfer operation is conducted in real time, in that the caller 110 does not perceive a delay or other disturbance in the execution of these call transfers that is significant enough to unduly interfere with the overall call experience.

In the context of this specification, the term “sensitive data” refers to any data with which privacy concerns may be associated. Specific examples depend on the circumstances surrounding a given implementation of the invention, but may include telephone numbers, credit card or other banking institution numbers, social security numbers, drivers' licenses numbers, or the like.

The automated call processing system 130 is also adapted to generate voice communications directed to the caller 110, represented generally by the reference numeral 127, advising the caller 110 that any sensitive data 125b will be captured automatically rather than by the live operator 140, thereby minimizing the risk that the caller 110 might inadvertently provide sensitive information 125b directly to the live operator 140. Technology suitable to implement the automated call processing system 130 may include technology such as automated call distribution systems (ACDs), voice response units (VRUs), all switching and routing hardware, or interactive voice response units (IVRs), or combinations of the above. Further, the automated call processing system 130 may employ a speech recognition engine (not shown) if necessary to process the sensitive data 125b as received from the caller 110. The caller 110 may communicate sensitive data in at least two different ways. A first way would be to directly speak the sensitive data to the automated call processing system 130, in which case it may be necessary to convert such speech or voice data into a text equivalent for storage in the transaction record 135. Alternatively, the caller 110 may enter sensitive data 125b by using a touch-tone telephone handset equipped with technology suitable for generating DTMF tones. In this latter case, a speech recognition engine may not be necessary. Suitable speech recognition technology is available from Nuance Corporation (nuance.com). Those skilled in the art will recognize, however, that the invention is not limited to technology obtained from one particularly vendor, but could be practiced with technology obtained from any speech recognition vendor.

FIG. 2 is a flow chart of a process flow 200 provided by an illustrative embodiment of the invention. As shown by block 210, the method can include advising the caller that all sensitive data 125b will be captured only by the automated call processing system 130, and that any sensitive data 125b should not be provided to the live operator 140. In block 215, the method then begins execution of the call script running on the automated call processing system 130. In block 220, the method then evaluates whether sensitive data 125b is to be captured at a given point within the call script. If sensitive data 125b is to be captured at this given point, the method proceeds to transfer the caller 110 to the automated call processing system 130 to capture the sensitive data 125b. The automated call processing system 130 then captures the sensitive data 125b as necessary from the caller 110, as dictated by the script (block 230). The automated call processing system 130 then stores this sensitive data 125b in a transaction record 135 associated with the current transaction being executed with the caller 110 (block 235). The method then advances to the next state specified by the call script (block 240).

Returning to the evaluation block 220, if the given point in the call script indicates that sensitive data 125b is not to be captured at this point, the method proceeds to capture the nonsensitive data 125a as specified by the call script (block 245). The method then proceeds to store this non-sensitive data 125a in the transaction record 135 (block 250), and then the method advances to the next state specified by the script (block 240). The method then returns to the evaluation block 220 to continually evaluate whether sensitive data 125b is to be captured, and routes the telephone call accordingly. These steps are repeated until the call script is completely executed for a given interaction with a caller 110, or the communication with the caller 110 is terminated for some reason.

FIGS. 3
a-3d illustrate various embodiments of a script constructed in accordance with various aspects of the invention. FIG. 3a illustrates a first embodiment 300 of the script. A first command 300a appearing within the script dictates that sensitive data is to be captured from the caller 110, and that the call should be transferred to the automated call processing system 130 to capture that sensitive data. At a point later in the script, a command 300b dictates that nonsensitive data is to be captured from the caller 110 and that the call should be transferred to the live operator 140 to capture that non-sensitive data. The embodiment 300 of the script illustrates a scenario wherein sensitive data is captured automatically before the call is transferred to the live operator 140. Those skilled in the art will understand that various steps could precede command 300a, follow command 300b, or come in between commands 300a and 300b. These steps are not shown for the purposes of concise and brevity in illustrating the first command 300a and the second command 300b.

FIG. 3
b illustrates an embodiment 325 of a script constructed in accordance to an illustrative embodiment of the invention. In this scenario, a first command 325a dictates that non-sensitive data be captured by the live operator 140, with a subsequent command 325b dictating that sensitive data be securely captured by the automated call processing system 130.

FIG. 3
b illustrates a scenario wherein the non-sensitive data is captured first by the live operator 140, with sensitive data being captured subsequently by the automated call processing system 130.

FIG. 3
c illustrates an embodiment 350 of the script as constructed according to the invention. In this scenario, a first command 350a dictates that first non-sensitive data be captured by transferring the call to the live operator 140, with a subsequent command 350b dictating that sensitive data be securely captured by transferring the call to the automated call processing system 130, with a still further command 350c dictating that additional or second non-sensitive data be captured by retransferring the call to the live operator 140. The embodiment 350 illustrates a scenario wherein the call is repeatedly transferred between the live operator 140 and the automated call processing system 130 as necessary to capture both sensitive and non-sensitive data as dictated by the script 350.

Similarly, the embodiment 375 shown in FIG. 3d illustrates a scenario wherein a command 375b to capture non-sensitive data is interposed between two commands 375a and 375c that dictate that first and second sensitive data is to be securely captured. Those skilled in the art will understand from reviewing the foregoing that the invention as discussed herein provides considerable flexibility and security in handling sensitive data as obtained from the caller 110.

Returning to FIG. 2, the program of instructions can be loaded and stored onto a program storage medium or device 201 readable by a computer or other machine, embodying a program of instructions executable by the machine to perform the various aspects of the method as discussed and claimed herein, and as illustrated in the Figures. Generally speaking, the program storage medium 201 can be implemented using any technology based upon materials having specific magnetic, optical, semiconductor or other properties that render them suitable for storing computer data, whether such technology involves either volatile or non-volatile storage media. Specific examples of such media can include, but are not limited to, magnetic hard or floppy disks drives, optical drives or CD-ROMs, and any memory technology based on semiconductors or other materials, whether implemented as read-only or random access memory. In short, this embodiment of the invention may reside either on a medium directly addressable by the computer's processor (main memory, however implemented) or on a medium indirectly accessible to the processor (secondary storage media such as hard disk drives, tape drives, CD-ROM drives, floppy drives, or the like). Consistent with the above teaching, program storage device 201 can be affixed permanently or removably to a bay, socket, connector, or other hardware provided by the cabinet, motherboard, or other component of a given computer system.

Those skilled in the art will also understand that a computer programmed in accordance with the above teaching using known programming languages provides means for realizing the various functions, methods, and processes as described and claimed herein and as illustrated in the drawing figure attached hereto. Further, the various embodiments of the scripts (300, 325, 350, and 375) may also be embodied in or loaded onto program storage devices similar to that shown in FIG. 2 as 201.

Various embodiments of the invention are described above to facilitate a thorough understanding of various aspects of the invention. However, these embodiments are to be understood as illustrative rather than limiting in nature, and those skilled in the art will recognize that various modifications or extensions of these embodiments will fall within the scope of the invention, which is defined by the appended claims.

Claims

1. A method of facilitating secure capture of sensitive data during a voice-based transaction with a caller conducted over a telecommunications network, the method comprising at least the following: executing a script controlling a flow of the voice-based transaction, during which transaction at least one of sensitive and non-sensitive data may be obtained; transferring the caller to an automated system in real time in response to the script to: capture sensitive data from the caller; and store the sensitive data in a transaction record; transferring the caller to a live operator in real time in response to the script to: capture non-sensitive data from the caller; and store the non-sensitive data in the transaction record.
2. The method of claim 1, wherein transferring the caller to a live operator includes transferring the caller to a live operator physically located on the premises of a call center facility.
3. The method of claim 1, wherein transferring the caller to a live operator includes transferring the caller to a home agent who is located remotely from a call center.
4. The method of claim 1, further comprising converting the sensitive data to a text equivalent and storing the text equivalent in the transaction record.
5. The method of claim 1, wherein for at least one given transaction, transferring the caller to an automated system is performed before transferring the caller to a live operator.
6. The method of claim 1, wherein for at least one given transaction, transferring the caller to a live operator is performed before transferring the caller to an automated system.
7. The method of claim 1, wherein: transferring the caller to an automated system includes transferring the caller to an automated system in response to a first portion of the script directing that sensitive data be captured from the caller; and transferring the caller to an automated system includes transferring the caller to a live operator in response to at least a second portion of the script directing that non-sensitive data be captured from the caller.
8. The method of claim 1, wherein transferring the caller to an automated system and transferring the caller to an automated system to a live operator are both performed for the given voice-based transaction.
9. A program storage device storing a script that is adapted for execution in a call center environment to facilitate secure capture of sensitive data during a voice-based transaction conducted over a telecommunications network, the script comprising at least the following: at least a one instance of a first command directing that sensitive data be securely captured by an automated system; and at least a one instance of at least a second command directing that non-sensitive data be captured by a live operator.
10. The program storage device of claim 9, wherein the first command directs that a call be transferred in real time to the automated system to capture the sensitive data.
11. The program storage device of claim 9, wherein the at least second command directs that a call be transferred in real time to a live operator to capture the non-sensitive data.
12. The program storage device of claim 9, wherein the at least one instance of the first command appears sequentially in the script before the at least one instance of the second command.
13. The program storage device of claim 9, wherein the at least one instance of the at least second command appears sequentially in the script before the at least one instance of the first command.
14. The program storage device of claim 9, further comprising at least a second instance of the first command, and wherein the at least one instance of the at least second command appears sequentially between the first and at least second instances of the first command.
15. The program storage device of claim 9, further comprising at least a second instance of the at least second command, and wherein the at least one instance of the first command appears sequentially between the first and at least second instances of the second command.
16. The program storage device of claim 9, wherein: the first command directs that a call be transferred in real time to the automated system to capture the sensitive data; the at least second command directs that a call be transferred in real time to a live operator to capture the non-sensitive data; and wherein both of the first command and the at least second command are executed at least once during the voice-based transaction.
17. Apparatus for facilitating secure capture of sensitive data during a voice-based transaction with a caller conducted over a telecommunications network, the apparatus comprising at least the following: means for executing a script controlling a flow of the voice-based transaction, during which transaction at least one of sensitive and non-sensitive data may be obtained; means for transferring the caller to an automated system in real time in response to the script to: capture sensitive data from the caller; and store the sensitive data in a transaction record; means for transferring the caller to a live operator in real time in response to the script to: capture non-sensitive data from the caller; and store the non-sensitive data in the transaction record.
18. The apparatus of claim 17, wherein: the means for transferring the caller to an automated system includes means for transferring the caller to an automated system in response to a first portion of the script directing that sensitive data be captured from the caller; and the means for transferring the caller to an automated system includes means for transferring the caller to a live operator in response to at least a second portion of the script directing that non-sensitive data be captured from the caller.
19. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform a method for facilitating secure capture of sensitive data during a voice-based transaction with a caller conducted over a telecommunications network, the method comprising at least the following: executing a script controlling a flow of the voice-based transaction, during which transaction at least one of sensitive and non-sensitive data may be obtained; transferring the caller to an automated system in real time in response to the script to: capture sensitive data from the caller; and store the sensitive data in a transaction record; transferring the caller to a live operator in real time in response to the script to: capture non-sensitive data from the caller; and store the non-sensitive data in the transaction record.
20. The method performed by the program of instructions embodied by the program storage device of claim 19, wherein: transferring the caller to an automated system includes transferring the caller to an automated system in response to a first portion of the script directing that sensitive data be captured from the caller; and transferring the caller to an automated system includes transferring the caller to a live operator in response to at least a second portion of the script directing that non-sensitive data be captured from the caller.

Parent Case Info

This application is a continuation of U.S. patent application Ser. No. 10/108,224, filed 27 Mar. 2002, now abandoned. The applicants claim the full benefit of the filing date of such application under 35 U.S.C. §120.

US Referenced Citations (66)

Number	Name	Date	Kind
4792968	Katz	Dec 1988	A
4845739	Katz	Jul 1989	A
4930150	Katz	May 1990	A
4932046	Katz et al.	Jun 1990	A
4939773	Katz	Jul 1990	A
4975945	Carbullido	Dec 1990	A
4987590	Katz	Jan 1991	A
4989233	Schakowsky et al.	Jan 1991	A
5014298	Katz	May 1991	A
5016270	Katz	May 1991	A
5018191	Catron et al.	May 1991	A
5048075	Katz	Sep 1991	A
5073929	Katz	Dec 1991	A
5091933	Katz	Feb 1992	A
5109404	Katz et al.	Apr 1992	A
5128984	Katz	Jul 1992	A
5179585	MacMillan, Jr. et al.	Jan 1993	A
5185787	Katz	Feb 1993	A
5218631	Katz	Jun 1993	A
5224153	Katz	Jun 1993	A
5239462	Jones et al.	Aug 1993	A
5251252	Katz	Oct 1993	A
5255309	Katz	Oct 1993	A
5259023	Katz	Nov 1993	A
5297197	Katz	Mar 1994	A
5299260	Shaio	Mar 1994	A
5311572	Friedes et al.	May 1994	A
5349633	Katz	Sep 1994	A
5351285	Katz	Sep 1994	A
5355406	Chencinski et al.	Oct 1994	A
5359645	Katz	Oct 1994	A
5365575	Katz	Nov 1994	A
5375161	Fuller et al.	Dec 1994	A
5442688	Katz	Aug 1995	A
5444774	Friedes	Aug 1995	A
5517558	Schalk	May 1996	A
5574776	Leuca et al.	Nov 1996	A
5594784	Velius	Jan 1997	A
5625680	Foladare et al.	Apr 1997	A
5634086	Rtischev et al.	May 1997	A
5666157	Aviv	Sep 1997	A
5675637	Szlam et al.	Oct 1997	A
5819029	Edwards	Oct 1998	A
5825856	Porter et al.	Oct 1998	A
5838768	Sumar	Nov 1998	A
5867562	Scherer	Feb 1999	A
5870464	Brewster et al.	Feb 1999	A
5872834	Teitelbaum	Feb 1999	A
5987118	Dickerman et al.	Nov 1999	A
6049602	Foladare et al.	Apr 2000	A
6058303	Astrom	May 2000	A
6070241	Edwards	May 2000	A
6094476	Hunt et al.	Jul 2000	A
6119084	Roberts et al.	Sep 2000	A
6144938	Surace	Nov 2000	A
6266640	Fromm	Jul 2001	B1
6275940	Edwards	Aug 2001	B1
6320956	Cherry	Nov 2001	B1
6359971	Haimi-Cohen	Mar 2002	B1
6370508	Beck	Apr 2002	B2
6401066	McIntosh	Jun 2002	B1
6493446	Cherry	Dec 2002	B1
6501956	Weeren	Dec 2002	B1
6604075	Brown	Aug 2003	B1
6650736	Unger	Nov 2003	B1
6738740	Barash	May 2004	B1

Continuations (1)

	Number	Date	Country
Parent	10108224	Mar 2002	US
Child	10156575		US

Methods, apparatus, scripts, and computer readable media for facilitating secure capture of sensitive data for a voice-based transaction conducted over a telecommunications network

Information

Patent Number

Date Filed

Date Issued

Inventors

Original Assignees

Examiners

Agents

CPC

US Classifications

Field of Search

US

International Classifications

Term Extension

Abstract

Description

Claims

Parent Case Info

US Referenced Citations (66)

Continuations (1)