In the case of private branch exchanges (PBXs) for telecommunications having a large number of extension stations used by different persons, but also in the case of mobile terminals such as cell phones, there exists the problem of abuse by unauthorized third parties or by unauthorized employees of a company. For example, personal conversations are frequently held via PBX lines of large corporations at the employer's expense. Moreover, when telephone calls are made from a stolen or lost mobile telephone, the account of the lawful owner is always charged without the owner being able to directly prevent this.
To prevent unauthorized use in private branch exchanges, methods are known in which the user of a terminal must enter an access code to be able to make an interoffice call and/or to dial specific outside numbers. In these methods, the subscriber enters a personal access code (PIN) via the keypad of the terminal, the access code being evaluated by the private branch exchange and compared with a table of authorized names. This method also makes it possible to allocate the incurred charges to specific individuals. Once the subscriber's authorization has been established in this manner, the corresponding PBX line is enabled to establish an interoffice or long-distance connection.
However, due to the additional time required, this method of entering a code before each call is very cumbersome and is not practical for PBX lines from which many calls are made regularly, e.g., a secretary's office or a senior executive's office. For that reason, such lines are frequently exempted from the access verification so that any person can call from them at any time and the problem of unauthorized use persists.
An additional known method is to detect unauthorized use after the fact by analyzing the call durations, the direction, and the subscriber or the number called. For this purpose, the private branch exchange logs the calls made, the call destinations, call duration, and the associated PBX line. A similar verification takes place in the network management system of a public switched telephone network. For example, all calls lasting longer than a predetermined duration are checked for the call destination later or during the connection. An unauthorized use can be detected if the call destination cannot be assigned to a predetermined group of telephone numbers, which, for example, are assigned to the company's customers. Individual PBX lines such as those of senior executives can be exempted from checking for unauthorized use in this case also.
However, even with this type of checking for unauthorized use, only line-specific determination of an unauthorized use is possible. Those cases in which the same person improperly uses different terminals without authorization cannot be detected. Moreover, the unauthorized use can only be detected after the fact; an unauthorized call cannot be prevented.
U.S. Pat. No. 5,623,539 relates to a device and a method for monitoring a telephone connection for unauthorized use. For this purpose, voice samples of all of the persons who are authorized to use the telephone connection are stored. During a conversation conducted over the telephone connection, the transmitted voice data is tapped and broken down via suitable means into individual voice samples, each of the thus-obtained voice samples corresponding to the voice of one of the conversation participants. These voice samples taken from the telephone conversation are compared to the stored voice samples. The telephone connection is only accepted as authorized when a sufficient match between at least one of the stored voice samples and at least one of the voice samples obtained from the telephone conversation is determined.
U.S. Pat. No. 5,093,855 relates to a method and a device for speaker recognition in a telephone switching exchange, where tapped speech samples are supplied via the telephone line to the exchange, where they are compared to previously stored speech samples. If the speaker is recognized, a first signal is emitted, otherwise, a second signal is emitted.
The publication “Speaker Identity Verification over Telephone Lines: Where we are and where we are going” by T. C. Feustel and G. A. Velius, International Carenaham Conference, Zurich 1989, addresses voice recognition and the security, e.g., against unauthorized telephone use, that it can provide. In this context, the possibility to increase security by combining voice recognition and the use of passwords or PINs is also mentioned.