With the advent of increasingly sophisticated mobile telecommunication services having operation across multi-vendor networks and coverage in national and international areas, the tracking of locations of mobile units (such as cellular, PCS or other mobile telephones) and the processing of corresponding services, particularly with roaming or visiting mobile units, has become correspondingly more complex. Within the mobile or wireless telecommunication industry, authentication, as defined in standards such as IS41C, ANSI 41D and IS54B (promulgated by the American National Standards Institute (ANSI), for example), may be used to verify the legitimacy of a mobile unit seeking access to a mobile system, both within a local or home site or within a visited site.
Existing authentication procedures are typically invoked whenever a mobile unit powers up and accesses a mobile network, such as a cellular or other mobile telecommunication system. For authentication procedures, the mobile unit and the telecommunication system typically have been configured in advance with certain information, referred to as authentication information, which is utilized for certain calculations. Both the mobile unit and the telecommunication system perform these calculations, and compare the results. A valid authentication occurs if and when the compared results are the same, and an authentication failure occurs if and when the compared results are different.
To avoid unauthorized or fraudulent use of the telecommunication system, such as the “cloning” of cellular telephones, authentication information, such as shared secret data, is frequently updated. Following such an update, authentication calculations are performed and compared. In the prior art, when the authentication update is successful, such that the compared results are the same, the updated information continues to be used for future authentication procedures. When the authentication update is not successful, such that the compared results are different, then the updated information is typically not used, with future authentication procedures utilizing the previous authentication information.
When there is an authentication failure in the prior art, telecommunication service providers typically take one of two approaches. First, telecommunication service providers often completely deny access and service to the particular mobile unit which had the authentication failure. Under such circumstances, however, the legitimate subscriber or owner of the particular mobile unit may have no idea why service is being denied. If the mobile user is unable to determine the cause of failure and is unable or unwilling to contact their service provider for resolution, the user may seek other communication services or another service provider.
Second, in lieu of a denial of service, other service providers may provide service and allow access to the telecommunication system. In the event an illegitimate or fraudulent user is able to gain such access to the telecommunication system, service providers may suffer a loss of revenue, billing problems, and customer dissatisfaction.
As a consequence, a need remains for an apparatus, method and system to detect certain types of authentication failures, including failures of updates of authentication information, and following such detection, to provide a default mode for the service provider to inform the subscriber of the authentication failure and to remedy the authentication failure. Such a default mode should be operable for both home and roaming mobile units, and also provide for a denial of access to the telecommunication system, to avoid potentially fraudulent use of the telecommunication system. Such a default mode should also route such failures for special treatment, such as for announcements and/or customer care. Such an apparatus, method and system should also be retroactively compatible and operate within the present mobile telecommunication structure and use existing protocols. In addition, such an apparatus, method and system also should be user friendly and user transparent.