This invention relates to telecommunications, and in particular, to the substantial prevention of the fraudulent use of a wireless unit that is roaming in a visited wireless communications system.
A distinguishing feature of humans as a species is our ability to communicate with each other. Our methods of communication have become ever more sophisticated and have led to the development of wireless communications. Generally, wireless communications are communications that are transmitted through the use of radio frequency (RF) technology. Wireless communications include communications that are transmitted through the use of wireless units such as cellular telephones, mobile telephones, car phones, personal communication service (PCS) units, pagers, and the like.
A wireless unit is particularly useful to a person on the move. For example, a person may use his or her wireless unit while driving a car. The wireless communications service to the person""s wireless unit is provided typically by a service provider that may also be referred to herein as a carrier. Typically, a person who obtains wireless communications service from a service provider is generally referred to herein as a subscriber, a customer, or a user. A subscriber may make or receive communications with his or her wireless unit. The term xe2x80x9ccommunicationxe2x80x9d is used herein to refer to any call, message, announcement or other exchange of data or information, whether analog or digital, that may be received on a wireless unit or transmitted from a wireless unit, and/or may be received or transmitted from a wireless unit that is operating as part of any other device such as a computer, or the like.
When a user initiates a communication on his or her wireless unit, a base station in or serving a predetermined geographic area wherein the subscriber is located receives the communication. The geographic area that is served with wireless communications service is referred to herein as the service area of the service provider. The service provider typically operates a wireless communications network or system to provide wireless communications service to the geographic area. The wireless communications network includes the referenced base station, and other elements such as the mobile switching centers (MSCs). The wireless communications network also includes elements that interface with the public switched telephone network (PSTN), and other networks and systems so as to provide for communications between and among parties using wireless units, using wireline units, or other communications devices.
Upon receipt of a communication from a wireless unit of a user, the base station transmits the communication to a mobile switching center (MSC) (sometimes referred to as a mobile-service switching center or mobile telecommunications switching office (MTSO)). In response to the receipt of the communication, the MSC further routes the communication as appropriate. This routing may take the communication to and through the PSTN, to and through the same wireless communications system, to and through another wireless communications system, to and through another type of communications system, or combinations thereof.
In addition to making a call, a subscriber may receive a communication on his or her wireless unit from a caller. The caller directs his or her communication to the number associated with the subscriber""s wireless unit, which is referred to herein as the mobile number (MN) of the wireless unit. The mobile number may be the mobile identification number (MIN) of the wireless unit. The communication is routed through the PSTN, through other networks, and/or wireless communications systems until the communication reaches the MSC serving the subscriber""s wireless unit. This MSC may be referred to as the serving MSC or the serving switch. The serving MSC then further routes the communication to the wireless unit.
As noted, a wireless unit is particularly useful when a subscriber is on the move such as when the subscriber is driving a car. The subscriber""s mobility may take the subscriber out of the service area served by the service provider from whom the subscriber subscribes. In other words, the subscriber""s mobility may take the subscriber out of his or her home service area served by his or her home service provider or home carrier. The subscriber may move so as to be located in another service area that is served by a different service provider with whom the subscriber has no business relationship. The subscriber is said to be xe2x80x9croamingxe2x80x9d out of his or her home service area and may be referred to as a xe2x80x9croamerxe2x80x9d, xe2x80x9croaming subscriberxe2x80x9d in a visited service area that is served by a visited system.
To provide a roaming subscriber with communications service, service providers have agreed to follow certain procedures in the processing of communications with respect to each other""s subscribers. Generally, a roaming subscriber is validated and may be authenticated by the visited system, which also may be referred to as the visited service provider. Both of these processes (validation and authentication) are used to prevent fraudulent use of wireless units and for other reasons. General descriptions of these processes and other information about wireless communications systems may be found in the book entitled Cellular and PCSxe2x80x94The Big Picture by Lawrence Harte, Steve Prokup and Richard Levine (McGraw-Hill 1997).
Generally, in validation, when a wireless unit initiates a communication in a service area other than its home service area, the visited system serving that visited service area attempts to find the wireless unit""s identification (also referred to as registration information) in the visitor location register (VLR) of an appropriate MSC in the visited system (MSC-V). If the visited system does not find the identification, then the wireless unit is determined to be not registered with the visited system. Prior to being provided with communications service in the visited system, a wireless unit typically needs to be registered in the visited system.
To register the wireless unit in the visited system, the MSC-V takes certain actions. Using the wireless unit""s identification (which generally may include its mobile number, and electronic serial number (ESN), and/or mobile identification number (MIN)), the visited system sends a message to the wireless communications system (xe2x80x9chome systemxe2x80x9d) which generally provides wireless communications service to the subscriber. The message from the visited system to the home system is a message requesting validation of the visiting wireless unit. The home system typically checks a home location register (HLR) in an appropriate MSC (MSC-H) of its system, and compares the identification regarding the wireless unit to determine if the wireless unit is valid. If the wireless unit is valid, then the HLR of the home MS,C (MSC-H) responds to the serving MSC in the visited system that the validation was successful or positive. The HLR in the home system generally keeps track of the information about the location of its subscriber in a visited system for use in the future routing of calls, etc.
After the serving MSC in the visited system receives confirmation that the visiting wireless unit is valid, the communication initiated by the visiting wireless unit is processed. The VLR of the serving MSC may then temporarily store the visiting wireless unit""s information to validate the identity of the wireless unit itself rather than requesting validation from the home system again for the next call from that wireless unit.
The above-described processes of registration including validation of a roaming wireless unit with its home system are efforts that have been generally put into place to assist in the prevention of the fraudulent use of wireless units. Despite these efforts, wireless units, and in particular, wireless units roaming in visited systems are being fraudulently used.
One of the drawbacks of the above-described validation processes is that typically the validation processes cannot detect illegally cloned wireless units or other fraudulent uses of a wireless unit. To combat such fraudulent uses of a wireless unit, a process generally referred to as xe2x80x9cauthenticationxe2x80x9d of a wireless unit has been used. Authentication is the exchange and processing of information to confirm a wireless unit""s identity and association with a particular subscriber.
An example of authentication is now described with respect to a wireless unit that enters a visited system. The visited system searches for the wireless unit""s identification in its VLR and determines that the wireless unit is not registered. The visited system uses the wireless unit""s identification (or other information such as authentication information obtained from the wireless unit) to request authentication of identity from the subscriber""s home system. The request for authentication may be, separate or may be combined with the request for validation. With respect to authentication, the home system may check an HLR in an appropriate MSC-H of its system and compare the wireless unit""s identification or authentication information to stored information to determine if the wireless unit is authentic.
Alternatively, or in addition, the home system or the visited system may check with an authentication center (AC) to determine if the wireless unit is authentic. An authentication center may be an entity of either the home or visited system, or a separate entity. Generally, an authentication center maintains a database, tables, or the like with respect to the identities of wireless units that are served by the AC. When called upon, the AC compares the identification and/or authentication information which has been provided to the AC with respect to a particular wireless unit, and determines whether the particular wireless unit is authentic based on the comparison.
If the wireless unit is determined to be authentic (whether by the visited system, home system, and/or an AC), then this information is provided to the visited system. The visited system may store for a period of time authentication information relating to the wireless unit in a VLR of an appropriate MSC-V. The visited system then may use this stored authentication information rather than contact the home system and/or an AC again. If the wireless unit is validated and determined to be authentic, then the visited system generally provides communications service to the wireless unit.
If the wireless unit is determined to be in authentic (whether by the visited system, home system, and/or an AC), then this information also is provided to the visited system. In response to the finding of a lack of authenticity of the wireless unit, the visited system may deny communications service to the wireless unit, or the visited system may take other actions with respect to the wireless unit.
But the above-described processes have been considered to be insufficient to prevent the fraudulent uses of a wireless unit, and especially, to substantially prevent the fraudulent uses of a wireless unit roaming in a visited system.
Accordingly, there is a need for methods and systems that provide additional safeguards so as to substantially prevent the fraudulent uses of a wireless unit, and especially as the wireless unit roams in visited systems.
The present inventions include methods, systems, and apparatus that substantially prevent the fraudulent use of wireless units roaming in visited systems. Pursuant to these inventions, a visited mobile switching center (MSC-V) carries out a registration of a wireless unit that is roaming in the visited system. After successful registration, the MSC-V implements at least the denial of originating communication service to the wireless unit. In other words, the wireless unit is allowed to receive calls, but is not allowed to make calls. Advantageously, the present, inventions substantially prevent the fraudulent use of wireless units roaming in visited systems by requiring such units to undergo a verification or authentication process prior to being allowed to make calls.
In particular, as a first action in the authentication process of a wireless unit roaming in a visited system, the wireless unit provides a code and identification information in a call. The MSC-V recognizes the code as a feature request (or the like) with respect to a network element. The MSC-V routes the feature request including the identification information to the network element. In response to receipt of the identification information, the network element checks whether the wireless unit is a verified or authentic unit. If the wireless unit is a verified unit, then the network element responds to the MSC-V with a verification in a feature request response. Based on the verification, the MSC-V removes the denial of originating communication service with respect to the wireless unit. In other words, based on the verification, the MSC-V allows the wireless unit to initiate a call.
In sum, the inventors have determined that fraudulent use of wireless units roaming in a visited system occurs most often with respect to wireless units that are used to fraudulently to make (rather than to receive) calls. Thus, the present inventions implement an authentication or verification process that must be successfully negotiated prior to a wireless unit roaming in a visited system being allowed to make a call.