This application relates to a method and apparatus for detection of fraudulent usage of mobile communications in general, and cellular telephone fraud in particular.
Cellular telephone fraud has become a significant factor in the mobile communications market. High-tech thieves are able to detect the identification codes assigned to legitimate telephone users, and then program these same codes into additional phones. Because the basic cellular system was set up to initiate a call based upon receipt of only these identification codes, many fraudulent calls may be completed before a heavy-usage report triggers detection of the fraudulent "cloning" of a user's number.
Various solutions to this problem have been proposed. One solution which has been implemented in some cellular markets is the use of a personal identification number (PIN). The legitimate cellular subscriber inputs his PIN as part of the call initialization procedure. This number is checked against a stored value in the central office of the mobile telephone system, and the call is initiated only if the transmitted PIN matches the stored value.
This approach has some success in reducing the level of cloning. Moreover, it is advantageous because it works with existing telephones since all the programming and hardware modifications needed can be done at the central office location. This approach is not, however, without its problems. First of all, many customers dislike having to press additional digits as part of each call, while others simply have trouble remembering their PIN, requiring frequent modification of phone company records to provide modified PIN's.
There is also the problem that the PIN is dialed at a time when the call is already counted by the system as having begun. Thus the user is already paying for the call at the time when the system requests dialing of a PIN code. This increases the total cost of each cellular telephone call.
Forcing a customer base of users who previously were able to place calls without having to worry about PIN codes to start dialing PIN codes is not easy, but it is particularly troublesome for the users who place data or fax calls using a modem connected to a cellular telephone. With many data or fax systems it is not easy to add a PIN code to the dialing sequence. Typically one has to blindly introduce a fixed delay in the dialing string prior to generating the PIN tones, while the actual delay prior to the system's request that the user dial a PIN code varies unpredictably and may be shorter or longer than the fixed delay. And with some modem/cellular connections it is simply impossible to program the modem to generate DTMF tones after the modem equivalent of the "send" key has taken place.
The security benefit of PIN codes is limited. The ESN and mobile telephone number are transmitted unencrypted over a cell control channel, and it is the monitoring of this channel that permits most present-day phone-cloners to accomplish their nefarious ends. The PIN code, in contrast, is transmitted over a voice channel, and the particular voice channel used is determined on the fly in a negotiation that takes place between the cell site and the phone, over the control channel. Thus, a determined phone-cloner would have to develop gear that not only copies down the data flowing over the control channel, but would also have to monitor the appropriate voice channel to learn the PIN code. Thus, the use of a PIN code only protects against fraudulent calls placed by phone-cloners who are unable to monitor two channels at the same time. With the ever increasing numbers of cellular phones, however, the total number of opportunities is large and cloning remains a problem.
Other solutions, generally of much greater complexity, to the problem presented by cloning has also been suggested. For example, U.S. Pat. No. 5,335,265, which is incorporated herein by reference, describes a system which detects cloning by isolating "temporal and spatial anomalies" in the telephone usage pattern. This system stores information about the location and times of calls being made on a subscriber number and then checks subsequent calls to determine if they could reasonably be made with the same telephone. For example, calls that originate only several minutes apart, but hundreds of miles apart, would trigger a fraud alert in the system. This system, like the use of PIN numbers, has the advantage that it requires no modification to equipment already in the field. On the other hand, many subscribers would consider it an infringement on their privacy to have such detailed records kept on their calling patterns. Moreover, the volume of data storage space required for such a system and the hardware necessary to make this stored data available to cellular service providers throughout the country could well be prohibitive.
A similar system is described in U.S. Pat. No. 5,309,501, which is incorporated herein by reference. In this system, certain system states such as the attachment/detachment status of a mobile unit, service request and cancel location are stored at the central office, and any incoming requests from the same phone are checked for "unlikely events." Examples of "unlikely events" include attempting an attachment (detachment) when the identified mobile unit is already attached (detached), receipt of a service request while the unit is detached; or receipt of a cancel location message when a call is in progress. Again, this system requires no update of equipment in the field. It does, however, require substantial data storage. Moreover, this system, like that described in U.S. Pat. No. 5,335,265 provides only an administrative warning, and does not provide an immediate mechanism for refusing to initiate a call on the fraudulent phone while maintaining service to the legitimate phone using the same access codes.
It is the object of the present invention to provide a reliable, yet relatively uncomplicated system for increasing the security of cellular phone system which operates without the need for user participation.
It is a further object of the present invention to provide such a system which permits immediate detection and refusal of fraudulent calls, while permitting continuing service to the legitimate user.