1. Field of the Invention
The invention generally relates to the field of telecommunications and in particular to systems and methods that are able to both authenticate correct and true caller ID information, and detect fraudulent and spoofed caller ID information. The invention also uses authenticated caller ID information in conjunction with lists such as whitelists and blacklists for the purpose of call allowance and blockage. The invention further relates to authenticating the called party to the caller party and verifying the call has been connected to the intended party or has been forwarded to an unintended party telephone number.
This invention further relates to the application of caller ID authentication methodology to the fields of electronic mail and postal mail communications. And in particular to systems and methods that are able to both authenticate correct and true email and postal mail source address information and detect spoofed source address information.
2. Background
Caller ID (caller identification, CID), also called calling line identification (CLID), calling number delivery (CND), calling number identification (CNID) or calling line identification presentation (CLIP), is a telephone service, available in analog and digital phone systems and most voice over Internet Protocol (VoIP) applications, that transmits a caller's number to the called party's telephone equipment during the ringing signal, or when the call is being set up but before the call is answered. Where available, caller ID can also provide a name associated with the calling telephone number. The information made available to the called party may be displayed on a telephone's display, on a separately attached device, or be processed by an attached computer with appropriate interface hardware.
Caller ID may be used to display a caller's telephone number (and, in association with a database, name) on a called user's telephone. This works in most countries; although systems are incompatible, each country will have appropriate equipment. A modem can pass CLID information to a computer for purposes of call logging or blocking, but this can be problematic as modems in different countries have different systems, causing hardware or software incompatibilities. However, many modems are designed and programmed to handle multiple signaling methods and can be configured to use the local standard.
In the United States, caller ID information is sent to the called party by the telephone switch as an analogue data stream (similar to data passed between two modems), using Bell 202 modulation between the first and second rings, while the telephone unit is still on hook. If the telephone call is answered too quickly after the first ring, caller ID information will not be transmitted to the recipient. There are two types of caller ID, number only and name+number. Number-only caller ID is called Single Data Message Format (SDMF), which provides the caller's telephone number, the date and time of the call. Name+number caller ID is called Multiple Data Message Format (MDMF), which in addition to the information provided by SDMF format, can also provide the directory listed name for the particular number. Caller ID readers which are compatible with MDMF can also read the simpler SDMF format, but an SDMF caller ID reader will not recognize an MDMF data stream, and will act as if there is no caller ID information present, e.g. as if the line is not equipped for caller ID.
Caller ID forging, or spoofing, is the practice of causing the telephone network to display a number on the recipient's Caller ID display that is not that of the actual originating station. The term is commonly used to describe situations in which the motivation is considered malicious by the speaker or writer. Just as e-mail spoofing can make it appear that a message came from any e-mail address the sender chooses, Caller ID spoofing can make a call appear to have come from any phone number the caller wishes. Because of the high trust people tend to have in the Caller ID system; spoofing can call the system's value into question.
There are both legitimate and illegitimate reasons for caller ID spoofing. Some of the legitimate reasons for spoofing caller ID information are for example, calls from a large company, especially with multiple branches, where sending the main number makes sense. A hospital might have the primary number 555-1000, with perhaps 250 lines inside the main building, and another 100 at the clinic five miles away. While some of the phones will have 555-10XX numbers, many won't have any identifiable line. Having all calls come from 555-1000 lets the recipients know it's a hospital call. As another example, a company with a toll-free telephone number may prefer the caller ID to display this number. In another example, a call center making calls on behalf of many clients may prefer the caller ID to display a different number for each client's calls.
Some of the illegitimate reasons for caller ID spoofing can be where a telemarketer is making calls that it is not authorized to make, such as calling a number on the National Do Not Call Registry. The Do Not Call Registry is maintained by the FTC that allows consumers to register their phone number and is intended to give consumers an opportunity to limit the telemarketing calls they receive. Any telemarketer who violates the Do Not Call Registry can be fined. Another instance of illegitimate caller ID spoofing can be where an individual wishes to impersonate another entity, such as a bank, to acquire sensitive information from the called party through deception.