Fraudulent use of communication networks is a problem of staggering proportions. Using telecommunication networks as an example, costs associated with fraud are estimated at billions of dollars a year and growing. Given the tremendous financial liability, the telecommunication industry continues to seek ways for reducing the occurrence of fraud while at the same time minimizing disruption of service to legitimate subscribers.
Although there are many forms of telecommunication fraud, two of the most prevalent types or categories of fraud in today's networks are theft-of-service fraud and subscription fraud. For example, theft-of-service fraud may involve the illegitimate use of calling cards, cellular phones, or telephone lines, while subscription fraud may occur when a perpetrator who never intends to pay for a service poses as a new customer. Subscription fraud has been particularly difficult to detect and prevent because of the lack of any legitimate calling activity in the account that could otherwise be used as a basis for differentiating the fraudulent activity. In either case, losses attributable to these types of fraud are a significant problem.
Many companies boast of superior fraud detection in their product offerings; however, the fact remains that a comprehensive fraud management system does not exist which addresses the operational and economic concerns of service providers and customers alike. For example, a common disadvantage of most systems is that detection of fraud occurs after a substantial amount of fraudulent activity has already occurred on an account. Moreover, some fraud prevention measures implemented in today's systems, which are based solely on inaccurate detection mechanisms, can be quite disruptive to the legitimate customer. As a result, customer "churn" may result as customers change service providers in search of a more secure system.
In general, the shortcomings of prior systems are readily apparent in terms of the amount of time that is required to detect and respond to fraud. For example, fraud detection based on customer feedback from monthly bills is not an acceptable approach to either service providers or customers. Automated fraud detection systems based on "thresholding" techniques are also not particularly helpful in managing fraud on a real-time or near real-time basis. For example, thresholding typically involves aggregating traffic over time (e.g., days, weeks, months), establishing profiles for subscribers (e.g., calling patterns), and applying thresholds to identify fraud. These systems are not viewed as being particularly effective because legitimate users can generate usage that exceeds the thresholds and the amount of fraud that can occur prior to detection and prevention is high (see, e.g., U.S. Pat. No. 5,706,338, "Real-Time Communications Fraud Monitoring System" and U.S. Pat. No. 5,627,886, "System and Method for Detecting Fraudulent Network Usage Patterns Using Real-Time Network Monitoring").
Although speed in detecting fraud may be improved by using technologies such as neural networking, statistical analysis, memory-based reasoning, genetic algorithms, and other data mining techniques, improved fraud detection alone does not completely solve the problem. In particular, even though systems incorporating these techniques may receive and process individual call data on a near real-time basis in an attempt to detect fraud, these systems still do not respond to the detected fraud on a real-time or near real-time basis. In one example, a system may generate an alert to an investigator in a fraud, network monitoring or operations center. However, an alert becomes part of an investigation queue and will generally not be examined or acted upon immediately, thereby resulting in a significant amount of latency in responding to the detected fraud. Because of the reactive nature of these systems in responding to detected fraud, a considerable amount of financial loss is still incurred by service providers and customers after the alert is generated. Furthermore, automated prevention based on inaccurate detection will result in the disruption of service to legitimate subscribers.
Various forms of authentication-based systems have also been proposed for use in combating fraud. Voice verification is one such authentication technique in which a caller's voice sample is compared with a previously stored voice print. Although voice verification may meet some of service providers' requirements for reducing fraud, the prior art systems implementing this type of authentication technique have significant disadvantages in terms of the disruption in service to legitimate subscribers. In particular, interrupting each call during call setup to perform voice verification is a nuisance to legitimate subscribers and an unnecessary waste of call processing and fraud prevention resources. Furthermore, this type of authentication scheme can introduce a substantial amount of costs and unnecessary delay in processing calls in the network.
One specific example of a fraud prevention system employing voice verification is described in U.S. Pat. No. 5,623,539. In this example, a line is constantly monitored, transparent to the users, and voice signal analysis is used to determine whether at least one participant in the telephone conversation is legitimate. More specifically, voice signal analysis is used to segregate speech information of the parties and compare this information with stored voice print information. In addition to the above shortcomings, this system is also highly impractical both in terms legal and social aspects (e.g., invasion of privacy) as well as technical and operational issues (e.g., activated all the time, calls must already be in progress, etc.).
Another example of an authentication-based system is the Roamer Verification Reinstatement (RVR) feature in wireless networks. Some RVR implementations use voice verification when a caller attempts to use service outside of his or her home calling area. Although this authentication technique is less intrusive than the previous example, RVR cannot effectively address fraudulent use of the system within the home area because it is based on initial startup conditions (e.g., outside home area) instead of some form of fraud scoring.