Patent Grant
10447838
Communication devices enabled with central processing units (CPUs) such as smartphones have become ubiquitous communication platforms well suited to the needs of active people. As more business and social activities migrate to the high speed virtual digital world, it becomes ever more difficult for users to keep up even with the speed and power of modern mobile communication devices. For example, a user may establish and maintain business and social relationships via email, texting, digital voice communications, digital data transmissions, internet access and searching, and application support such as scheduling and calendaring.
While CPU-enabled communication devices and their supporting structures and applications have proven highly useful, their speed and power as well as their wide range of uses in business and social relationships by busy people have proven detrimental in that they create a rich environment for phone fraud.
Fraud perpetrated via phone is a serious and growing problem. Financial scams promulgated over the phone deceive victims into giving out credit card numbers, bank account identification, and other personal information that are then exploited by the caller. Senior citizens are particularly vulnerable to financial scams promulgated over the phone. One study estimated that there are at least 5 million cases of financial phone fraud in the United States each year. Of those, law enforcement or government officials learn about only 1 in 25 cases. Although such fraud is widely believed to be under-reported, a 2009 study by MetLife's Mature Market Institute estimates that seniors lose approximately $2.6 billion per year due to financial abuse. In view of the foregoing, a phone fraud management system would be beneficial.
This Summary introduces simplified concepts that are further described below in the Detailed Description of Illustrative Embodiments. This Summary is not intended to identify key features or essential features of the claimed subject matter and is not intended to be used to limit the scope of the claimed subject matter.
Described is a processor-based automated phone fraud management system that makes use of communication networks. A server based computer interacts with local communication devices to protect users by providing alerts based on the probability of a call being associated with phone fraud. The phone fraud management system enables a user to enter a “white list” of known good telephone numbers while the fraud management system maintains a “blacklist” of known or assumed telephone numbers that are associated with fraud agents. The phone fraud management system can also keep a “watch list” of telephone numbers associated with possible fraud agents. The phone fraud system monitors calls to identify fraud or potential fraud and adds telephone numbers suspected of being associated with fraudulent activity to the watch list and numbers assumed to be associated with a fraudulent activity to the blacklist. Alerts are provided to users and a user can “tag” an ongoing call as being associated with a fraud agent. The phone management system then tracks tagged telephone numbers and attempts to verify fraud based on other communications associated with that telephone number. The phone management system can be implemented to automatically disconnect fraudulent calls.
A process of managing telephone fraud includes detecting a phone communication on a communication device, the phone communication corresponding to a particular phone number; using a processor to compare the particular phone number to at least one list of phone numbers; and then providing an alert to a user through the communication device based on the comparison of the phone number to the at least one list.
Another method includes detecting a phone communication on a communication device, the phone communication corresponding to a particular phone number; analyzing the phone communication to determine a suspected fraudulent intent; and providing a notification to the user through the communication device based on the suspected fraudulent intent. The method can also include analyzing audio or a text transcription of the phone communication to determine the suspected fraudulent intent, and providing a notification to the user through the communication device based on the suspected fraudulent intent during the phone communication, and the analyzing can include determining the existence of a particular word, particular phrase, or a particular topic in the phone communication. The method can further include disconnecting or interrupting the phone communication responsive to determining that the phone communication corresponds to the suspected fraudulent intent and re-enabling the phone communication responsive to a user input via the communication device.
Another method includes interrupting a detected phone communication on a communication device corresponding to a particular phone number a first time based on a comparison of the phone number to a list of phone numbers, re-enabling the phone communication a first time responsive to a user input via the communication device, interrupting the phone communication a second time responsive to determining that audio in the communication corresponds to a suspected fraudulent intent, and re-enabling the phone communication a second time responsive to a user input via the communication device. The re-enabling the phone communication at the first time or the second time can be responsive to user input of a code via the communication device.
Yet another method includes receiving by a computing system an indication of a particular phone number from a plurality of communication devices, the phone number corresponding to voice communications flagged for fraudulent intent by users of the communication devices; determining using the computing system that the indications of the particular phone number exceed a particular threshold; then determining that the particular phone number corresponds to a particular voice communication in progress on a particular communication device; and providing an indication of an alert to the user of the communication device during the particular voice communication while the communication is in progress.
Still another method includes converting audio of the phone communication to text; comparing the text to a list of particular words or phrases; determining that the text corresponds to at least one word or phrase from the list of particular words or phrases; and providing an indication to a user through the communication device based on the determining that the text corresponds to at least one word or phrase from the list of particular words or phrases. Converted text can alternatively be run through a classifier that has been trained to detect fraudulent interactions, and an indication can be provided to a user based on a detected fraudulent interaction.
A network enabled system is provided including a communication device corresponding to a first user. The communication device is configured for detecting a phone communication on the communication device and transmitting via a network data corresponding to the phone communication during the phone communication. Further, a computing system is provided configured for receiving the data corresponding to the phone communication during the phone communication. The computing system uses a processor to analyze the data corresponding to the phone communication to determine a potential fraud, and provides an alert to a user through the communication device based on the analysis of the data corresponding to the phone communication.
A more detailed understanding may be had from the following description, given by way of example and from the accompanying drawings. The Figures in the drawings and the detailed description are examples and are not to be considered limiting. Like reference numerals in the Figures indicate like elements wherein:
Although features and elements are described above in particular combinations, one of ordinary skill in the art will appreciate that each feature or element can be used alone or in any combination with the other features and elements. Processes described herein may be stored on a non-transitory computer readable medium and implemented in a computer program, software, or firmware for execution by a computer or processor.
The terms “a” and “an” as used herein do not denote a limitation of quantity, but rather denote the presence of at least one of the referenced items. Any directional signal such as top, bottom, left, right, upper and lower are taken with reference to the orientation in the various figures.
As referred to herein, a “computing device” should be broadly construed. A computing device includes any processor-based device having memory suitable for receiving code from non-transitory computer readable media for implementing the subsequently disclosed fraud management system 200. Such devices may be a mobile device such as a smartphone, a cell phone, a pager, a personal digital assistant (PDA), a mobile computer with a smartphone client, a tablet computer or the like. A computing device can also be a conventional computer such as a laptop computer or a desktop computer.
The fraud management system 200 makes use of one or more telecommunications systems. Telecommunications may be performed using either a wired communication device such as a landline telephone or a wireless communication device. Wireless communication devices include devices such as a smartphone which are capable of sending and receiving voice communications using any protocol such as Internet Protocol or wireless application protocol (“WAP”).
The network 8 includes a sub-network 10 having a processor-controlled server 12 with access to a database 16 and to a communication system 18. The server 12 runs in accord with internal software 17, which causes the server 12 to implement its part of the fraud management system 200. Before being loaded onto the server 12 the software 17 is stored on a non-transitory media such as a data disk 19. The server 12 is also in communication with a local computer 20 with an optional display which may act as a data terminal or as an auxiliary computing device. The server 12 and its constituent elements are preferably implemented on one or more network connectable processor-enabled computing systems via hardware components and software components. The server 12 need not be implemented on a single system at a single location, but can be decentralized for example in a peer-to-peer configuration.
The communication system 18 supports bi-directional calls, text messages and data transfers. While
One aspect of the network 8 is its user interface capabilities. User interfaces may include input devices to manipulate associated processors and output devices for enabling a processor to present information. Examples include graphical user interfaces (GUI), sound outputs, flashing lights, keyboards, touch screens, mice, pads, voice recognition systems, and printers.
As noted, the communication system 18 supports data transfers and voice communications for users of the fraud management system 200. Still referring to
The database 16 and possibly the data disk 19 include one or more lists of telephone numbers associated with or suspected of being used for attempting or having committed telephone fraud. Table 1 illustrates such lists. Lists may be compiled from telephone company records or police department records, uploaded by the protected user 35, or learned as discussed subsequently. The lists can then be compared by the processor of the server 12 (or of the communication device 37) with telephone numbers of calls to identify the existence of a potential fraud agent 39. The server 12 then alerts the protected user 35 of potential fraud, optionally breaks the telecommunications by ending or interrupting the call, monitors the communications to identify potential fraud, or takes other actions to protect the protected user 35. A call interruption can be implemented by the fraud management application 148 for example by triggering an audio output on the device such as music to supplant audio from the call.
The fraud management system 200 also assists the protected user 35 to assess the nature of phone interactions that occur over the communication device 37 and to constructively deal with phone interactions that may have fraudulent intent.
Still referring to
Moving up the abstract hierarchical progression from the firmware 120 is an operating system 124. The operating system 124 provides a set of core software programs that manage the semiconductor hardware 102 and firmware 120 and implements common services required for application software. The operating system 124 includes a low-level “kernel” routine 126 that handles basic software integration to the firmware 120 and hardware 102 to implement underlying functions. In practice the kernel 126 is used across a family of communication devices. Over the kernel 126 is a set of core services 130 that while still basic may change from time to time or from family device to family device. The core services 130 are software functions that support the on-board services of the communication device 37. The core services may include software routines that support and enable the application framework, graphics, web support, messaging, location finding (GPS), system security, connectivity, telephony and a file system.
Overlaying the operating system 124 is a fraud management application 148. The fraud management application 148 is the part of the overall fraud management system 200 that resides on the communication device 37. The fraud management application 148 can be downloaded from the server 12 or from a third party provider. The operation of the fraud management application 148 depends on the existence and operation of the overall fraud management system 200.
Turning now to
The server 12 maintains both a “white list” of phone numbers that are considered safe by the protected user 35 and a “black list” of phone numbers that are known to be or are assumed to be associated with a fraud agent 39. The white list is created by the protected user 35 and is therefore specific to that user, and the black list is typically continually being revised either from new information received from a third party or as learned by the fraud management system 200 as discussed subsequently. In addition, the server 12 maintains a watch list of numbers that may be associated with a fraud agent 39. Table 1 below provides an example list.
Following receipt of the phone number the server 12 searches its listings, step 208. If the incoming phone number is not found on the white list, step 210, and is not found on the black list, step 212, the server 12 sends the communication device 37 a yellow alert which causes the communication device 37 to inform the protected user 35 that the status of the incoming phone number is not known, step 214. For example, the communication device 37 might flash a yellow warning sign on the screen or a tone may be created (reference
Upon receipt of the yellow alert, the communication device 37 records and forwards the phone call to the server 12, step 216. It is determined in step 218 whether to alert the caller that the call is being recorded, for example in view of state law requiring that recording of a phone call must be announced. If so, the communication device 37 provides a notification to the caller that the call is being recorded, step 219, for example including an audio announcement audible to the caller delivered substantially simultaneously with the commencement of recording. The recording is transmitted to the server 12 continuously in real-time or at particular time intervals while the call is in progress.
The server 12 stores the audio recording with a timestamp corresponding to the call initiation time (e.g., Apr. 5, 2015, 6:43 pm) and duration (e.g., 6 minutes, 23 seconds) step 220. The server converts the audio to text, step 222, which is also stored. The text is then analyzed, step 224, for content indicative of a fraudulent interaction. The server 12 can analyze to identify words or phrases, for example “credit”, “bank”, “loan”, “mortgage”, “social security”, “win/won”, “check”, “prize”, “sweepstakes”, “lottery”, “invest”, “investment”, “charity”, “donate”, home or auto “repair”, “foreclosure”, and “Nigeria”. Further, a trained classifier can be applied to converted text in making a determination of a fraudulent interaction. Text classification can be topic based to detect conversations around issues such as credit cards, bank loans, charity, investments or other monetary interactions. Further, a classifier trained to detect voice tones or other characteristics of the incoming calls such as area codes can be implemented to determine indications of a fraudulent communication. Stored audio recordings and text can be used in training or retraining of classifiers and can be rendered available to a user, for example for use in legal proceedings against fraudulent parties.
Following step 224, the server 12 classifies the call (or alternatively text message or other communication) as being fraudulent (or having a high probability of being fraudulent) or not fraudulent, step 226. If the determination is that the call is fraudulent a decision is made, step 228, to alert the user, step 250, and to determine if the call should be disconnected, step 252, and to disconnect the call if so determined, step 254, after which the call is logged, step 234. If the determination is that the call is not fraudulent a decision is made, step 228, to allow the protected user 35 an opportunity to override the fraud management system 200 and to flag the call as fraudulent, step 230. This can be accomplished by the protected user 35 pressing a button on the communication device 37, which then sends the flag to the server 12; reference the flag entry screen button 64 in
However, if the protected user 35 does flag the call at step 230 the fraud management system 200 logs the call as possibly being fraudulent, step 234. The phone number of the call (or alternatively text message or other communication) is then stored on the server 12 in the watch list as a number that may be associated with a fraud agent 39. Converted text of the call (or text of message or other communication) is also stored, which can be used for classifier training. As more users flag that phone number as fraudulent, the likelihood of the phone number being associated with a fraud agent 39 increases. Once the likelihood exceeds a threshold, the flagged phone number is transferred to the black list as a phone number known to be associated with a fraud agent 39. By requiring a plurality of flags from different users, the server 12 prevents a phone number from being blacklisted based on a malicious intent or erroneous flagging of the protected user 35.
After the call is logged in the fraud management system 200 at step 234, the fraud management system optionally sends a notification of possibly fraudulent activity to a third party, step 236. Examples of the third party include a relative of the protected user 35, a fraud hotline, the police, or a designated caretaker of the protected user 35. The fraud management system 200 then stops, step 232, and awaits the next call.
Referring now to both
Furthermore, if in step 212 the determination is that the phone number is on the black list, the fraud management system 200 proceeds by having the server 12 issue a fraud alert to the protected user 35, step 240. This is accomplished by the server 12 sending the communication device 37 an alert which then causes the communication device 37 to flash a red warning signal (reference
Still referring to both
While embodiments have been described in detail above, these embodiments are non-limiting and should be considered as merely exemplary. Modifications and extensions may be developed, and all such modifications are deemed to be within the scope defined by the appended claims.
| Number | Name | Date | Kind |
|---|---|---|---|
| 5828845 | Jagadish | Oct 1998 | A |
| 6529724 | Khazaka et al. | Mar 2003 | B1 |
| 6731746 | Usami | May 2004 | B1 |
| 7106843 | Gainsboro et al. | Sep 2006 | B1 |
| 7272633 | Malik et al. | Sep 2007 | B2 |
| 7313383 | Fujii | Dec 2007 | B2 |
| 7672845 | Beranek | Mar 2010 | B2 |
| 7849502 | Bioch et al. | Dec 2010 | B1 |
| 7869792 | Zhou et al. | Jan 2011 | B1 |
| 7899704 | Thompson | Mar 2011 | B1 |
| 7925690 | Smith et al. | Apr 2011 | B2 |
| 7996005 | Lotter et al. | Aug 2011 | B2 |
| 8185953 | Rothstein et al. | May 2012 | B2 |
| 8249627 | Olincy et al. | Aug 2012 | B2 |
| 8279808 | Sing et al. | Oct 2012 | B2 |
| 8315597 | Olincy et al. | Nov 2012 | B2 |
| 8369838 | Mallavarapu et al. | Feb 2013 | B2 |
| 8503994 | Sanjeev | Aug 2013 | B1 |
| 8521132 | Washio | Aug 2013 | B2 |
| 8661123 | Nishiyama | Feb 2014 | B2 |
| 8768286 | Naboulsi | Jul 2014 | B2 |
| 8774785 | Kirchhoff | Jul 2014 | B1 |
| 20020049806 | Gatz et al. | Apr 2002 | A1 |
| 20030012346 | Langhart | Jan 2003 | A1 |
| 20030126267 | Gutta et al. | Jul 2003 | A1 |
| 20030216138 | Higuchi et al. | Nov 2003 | A1 |
| 20040111479 | Borden et al. | Jun 2004 | A1 |
| 20050096009 | Ackley | May 2005 | A1 |
| 20060079201 | Chung | Apr 2006 | A1 |
| 20070030842 | Borden | Feb 2007 | A1 |
| 20070041545 | Gainsboro | Feb 2007 | A1 |
| 20070263843 | Foxenland | Nov 2007 | A1 |
| 20070277224 | Osborn et al. | Nov 2007 | A1 |
| 20080005325 | Wynn et al. | Jan 2008 | A1 |
| 20080066020 | Boss et al. | Mar 2008 | A1 |
| 20080176585 | Eldering | Jul 2008 | A1 |
| 20080177834 | Gruhl | Jul 2008 | A1 |
| 20080270038 | Partovi et al. | Oct 2008 | A1 |
| 20090125499 | Cross et al. | May 2009 | A1 |
| 20090260064 | McDowell et al. | Oct 2009 | A1 |
| 20090327150 | Flake et al. | Dec 2009 | A1 |
| 20100042684 | Broms et al. | Feb 2010 | A1 |
| 20100076274 | Severson | Mar 2010 | A1 |
| 20100077444 | Forristal | Mar 2010 | A1 |
| 20100158213 | Mikan | Jun 2010 | A1 |
| 20100161369 | Farrell et al. | Jun 2010 | A1 |
| 20100211694 | Razmov et al. | Aug 2010 | A1 |
| 20100246797 | Chavez et al. | Sep 2010 | A1 |
| 20100278320 | Arsenault | Nov 2010 | A1 |
| 20100330972 | Angiolillo | Dec 2010 | A1 |
| 20110045868 | Sheha et al. | Feb 2011 | A1 |
| 20110055546 | Klassen et al. | Mar 2011 | A1 |
| 20110117878 | Barash et al. | May 2011 | A1 |
| 20110125844 | Collier et al. | May 2011 | A1 |
| 20110208822 | Rathod | Aug 2011 | A1 |
| 20110218884 | Kothari et al. | Sep 2011 | A1 |
| 20110289161 | Rankin et al. | Nov 2011 | A1 |
| 20120015639 | Trivi | Jan 2012 | A1 |
| 20120047448 | Amidon et al. | Feb 2012 | A1 |
| 20120047560 | Underwood et al. | Feb 2012 | A1 |
| 20120083287 | Casto et al. | Apr 2012 | A1 |
| 20120102008 | Kaariainen et al. | Apr 2012 | A1 |
| 20120149352 | Backholm et al. | Jun 2012 | A1 |
| 20120151045 | Anakata et al. | Jun 2012 | A1 |
| 20120151046 | Weiss et al. | Jun 2012 | A1 |
| 20120151047 | Hodges et al. | Jun 2012 | A1 |
| 20120180135 | Hodges et al. | Jul 2012 | A1 |
| 20120226704 | Boland et al. | Sep 2012 | A1 |
| 20120233256 | Shaham et al. | Sep 2012 | A1 |
| 20120315880 | Peltrow et al. | Dec 2012 | A1 |
| 20130143521 | Hernandez et al. | Jun 2013 | A1 |
| 20130143528 | Randazzo et al. | Jun 2013 | A1 |
| 20130217331 | Manente | Aug 2013 | A1 |
| 20130282889 | Tito | Oct 2013 | A1 |
| 20130303106 | Martin | Nov 2013 | A1 |
| 20150163664 | Martin | Jun 2015 | A1 |
| Number | Date | Country |
|---|---|---|
| 2011135328 | Jul 2011 | JP |
| Number | Date | Country | |
|---|---|---|---|
| 20150288791 A1 | Oct 2015 | US |
