Field of the Invention
At least one embodiment of the invention relates to a method and system for preventing fraudulent use of a telephone system. In particular the invention relates to a fraud prevention system in private branch exchange (PBX) systems.
Description of Related Art
As telephony systems are developed, an increasing number of techniques are used to make fraudulent use of such systems, whether for financial gain or for concealed information exchanges. Known techniques may be as simple as using stolen payment card details to charge calls, and may be as complex as call looping techniques which involve repeatedly calling a private branch exchange (PBX), finding a correct sequence of digits to access an outside line (by trial and error or other hacking techniques) and then placing a costly long distance call through the PBX system. Regardless of the type of fraud, the telecommunications industry is involved in an intensive and ongoing effort to identify different types of fraud and to develop and implement ways of preventing such fraud.
In the above context, PBX fraud, which is colloquially known as “hacking” or “dial through”, is increasing both in volume and sophistication. It is known for organised criminals to gain access through PBX systems in order to resell long distance telephone calls at discounted rates, or to generate high volumes of telephone calls to revenue-sharing numbers. Reports from the Irish Garda Bureau of Fraud Investigation indicate that in 2008, Irish firms were dispossessed of up to 75 millions per year through PBX fraud, and the problem has been estimated at up to US$8 billion globally.
Methods and systems for inhibiting fraud are known, which generally consist of identifying a call as likely to be fraudulent, and permitting an appropriate action about relevant, identified calls. For instance, a fraud analyst may rely upon billing detail records (BDRs) and call detail records (CDRs), which contain information pertaining to calls: each BDR and CDR contains an originating number (where the call is from), a terminating number (where the call is to) and a billing number (where the cost of the call is charged to). For example, a call is likely to be fraudulent if it is made using a calling card that has been reported stolen by the owner, and the fraud analyst may thus rely on BDRs to validate call attempts in an effort to identify a fraudulent call, and upon CDRs for responding to fraud when a call has been completed. Such methods are cumbersome and reactive.
Many security improvements have been devised and implemented into PBX systems to try and combat fraud, including solutions capable of alerting an administrator that the PBX has been compromised, wherein the fraudulent use can be stopped as soon as the administrator receives the alert and locks down the PBX. For instance, fraud prevention techniques respectively disclosed in U.S. Pat. No. 5,805,686, U.S. Pat. No. 5,504,810 and US Patent publication US2004234056 detect fraudulent calls by comparing either the originating numbers or the terminating numbers of incoming calls with the originating numbers or the terminating numbers of outgoing calls: if calls have a terminating number of the incoming call being the same as the originating number of the second call, a fraudulent call loop may be in place and the call may be disconnected.
Such techniques remain flawed in some respects. For instance, such systems may not detect a hacker who breaks into a PBX on one line, finds an outside line with a different originating number, and calls another terminating number. Such system also depend upon client-specific configurations and manual intervention at the response stage whereby, if the administrator does not act immediately to a notification, or if a hacker finds a route through the PBX which requires engineering skills to disable the port in use, the fraud will continue until the port is locked down. A further problem with PBX fraud is that it typically occurs over a weekend or at night when there is no administrator available.
A technique improving on the above is disclosed in International Patent publication WO2010/149373, which describes a system for monitoring telephone calls on a plurality of inbound and outbound voice channels made to and originating from a common private branch exchange (PBX) to detect fraudulent activity. A window of audio data samples captured from a first ‘red’ outbound domain of the PBX is compared against windows of samples captured from all channels on a second ‘green’ inbound domain of the PBX. If a number of samples are exactly or substantially the same, then the green channel which matches the red channel is considered to be a fraudulent version of the red channel, and is blocked.
This further system advantageously automates the detection and blocking of fraudulent calls within a PBX, relative to earlier systems described above, but still exhibits distinct disadvantages. In particular, the green channel must not have undergone any audio manipulation (such as gain control or transcoding) or the detection fails. Resilience to audio manipulation may be improved by introducing an automatic gain control (AGC) element to the technique. However, with a window size of 4096 samples and a slide of 30 samples, which accommodates a delay of nearly 4 ms at 8 kHz sampling, the WO2010/149373 technique already requires about 40 seconds to detect a fraudulent call, if 30 red channels are compared against 30 green channels, and the addition of an AGC component would lead to a significant rise in detection time, since the computational load imposed by the algorithm rises geometrically as the number of channels to test increases. It can therefore be appreciated that the WO2010/149373 system can only be scaled at a significant computational expense, with sub-optimal time performance.
An improved method of preventing fraud in a private branch exchange of a telecommunications network is therefore required, and a system embodying this method, which mitigate at least the above shortcomings of the prior art.