Currently there are a variety processes to authenticate a called party. For example, a bank may call one of its customers to ask the customer questions in regard to a recently received loan application. An agent for the bank can ask the customer specific questions to determine the authenticity of the customer. For example, the bank's agent can ask the customer about information that only the customer will know.
However, it is at times more difficult for a called party to determine if the calling party is authentic. In some cases, the called party may mistakenly think the calling party is legitimate, when in reality the calling party is impersonating another party. These types of incidents can lead to identity theft and other problems.
There have been some attempts to address this issue. For example, U.S. Patent Application Publication No. 2011/0026699 discloses a process of where a call screener is used to authenticate a caller. The caller registers with the call screener (of a callee) using a digital certificate to create an account. When the caller calls the callee, the call screener intercepts the incoming call and challenges the caller for the caller's digital certificate. Once the caller is authenticated, the call is sent to the callee. In other words, the callee verifies the same information that was given by the caller previously. The callee is only making sure that the person who established the account is the one making the call.
The problem with this type of system is that the digital certificate is generated by the caller. The person who created the account may have provided incorrect information or may have left the organization that he claims to represent. This may allow another party to impersonate the calling party.