The invention generally relates to a wireless communication network, and more particularly, relates to an improved authentication center (AC) component in a wireless communication network.
Wireless communication is one of the fastest growing segments of the telecommunication industry. With the mobility of the wireless devices, such as cellular phones and pagers, a subscriber to a wireless service can make or receive a call, or receive a message without being restricted to any particular locations. Because of the convenience provided by wireless devices, they have been widely used by average consumers.
Airtime fraud is a costly problem for wireless communications providers (also called "operators"). Callers (also called "subscribers") can gain unauthorized access to cellular networks by "cloning" legitimate cellular phones (also called "handsets," "Mobile Stations," or "MSs"). The cloning process duplicates the memory contents of a legitimate cellular phone so that the clone cellular phone appears to be legitimate to the rest of the system. In certain high crime areas, large numbers of cellular phone calls are estimated to be placed from cloned handsets. The challenge to cellular telephone companies lies in determining whether a handset communicating with the system is a legitimate handset or a clone.
In the past, operators could only detect fraudulent access after the fact. The detection process involved labor-intensive post-call analysis and did not stop cloned handsets from fraudulently obtaining service. Currently, many conventional cellular systems include one or more Authentication Center (AC) portions. When a calling person activates a handset, the AC checks the profile of the person who is registered for the handset. The AC then initiates a challenge to the handset. If the handset's response matches the AC's challenge, network access is granted. Otherwise, access is denied. The authentication process greatly reduces airtime losses and serves as a deterrent to the crime of cloning.
In many cellular phone systems, the AC performs authentication in connection with the following events: registration (when a phone roams into a new area); origination of a call; flashing (which involves, e.g., three-way calling, call waiting, or paging); and call termination. In general, the MSC (Mobile Switching Center) associated with the area of the handset being authenticated sends an authentication request (AUTHRQST) message to the AC for each of these events.
To further authenticate handsets, conventional ACs periodically send "Shared Secret Data (SSD) update" messages and "unique challenge" messages to MSC/VLRs in the system. These messages (also called "authentication messages") are defined in the ANSI IS-41 standard produced by TIA/EIA for cellular telephones, which is herein incorporated by reference.
Most systems include MSC/VLRs from various vendors and not all the MSC/VLRs in a system operate in the same way. For example, the MSC/VLRs of some vendors perform SSD updates and unique challenge operations via a radio control channel in an connected base station, which communicates with the handset. The MSC/VLRs of other vendors use a voice channel already in use by the system. To preserve precious resources, systems using a voice channel will perform SSD updates and unique challenges only when a call is in progress and a voice channel is currently assigned to the mobile handset. Thus, for example, in conventional systems, the AC sends an order to perform an operation such as an SSD update or a unique challenge in response to an AUTHRQST message during registration of a handset. If base stations assigned to an MSC/VLR in whose region the handset is located use a voice channel, the MSC/VLR will not perform the operation because no voice channel is yet assigned. The MSC/VLR will, however, send a message notifying the AC that the operation was not attempted. Similarly, when a voice call is in progress, if the AC sends an order to perform one of these operations to an MSC/VLR whose base stations use the control channel for responses, the MSC/VLR will not perform the operations. The MSC/VLR will, however, send a message notifying the AC that the operation was not attempted. In both cases, the notification sent by the MSC/VLR creates additional traffic in the system and misappropriates precious network resources.
Although ACs of conventional systems order SSD update and unique challenge operations any time the need for them is detected, such conventional systems do not take into consideration that the MSC/VLRs are not always in a position to perform these operations. What is needed is a way to reduce traffic caused by these extra messages.