What technology area does this patent fall under?

Primary CPC classification H04L63/126. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue May 01 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

System, method and apparatus for authenticating calls

US9961197B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9961197-B2
Application number	US-201514594973-A
Country	US
Kind code	B2
Filing date	Jan 12, 2015
Priority date	Feb 5, 2008
Publication date	May 1, 2018
Grant date	May 1, 2018

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

The present invention provides a system, method and apparatus for authenticating calls that is a robust Anti-vishing solution. The present invention can identify Caller ID spoofing, verify dialed number to detect man-in-the middle and verify called party against dialed digits to detect impersonation. This solution can handle calls coming from any phone any where with little impact on user experience. Two separate solutions are tailored for smart phones (communication devices capable of running application software) and traditional phones to reduce the impact to user experience while providing robust verification.

First claim

Opening claim text (preview).

The invention claimed is: 1. A method for authenticating a user of a calling device comprising: receiving a first call from the calling device; providing a notification to the calling device prior to terminating the first call, wherein the notification tells the user that an authentication process will begin following the termination of the first call; in response to receiving the first call from the calling device, terminating the first call; placing a second call to the calling device; in the second call, prompting the user to speak one or more words and depress one or more keys on the calling device; receiving, in the second call, the spoken words and one or more signals associated with the depressed keys; comparing one or more biometric parameters of the received spoken words with a stored voice biometric template for the user, the received spoken words with the prompted words, and the received signals with the signals associated with the prompted keys; and transferring the second call to a called device whenever the user is authenticated as a result of the comparison. 2. The method as recited in claim 1 , further comprising: playing a stored message to the user to authenticate the called device, wherein the stored message was previously recorded by the user during a registration process. 3. The method as recited in claim 2 , wherein the registration process comprises: prompting the user to speak a message; recording and storing the message; and creating and storing the voice biometric template based on the user's voice. 4. The method as recited in claim 2 , wherein the registration process comprises periodically changing the stored message by prompting the user to speak a new message, recording the new message, and replacing the stored message with the new message. 5. The method as recited in claim 2 , wherein the stored message is not played to the user until the user is authenticated. 6. The method as recited in claim 1 , further comprising: terminating the second call whenever the user is not authenticated; or providing one or more notifications to the called device whenever the user is not authenticated. 7. The method as recited in claim 1 , wherein the authentication method prevents caller ID spoofing, man-in-the-middle attacks, record and replay attacks, called device impersonation, or a combination thereof. 8. The method as recited in claim 1 , wherein at least one of: the one or more words and the one or more keys are randomly generated; the one or more keys are selected from one or more digits of a telephone number of the called device; and the one or more keys are selected from 0-9, * and # keys. 9. The method as recited in claim 1 , wherein: the authentication method is an automated process executed by a controller operated by the called device, a network provider, a service provider, a facility provider or a call center; the controller comprises a computer, a server, a switch, a PBX, or a gateway; and the calling device comprises a phone, a computer, a PDA or other communications device. 10. An apparatus for authenticating a user of a calling device comprising: a communications interface; and a processor communicably coupled to the communications interface, wherein the processor: receives a first call from the calling device via the communications interface, provides a notification to the calling device prior to terminating the first call, wherein the notification tells the user that an authentication process will begin following the termination of the first call, terminates the first call in response to receiving the first call, places a second call to the calling device via the communications interface, prompts, in the second call, the user to speak one or more words and depress one or more keys on the calling device, receives, in the second call, the spoken words and one or more signals associated with the depressed keys via the communication interface, authenticates the user by comparing one or more biometric parameters of the received spoken words with a stored voice biometric template for the user, the received spoken words with the prompted words, and the received signals with the signals associated with the prompted keys, and transfers the second call to a called device whenever the user is authenticated. 11. The apparatus as recited in claim 10 , further comprising the operation of the processor playing a stored message to the user to authenticate the called device, wherein the stored message was previously recorded by the user during a registration process, and wherein the registration process comprises the operations of: the processor prompting the user to speak a message; the processor recording and storing the message; and the processor creating and storing the voice biometric template based on the user's voice. 12. The apparatus as recited in claim 10 , further comprising the operation of the processor playing a stored message to the user to authenticate the called device, wherein the stored message was previously recorded by the user during a registration process, and wherein the registration process comprises periodically changing the stored message by prompting the user to speak a new message, recording the new message, and replacing the stored message with the new message. 13. The apparatus as recited in claim 10 , further comprising the operation of the processor playing a stored message to the user to authenticate the called device, wherein the stored message was previously recorded by the user during a registration process, and wherein the stored message is not played to the user until the user is authenticated. 14. The apparatus as recited in claim 10 , further comprising: terminating the second call whenever the user is not authenticated; or providing one or more notifications to the called device whenever the user is not authenticated. 15. The apparatus as recited in claim 10 , wherein the authentication method prevents caller ID spoofing, man-in-the-middle attacks, record and replay attacks, called device impersonation, or a combination thereof. 16. The apparatus as recited in claim 10 , wherein at least one of: the one or more words and the one or more keys are randomly generated; the one or more keys are selected from one or more digits of a telephone number of the called device; and the one or more keys are selected from the 0-9, * and # keys. 17. The apparatus as recited in claim 16 , wherein the one or more words and the one or more keys are randomly generated. 18. The apparatus as recited in claim 16 , wherein the one or more keys are selected from the one or more digits of a telephone number of the called device. 19. The apparatus as recited in claim 10 , wherein: the authentication method is an automated process executed by a controller operated by the called device, a network provider, a service provider, a facility provider or a call center; the controller comprises a computer, a server, a switch, a PBX, or a gateway; and the calling device comprises a phone, a computer, a PDA or other communications device. 20. A system for authenticating a user of a calling device comprising: a communications network communicably coupled to the calling device; a controller communicably coupled to the communications network wherein the controller comprises a communications interface communicably coupled to the communications network and a processor communicably coupled to the communications interface; and wherein the processor: rece

Assignees

Avaya Inc

Inventors

Classifications

H04L63/1483
service impersonation, e.g. phishing, pharming or web spoofing (detection of rogue wireless access points H04W12/12) · CPC title
H04M2203/6054
Biometric subscriber identification · CPC title
H04L63/1441
Countermeasures against malicious traffic (countermeasures against attacks on cryptographic mechanisms H04L9/002) · CPC title
H04L63/126Primary
the source of the received data · CPC title
H04L9/3273
for mutual authentication (network architectures or network communication protocols for achieving mutual authentication in a packet data network H04L63/0869) · CPC title

Patent family

Related publications grouped by family.

View patent family 40999500

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9961197B2 cover?: The present invention provides a system, method and apparatus for authenticating calls that is a robust Anti-vishing solution. The present invention can identify Caller ID spoofing, verify dialed number to detect man-in-the middle and verify called party against dialed digits to detect impersonation. This solution can handle calls coming from any phone any where with little impact on user exper…
Who is the assignee on this patent?: Avaya Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/126. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue May 01 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).