Automated and selective intervention in transaction-based networks

Abstract

Fraud losses in a communication network are substantially reduced by automatically and selectively invoking one or more authentication measures based on a fraud score that indicates the likelihood of fraud for that particular call or previously scored calls. By selectively invoking authentication on only those calls that are suspected or confirmed to be fraudulent, fraud prevention can be achieved in a way that both reduces fraud losses and minimizes disruptions to legitimate subscribers. Using telecommunication fraud as an example, a subscriber is registered in a system by collecting data on that subscriber based on the particular authentication method being used, such as shared knowledge (e.g., passwords), biometric validation (e.g., voice verification), and the like. Once registered, the authentication function for the subscriber's account is activated and subsequent calls are then scored for the likelihood of fraud during the call setup request phase. Fraud scoring estimates the probability of fraud for each call based on the learned behavior of an individual subscriber and the learned behavior of fraud perpetrators. If fraud is not suspected based on the fraud score, then normal call processing can resume without the need for authentication. If fraud is suspected based on the fraud score, then the system automatically invokes authentication. If authentication indicates suspicion of fraud, e.g., voice prints do not match, then the call may be either be blocked or referred for other appropriate prevention measures, e.g., intercepted by an operator. If fraud is not indicated by authentication, then normal call processing may resume.