Motorola Mobility, Inc. v. Apple, Inc.
Filing
93
Defendant's MOTION Defendant and Counterclaim-Plaintiff Apple Inc.'s Claim Construction Brief by Apple, Inc.. (Attachments: # 1 Declaration of Christine Saunders Haskett, # 2 Exhibit 1, # 3 Exhibit 2, # 4 Exhibit 3, # 5 Exhibit 4, # 6 Exhibit 5, # 7 Exhibit 6, # 8 Exhibit 7, # 9 Exhibit 8, # 10 Exhibit 9, # 11 Exhibit 10, # 12 Exhibit 11, # 13 Exhibit 12, # 14 Exhibit 13, # 15 Exhibit 14, # 16 Exhibit 15, # 17 Exhibit 16, # 18 Exhibit 17, # 19 Exhibit 18, # 20 Exhibit 19, # 21 Exhibit 20)(Pace, Christopher)
EXHIBIT 15
11111111111111111111111111111111111111111111111111111111111I111I11111111111
United States Patent
US005335278A
[19]
[11]
Matchett et aI.
[45]
[54] FRAUD PREVENTION SYSTEM AND
PROCESS FOR CELLULAR MOBILE
TELEPHONE NETWORKS
Wireless Security, Inc., Silver Spring,
Md.
Dec. 31, 1991
[51] Int. 0.3
[52] U.S. O
[58]
[56]
H04L 9/32; H04M 11/00
380/23; 375/1;
380/29; 380/30; 380/34; 380/49; 379/59;
379/63; 340/825.31; 340/825.34; 455/33.1;
455/53.1; 455/54.1; 455/56.1
Field of Search
375/1; 380/9, 23, 29,
380/30, 34,49, 50; 340/825.31, 825.34; 379/58,
59,62,63, 145; 455/33.1, 53.1, 54.1, 54.2, 56.1
•••••••••••••••••••••••
Primary Examiner-Bemarr E. Gregory
[57]
ABSTRACf
An improved mobile telephone system, including a
process and apparatus for detecting fraudulent requests
for roamer cellular telephone services before the requested service is granted. The improvement comprises
a distributed, readily updatable fraud prevention processor which facilitates a plurality of independent, geographically dispersed cooperating cellular networks to
each locally determine if a roamer request for service is
from a valid, currently authorized user subscriber before cellular telephone service is provided by the visited
cellular network.
References Cited
U.S. PATENT DOCUMENTS
3,355,556
4,233,473
4,658,416
4,776,003
4,831,647
4,955,049
4,958,368
5,003,629
5,077,790
5,153,919
5,204,902
1111967
1111980
4/1987
10/1988
5/1989
9/1990
9/1990
3/1991
12/1991
10/1992
4/1993
Chaney
Frost
Tanaka
379/63
379/59
379/57
379/91
379/91
379/58
379/91
455/32.1
380/23
380/23 X
380123
Harris
D'Avello et aI.
Ghisler
Parker
Ness-Cohn
D'Amico et aI.
Reeds, III et aI.
Reeds, III et aI.
Aug. 2, 1994
"Status of and Fraud Protection Measures for North
American Cellular Systems" by Sam McConoughey for
TIA, Dec. 13, 1991, p. 5.
"Cellular Fraud" by Henry M. Kowalczyk, Mar. 1991
issue of Cellular Business, pp. 33-34.
"Responses to Japan's Ministry of Post and Telecommunications Study Team Questions on Cellular Fraud"
by Mr. Eric Hill for CTIA, Dec. 1991, pp. 5-6.
"Parameters for Fraud Management Using Network
Based Techniques" by Messrs. R. Mechaley and K.
Carlson for TIA, Sep. 30, 1991, pp. 2, 3, 4, 10.
"Cellular System Dual-Mode Mobile Station-Base
Station Compatibility Standard" IS-54 (Revision A) by
Electronic Industries Association, Dec. 1990, pp. 84-85.
[21] Appl. No.: 816,602
[22] Filed:
5,335,278
OTHER PUBLICATIONS
[75] Inventors: Noel D. Matchett, Silver Spring; J.
Neil Birch, Potomac, both of Md.
[73] Assignee:
Patent Number:
Date of Patent:
15 Oaims, 9 Drawing Sheets
6
I~d~_'__
",/
,,/,/'
/,,/
20
/,,//
4
5
CELLULAR
SYSTEM
MASTER DATA
BASE
~
18
19
21
r-:-..,;~·-·-
8
1
i
r.~.--.-.-.j
i
17
i MOBILE
MASTER
SWITCH
I EXCHANGE
L
LOCAL DATA
INPUT
RX
-.-.-.
10
ti
'l
1
I
12,
I
16
1
14 1
1
1
MEMORY
__ .
--~
u.s. Patent
Aug. 2, 1994
5,335,278
Sheet 1 of 9
~6
fJ
.
t1
I-
~
0:
ce W
0:
a:
:::>
0: C'
a. u..
0
-
u.s. Patent
Aug. 2, 1994
Sheet 2 of 9
'"
'" '"
'" '"
",,,,,,, ~CJ
",,"" '"
",,""
/
II
",""..,,'"
//
",
II
1/
it·{';.;::.::---
_--
..................------
"
CIl
_----
_----
---
'!?-
C\I
w
a:
-
::J
Cl
u.
-
---
\\ ><---------~~----"""
\ '
\\
\
\
\
\
\
\
\
\
\
\
~""''''''
...... .............
""
" " " ""
\
\
\
\
\
, "
"
\
\
\
\
-£afJ-c
\
......
""
""
"" "
zaJi--
"
"'~
---. --
,
---
\ , '"
\ \,
\ \
"
'" '"
_--
- - - - - - - - - - -
~\~.::::--
",,"
G
i"" . . . . . ""'''''.. . JfI'
",,',,'" ",,'"
" ......... " .... '
//"."",....
""---.---<../' . . -
"""",,'" .,
'"
",'" '" '"
",'"
5,335,278
",z~
-
...............
u.s. Patent
Aug. 2, 1994
5,335,278
Sheet 3 of 9
.-I·-·-N-·-·-~-·-·-·I
Z·
~
Y
.
~
en
en
a:
o
een
W>
0a:
~en
00
C'
u.
\
&l)
W
e
W
::ll-a: en
..Jen w <
..J > t- m
Wen en
(.)
<
:E
..J
D.
I < Z
OI 0
..J
\
\
t-
C ~
._.J
L._._.
\
<
Oen ;:. :I:
0
~~ en><
I
~ Nyl
\\
W
Wa: ::I: C'
..J W O Z
I
I
I
I
I
I
I
I
I
<
I tI <
:
~
~-z
~
z
~
•
00
•
~
28
PUBLIC SWITCHED J
TELEPHONE NETWORK
HOME
N2 I CELLULAR ~
NETWORK
FRAUD
: PROCESSOR AND MEMORY
24
CALLED
UNIT
~
t1)
=
i ' i
~
VISITED
- CELLULAR I ~1
NETWORK
2~
>
~
~
"""
!
00
=-
~
~
oI:lo
ROAMER
UNIT
FIGURE 4
Cl
~
\C
en
...w
w
...en
~
-..-I
00
u.s. Patent
Aug. 2, 1994
Sheet 5 of 9
5,335,278
EXECUTE
PROCEDURES
SERVICE NOT
AUTHORIZED
LOCAL UNIT
TERMINATE
PROCESSING
BASIC SYSTEM OPERAliON
FIGURE SA
u.s. Patent
Aug. 2, 1994
DATA FOR NEW USER
DATA UPDATE CURRENT USER
FRAUD/STOLEN UNIT REPORT
5,335,278
Sheet 6 of 9
RECEIVES DATA
FOR FRAUD
PREVENTION
DATA BASE
NO PROCEDURES
~~r-----.t FOR VERIFIED
DATA
TO MASTER
A
T
CENTRAL FP
SYSTEM PROCESSES
DATAl.DECRYPTS,t
COMPuTERS KEY~
A
SYSTEM PROCESSES
DATAl. DECRYPTS,t
COMPuTERS KEY~
E A
SYSTEM TRANSMITS
UPDATE DATA &
CRYPTO INFO TO
SUBSCRIBERS •
RUTIN
BASIC SYSTEM OPERATION
DATA BASE UPDATE
FIGURE· 58
u.s. Patent
Aug. 2, 1994
TEMPORARY
DATA BASE FOR
R
AT
Sheet 7 of 9
5,335,278
CALLS IN
PROGRESS FOR
MATCH ON
PRIORITY lfDATE
DATA
FROM ESNS IN
~====., CATEGORY· DENYSV
RECEIVE tEXT
TRANSaISSION lfDA
BAS~ SYSTEM OPERAnoN
DATA BASE UPDATE (CONTHED)
FIGURE 5C
u.s. Patent
Aug. 2, 1994
nhP.'.!~ NO
'----"~~---.,
Sheet 8 of 9
A
AUTHENTICATION
DATA FROM
M LE
t--~
L.-&.:.I~
5,335,278
A
AUTHENTICATION
DATA FROM FP
TA
E
~,,~vv
E
PROCEDURES
ROAMER NOT
AUTHORIZED
I FAI D
u.s. Patent
Aug. 2, 1994
Sheet 9 of 9
5,335,278
~TATES
USER
SID
AUTHORIZAliON
DATA
FILES
UPDATE
FLAG 34
36
.....- - MOTION
FIGURE 7
CRYPTOGRAPHIC
ALGORITHM & KEYS
38
1
2
FRAUD PREVENTION SYSTEM AND PROCESS
FOR CELLULAR MOBILE TELEPHONE
NETWORKS
FIELD OF THE INVENTION
5'
This invention relates to cellular mobile telephone
networks and more particularly to a process and apparatus for detecting fraudulent requests for service both
within and outside of a subscriber's home base station 10
area.
BACKGROUND OF THE INVENTION
Cellular mobile telephone services have been in operation in many parts of the world for several years and
within the continental United States for nearly a decade. Cellular mobile telephone service is currently one
of the most rapidly expanding types of communication
services. The structure and general operation of several
types of commercially available cellular mobile telephone systems is well documented in the patent and
communication· arts literature. One seeking a description of some representative types of equipment should
see: U.S. Pat. No. 4233273 entitled Comprehensive
Automatic Mobile Radio Telephone System; U.S. Pat.
No. 4776003 entitled Cellular Mobile Radio Credit
Car? S~stem; U.S, Pat. No. 4958368 enti~led Cus~omer
Activation System; .The Cellular M~bl1e Radlotelephone by Stephe~ GIbson, 1987, PrentIce-Hall; or The
Cellular ConnectIon by Joseph Bernard, 1987, Quantum
P bI' h'
uAl;s ~~~he prior art mobile telephone systems and
particularly those in a multi-channel mobile radio telephone system involving a plurality of various carrier
companies having a plurality of base stations covering
different geographic areas have encountered substantial
difficulties in attempting to provide telephone services
which are comparable to facilities and services available
to fixed or immobile telephone stations, As is well
known to telephone subscribers in the United States,
fixed telephone stations in the United States and in most
developed countries for many years have provided
practically instantaneous access to direct distance dialing networks and subscribers can dial calls to practically any fixed substation within the telephone network,
and likewise receive calls from any fixed substation in
the network; all without the assistance or intervention
of a telephone operator, Multi-channel radio telephone
systems have further problems, including substantial
losses incurred with fraudulent theft of services. The
fraudulent theft of services is attributable in large part
to the movement of mobile subscribers from their home
areas across the country, commonly referred to as
"roamers". These operating problems are further complicated by the commercial objectives of the mobile
telephone service companies in attempting to provide
expanded services, including the ability of roamer mobile subscribers to freely and quickly automatically
originate and receive calls to and from any other fixed
or mobile stations in the network.
The growth and expansion of the cellular telephone
usage since its inauguration in the Continental United
States in 1983 continues at a rapidly expanding rate.
As of November 1991, there were more than 6.3
million cellular telephone subscribers in the Continental
United States, and in the fall of 1991 cellular telephone
service was available in all 306 metropolitan statistical
areas across the Continental U.S., and the Federal Com-
15
20
25
30
35
40
45
SO
55
60
65
munications Commission is rapidly completing the licensing process for the so-called Rural Service Areas.
Thus, with the rapid growth of cellular telephone technology and the substantial reductions in the size and
price of cellular phones, the cellular telephone system
will continue to rapidly expand and in the near future it
will be available throughout the entire North American
continent and expand rapidly into all of the developed
countries of the world.
Fraudulent use or theft of service is one of the principal business and technical problems faced by cellular
telephone service companies today and in the Continental United States is estimated to result in a loss on the
order of $600 million for these companies. Fraudulent
user is a term used by the cellular telephone industry to
denote anyone who seeks to obtain or obtains cellular
telephone services without authorization from the service provider companies. Fraudulent use of a cellular
telephone can take several forms. For example: First-theft of a mobile telephone and subsequent unauthorized use in the same or different geographic area with
the subsequent unauthorized user masquerading as the
valid subscriber. Second-eloning or duplicating a
valid mobile telephone by securing a valid mobile telephone subscriber's authorization data, including for
example the Electronic Serial Number (ESN)-Mobile
Identification Number (MIN) pair data either by purchase from service or installation personnel or by surreptitiously recording the ESN-MIN data while the
'
.
vaI'd user IStranSml'tt'mg or b i t ' all y copymg
I
y e ec romc
or duplic~ti~g the ESN-MIN data from a stolen mo~ile
ph~ne umt mto one or more other cellular ph~ne umts.
!bird-fraudulent use of cellular pho~e servIces may
mvolve ~he use of random, unauthonzed ESN-MIN
data which could be randomly g~nerated by a data
sequen~e generator to attc:mpt t~ gam fr~~dulent access
to ~~blle telephone servIces. Fm~ly, hlJac~er or su~scnptlOn fraud sch7 generally mvolv~ an Increase In
mes
the fraudu!e.nt user s p~one p?wer level In order t~ take
over a legtt~ate mo?ile radIO traffic channel asslgn~d
by th~ servIce proVIder company to another mobIle
subscnber.
U.S. Pat. No. 4955049 describes a fraud detection
system which involves generating, in connection with
the accounting and billing records of an authorized
subscriber, a call sequence list which permits a legitimate subscriber to differentiate between authorized
calls initiated by the subscriber and fraudulent calls
made by an unauthorized party by using the ESN-MIN
pair of the legitimate subscriber. This call sequence
process does not detect the fraudulent use before mobile
service is granted, but only distinguishes on a subscriber's mobile telephone bill between authorized and unauthorized calls. Further, active work on cellular fraud by
various Telecommunications Industry Association
members and committees as evidenced by EIA/TIA
IS-41, Rev. B Draft Standard and EIA/TIA IS-54, Rev.
B Draft Standard and suggested extensions of both, and
other reports depend almost exclusively on the existence ofa communications path, common IS-41B protocols, and a rapid response for queries of roamer status
sent by visited networks to the roamer's home network.
Unfortunately, current cellular systems, including IS-41
protocol, do not facilitate the detection of the most
common types of mobile telephone fraud as described
above and more importantly do not provide a process
or apparatus for effectively sharing among local mobile
3
5,335,278
telephone service providers current data regarding
newly authorized ESN-MIN and/or stolen mobile
phone data in order to facilitate detection of such fraudulent usage before service is granted. In addition to
being dependent upon a network not controlled by
cellular operators, it is highly questionable whether the
future networks and accompanying IS-41 and IS-54
protocols, even when widely implemented, will be able
to provide a grade of service to allow for effective fraud
reduction.
As is known to those skilled in communication arts,
the business and commercial objective of cellular telephone service companies has been to offer fast, convenient service to mobile users which is increasingly comparable with the services offered to fIxed or immobile
stations and provides practically instantaneous access to
all direct dial networks. These commercial objectives
have in a sense facilitated a number of types of cellular
telephone fraud since the currently existing cellular
telephone system protocols and clearinghouse and accounting and billing procedures utilizing services offered to the industry by two companies, namely GTE
Telecommunications Services Inc., 100 S. Ashley,
Tampa, Fla. 33602, and EDS Personal Communications
Corp., 1601 Trapello Road, Waltham, Mass. 02154, do
not provide anything like on-line real time responses,
but instead require an inordinate time to process requests. Similarly, these current industry procedures
referred to above do not provide any commercially
secure procedure to encourage competitive companies
to exchange any current customer authorization status
data sufficient to detect and prevent fraudulent use of
cellular telephone services before service is granted.
SUMMARY OF THE INVENTION
It is an object of the present invention to provide an
improved cellular telephone process and system, including a distributed fraud prevention means.
It is another object of the present invention to detect
fraudulent use in a cellular telephone system before
service is initially granted to a fraudulent user.
It is another object of the present invention to provide an improved cellular telephone service authorization process for detecting fraudulent requests for telephone services.
It is another object of the present invention to provide an improved cellular telephone process and fraud
prevention means that do not depend upon the Signalling System 7 network and related protocols.
It is another object of the present invention to improve cellular telephone networks by providing timely
secure authorization data at distributed cellular exchange switch stations which can be readily accessed in
response to an off-hook request for mobile telephone
service.
It is yet another object of the present invention to
provide improved cellular telephone switching apparatus for identifying, and recording, within individual
radio telephone cell areas fraudulent requests for cellular service.
It is a still further object of the present invention to
reduce fraud in cellular telephone systems by providing
an improved process and apparatus for achieving rapid
subscriber validation before telephone service is
granted in response to an off-hook request.
These and other specifIc objectives and advantages of
the present invention may be achieved in the specifIc
illustrative embodiment of a cellular telephone network
5
10
15
20
25
30
35
40
45
50
55
60
65
4
incorporating a distributed fraud prevention database
memory and processor operatively associated with each
mobile exchange switch center. Further, each such
center has data input means associated with each fraud
prevention database so that the local cellular telephone
service company can update its local records with regard to a list of newly authorized ESN-MIN pair data as
they are authorized and assigned to a new cellular telephone subscriber and a data list of lost or stolen cellular
phone ESN-MIN pairs can be updated and kept current. Similarly, the input data means is appropriately
coupled to appropriate communication means to provide such newly authorized and/or lost or stolen cellular phone ESN-MIN pair data to a central fraud prevention data bank. At prearranged time intervals, the central data bank would simultaneously transmit or broadcast, for example via satellite, the updated data on authorized and/or lost or stolen ESN-MIN pair data to all
mobile exchange switch centers. Upon receipt by a
mobile exchange switch center of an off-hook cellular
service request signal, the local high speed memory
associated with the mobile exchange switch center can
readily determine if the requesting mobile phone user
has a valid authorized ESN-MIN pair and if such data is
on the lost or stolen list. Because this checking is done
locally and without the need for off-line authorization
checks, for example with the original or home base
service company of the use, the verifIcation process and
lost or stolen phone checks will be accomplished within
a period of a few milliseconds and will thus be transparent to the service requestor. Similarly, if the ESN-MIN
pair data is not valid or if they are contained on the lost
or stolen data list, this determination will be made before the requested service is granted. Additional procedures can automatically be triggered upon detection of
a fraudulent request for service to record and locate the
fraudulent user within a particular cell area and record
or notify appropriate offices.
These and other objects, features, and advantages of
the invention may be more readily comprehended from
an examination of the following specifIcation, appended
claims and attached drawings in which:
FIG. 1 is a schematic block diagram of prior art cellular telephone networks illustrated in a nationwide telephone system.
FIG. 2 is a schematic block diagram of one embodiment of the present invention incorporated in a plurality
of domestic cellular telephone networks and illustrated
in the nationwide telephone system.
FIG. 3 is a block diagram of a cellular telephone
mobile telephone exchange switch in accordance with
one aspect of the present invention.
FIG. 4 is a block diagram of an improved mobile
telephone exchange switch station in accordance with
another aspect of applicants' invention.
FIG. S is a composite logic flow diagram of FIGS.
SA, SB, and SC illustrating the operation of a mobile
exchange switch station in accordance with another
aspect of applicants' invention.
FIG. 6 is a logic flow diagram illustrating the encrypted segments of the authorized user database in
accordance with another aspect of applicants' invention.
FIG. 7 is a schematic block diagram illustrating the
segmented direct access magnetic memory device for
storing in accordance with another aspect of applicants'
invention.
5
5,335,278
DESCRIPTION OF PREFERRED
EMBODIMENTS
Referring now to FIG. 1 there is shown a block diagram of the prior art cellular mobile telephone net·
works illustrated on a map of the United States. As is
known by those skilled in the communication arts, there
are more than 600 licensed cellular network service
providers, NI, N2, N3, Nj . .. Nil' which provide mobile
telephone services within their respective cellular goo·
graphic areas which are primarily the major metropolitan areas. In addition, the independent licensed cellular
networks carry out automatic call transfer to other
segments of the nationwide telephone system, for exampIe, through network switches, which may for example
be of a private branch exchange type as shown in FIG.
4. The prior art cellular telephone system has utilized
two clearinghouse type service centers 2 and 3 offered
commercially by GTE Telecommunications Services
Inc., 100 S. Ashley, Tampa, Fla. 33602, and EDS Personal Communications Corp., 1601 Trapello Road,
Waltham, Mass. 02154, which are principally protocol
and accounting functions which arise in connection
with intersystem services. As is known to those skilled
in the telephone arts, the various cellular network ser·
vice providers are independent mobile telephone com·
panies which selectively interconnect mobile subscriber
users to the public switched network and to other stations or mobile subscribers not shown which are connected or connectable via other mobile telephone com·
panies or other parts of the country wide switchable
telephone networks which can be connected by direct
dial telephone calls. The prior art cellular networks NI
-Njas described above or in combination with the com·
mercial clearinghouse functions 2 and 3 and industry
protocols do not provide any practical process or protocols to detect and prevent fraudulent requests for mo·
bile telephone services. While there is substantial data
exchanged between the cellular network NI- Njand the
commercial clearinghouses, there is no existing proto·
col to assist or facilitate the detection at the local mobile
telephone cellular network before mobile telephone
service is granted in response to its receipt of an off·
hook signal, particularly if the request for service is
from a so-called roamer unit-that is, a mobile unit
located outside the geographic area of its home base or
primary cellular service provider company. There exists only proprietary protocols of switch manufacturers
which operate only between switches of that manufacturer. Where implemented, these have stopped some
tumbling fraud, but not cloning. In the prior art system
shown in FIG. 1, it is possible for the cellular network
Nj which receives an off-hook signal from a roamer,
which initiates a request for service by transmitting a
so-called System Identification Number (SID) asspciated with its home base cellular service provider, and
the user's Electronic Serial Number (ESN) and Mobile
Identification Number (MIN) pair to call the home
system provider designated by the received SID number before service is granted. However, this is generally
not done because it is too long and involves too much
delay. Accordingly, it has been the industry practice to
permit a first roamer call for a particular SID/ESN/MIN user without any authorization user verification
check with its home base. This practice and inability to
identify fraudulent service requests before service is
granted has resulted in increasingly costly losses for the
6
5
10
15
20
25
30
35
40
45
50
55
60
65
domestic cellular telephone industry which for 1991 are
estimated to be on the order of $600 million.
FIG. 2 illustrates an improved cellular system which
incorporates the distributed fraud prevention process
and system of the present invention. As shown, cellular
networks N I - Nj, l~ted in major metropolitan areas as
illustrated on the map, incorporate a distributed local
fraud prevention processor PI • Pj- In addition, cellular
system master database 4, which may for example comprise an IBM RISC 6000 processor or COMPACT
System PRO processor which has associated for exampIe 64 megabyte RAM and which may include for ex·
ample 1 gigibyte of disc drive memory capable of storing digital data received from the individual cellular
telephone service providers N I - Nj via for example
standard telephone land lines capable of handling data
rates on the order of 2000 baud. Authorized user data
initially comprising for example a list of all ESNIMIN
pair data as authorized by cellular telephone service
provider NI would be sent via appropriate low cost
transmission networks to master database 4 and similarly all of the cellular networks N2 • Nil' which have
roamer or internetwork agreements with other net·
works would likewise send their respective user autho·
rization data to the master database 4. In accordance
with another aspect of applicants' invention the autho.
rized user data from each cooperating cellular telephone network N.; would include a list of lost or stolen
cellular telephones by ESN-MIN pair data and that
such authorized user data would be periodically, for
example hourly or daily, would be sent by the cellular
network Nj to the central database 4. At periodic intervals, for example hourly or daily, central database 4 via
microwave antenna 5 establishes a communication
channel with orbital satellite 6 so that the user authori.
zation data from the individual cellular telephone networks can be transmitted or relayed from the central
database 4 via satellite 6 to the individual local fraud
prevention processors PI _Pj- In accordance with appli.
cants' invention, by storing user authorization data for
all cooperating cellular telephone network providers
N I _ Nj at each cooperating network center, the current
authorized user data can be accessed in a convenient,
timely manner to permit the mobile telephone service
provider Njto determine if a service request is valid or
fraudulent before service is granted. This validation
process can be accomplished without the need to establish separate communication channels between the mobile network receiving a roamer service request and the
roamer's home network. Accordingly, applicants' dis.
tributed fraud prevention processor and memory per.
mits the individual mobile telephone service providers
to ensure valid user authorization in a convenient and
timely manner.
Referring now to FIG. 3 there is shown a block diagram ofthe preferred embodiment of applicants' distrib·
uted fraud prevention system. As previously described
cellular system central database 4 receives authorized
user data from cooperating cellular telephone networks
N 1 - Nj via any appropriate low cost data transmission
channels between the individual cellular service providers NI - Nj and master database 4. Periodically, the
authorized user data is sent via microwave antenna 5
and orbital satellite 6 to antenna 8 assorted with are·
ceiver 10, which for example may comprise a KV Band
California Microwave Model KIDS 1 meter receive
only system of a C Band Equitorial Model Cl00 receive
only system. Authorized user data received by receiver
7
5,335,278
10 is processed by fraud prevention process 12 which
may comprise for example a COMPACT System PRO
having a 1 gigibyte hard disc and associated 64 MByte
fast access memory store 14. Mobile master exchange
switch 16 which may comprise an ESS7 or Ericsson
MSC configured AXE-IO mobile switch is operably
coupled with fraud prevention processor 12 via any
standard IBM PC interface for example interface X.25
at 9.6 KBs which, as is known to those skilled in the
data processing arts, has its published specifications and
protocols for handling data input/output procedures. In
addition, if the mobile exchange switch is so designated
by the cellular telephone service provider network Nj,
it has an appropriate data port to communication via
link 18 to periodically provide updated authorized user
ESN-MIN pair data and optionally personal data such
as biometric or PIN and optionally equipment authentication data for example described in IS-54, Rev. B and
optionally an ESN-MIN data list for lost or stolen units
originally authorized by each such cellular telephone
service provider network NjThe following description of the process for handling
an off-hook request for service from a mobile telephone
user is for illustrative purposes only and those skilled in
the art will understand many variations may be made
without departing from the scope of the present invention. With power applied to a mobile telephone subscriber unit, a user initiates a call, an off-hook signal
transmitted by the mobile subscriber unit 20 would
initiate a request for service to establish either a mobile
to land station or mobile to another mobile station call.
The procedures for these respective service requests
vary depending upon whether the off-hook signal is
from a roamer unit, i.e., a mobile unit not in its home
base area, or whether the call is to a land or another
mobile unit outside its home base. The procedure necessary to provide cellular radio telephone subscribers
with services which require interaction between different cellular systems are fully described in EIAITIA
Industry Standard IS-41.3A and IS-41.3B (Draft) are
incorporated herein by reference. For purposes of understanding the structure and operation of applicants'
invention it is sufficient to understand that the off-hook
request for service signal automatically generates and
transmits from the mobile unit 20 to the antenna 19 and
relayed by microwave 21 or land line 23 to the master
exchange switch 16 the SID and the ESN-MIN pair
data described above. The master exchange switch 16
upon receipt of the SID signal classifies the requestor as
a roamer if the SID identifies another service provider
Njdifferent from the receiving network. If the requestor
is not a roamer, then if the service request is from a valid
user the ESN-MIN pair should correspond to the local
networks authorized user data if the ESN/MIN data is
not listed on the lost or stolen data list. However, if the
SID identifies the requestor as a roamer, then in accor-"
dance with the present invention, master mobile switch
16 signals fraud prevention processor 12 to initiate a
logic data comparison of authorized user data and lost
or stolen phone data for the network identified by the
received SID data and stored in fast access memory 14.
Assuming there is a valid match between the received
ESN-MIN pair data and that stored in fast access memory for the identified service provider company and the
ESN-MIN pair is not listed on the lost or stolen phone
list for the network data associated with the requestor,
and the home network has not issued a "deny service"
order, for example a user is delinquent in paying their
5
10
15
20
25
30
35
40
45
50
55
60
65
8
phone bill, the service is authorized and the requested
service is provided. Correspondingly, ifthere is no valid
comparison match for the requesting ESN-MIN pair
data or if the ESN-MIN data is contained in the lost or
stolen phone data list or a "deny service" order is associated with this ESN/MIN, the service request would
be classified as fraudulent or not authorized and service
would be denied.
For a complete understanding of the interaction of
the accounting and billing procedures associated with
such interaction between different cellular networks
reference may be had to EIAITIA Industry Standard
IS 41.3A, or IS-41.3B (Draft), or U.S. Pat. No. 4233473
entitled Comprehensive Automatic Radio Telephone
System issued Nov. 11, 1980 to E. G. Frost.
FIG. 4 illustrates another embodiment of the present
invention in which authorized user data is directly exchanged between cellular networks N I and N2 designated the visited network and home network respectively. In accordance with the embodiment illustrated
in FIG. 4, cellular networks NI and N2are designed to
exchange authorized user data for their respective networks. As previously explained in conjunction with
FIG. 3 such authorized user data for the respective
networks would be updated and exchanged via appropriate low cost data transmission channels not shown.
Alternatively, networks NI and N2 would designate a
common fraud processor and memory Z4 which for
example could be IBM 4300 central data processor and
associated IBM Model 3350 direct access disk storage
units which would function in a manner similar to that
described above in connection with FIGS. 2 and 3. As
illustrated in FIG. 4, when a roamer unit 20 having a
home base N2 requests service when in visited network
NI, the master exchange switch ofNI would access the
associated fast access memory of fraud processor Z4 to
determine whether the request for service is from an
authorized user as then designated by network N2. Assuming the user authorization data received by visited
system N I is determined by the logic data comparison
process by the fraud prevention processor Z4 similar to
that described above in connection with FIG. 3 to be
valid and proper, the requested service via voice network 28 including PBX exchange switches 30 and 32
would be granted and the procedures described above
would be completed.
Referring now to FIG. 5 there is shown a composite
logic flow diagram for the fraud prevention process and
system in accordance with still further aspects of the
present invention.
With reference to FIGS. SA, 5B, and 5C arranged as
illustrated in FIG. S, the basic operation of applicants'
improved cellular telephone process and apparatus will
be illustrated by the logic flow diagram sequence depicted. As discussed above with reference to FIGS. 3
and 4, the request for service by a mobile subscriber is
initiated by the generation of the off-hook signal which
initiates the transmission of the SID/ESN/MIN data to
the mobile master exchange switch. By processing the
SID data the exchange switch determines ifthe requesting subscriber is a roamer or local mobile subscriber. If
the requesting subscriber is at home the local data is
checked for verification of user authorization and if
valid service is granted. As part of the authorization
process in accordance with another aspect of applicants' invention, additional verification processes such
as PIN or personal data would be checked. If the requesting user is determined to be a roamer, the next step
9
5,335,278
in the user authorization process is to determine if the.
necessary service provider company has a roamer
agreement with the home network designated by the
received SID data and, if not, service is denied. If the
receiving company has a roamer agreement with the 5
company designated by the received SID data, then the
user authorization process continues by checking the
received ESN/MIN data, and optionally other data as
further explained, particularly in FIGS. 5A and 5B. If
the received ESN/MIN data is validated for the associ- 10
ated SID network, service is authorized and the appropriate protocols for initiating service, e.g., EIAITIA
IS-4I.3A, are initiated. Correspondingly, if the received
ESN/MIN data does not match or the home network
has issued a "deny service" order, service is denied and 15
the system executes the non-authorized roamer recording and reporting procedures.
With reference to FIGS. SB and SC, the logic process
for updating the fraud prevention database data to be
stored in master database memory 4 as illustrated in 20
FIGS. 2, 3, and 4 may be understood. As illustrated in
FIG. 5B, the independent cellular telephone service
providers Nt ... Nj which elect to participate in the
fraud prevention system would periodically send their
respective user authorization data and updated data, 25
lost or stolen phone data, and personal identification
data which, in accordance with another aspect of the
present invention, may be encrypted voice print data of
the authorized customer, to the master data memory 4
for further transmission to the respective cooperating 30
cellular telephone service providers. As part of this data
update procedure, it is desirable, in accordance with
another aspect of applicants' invention, that the updated
data be classified as routine or priority. For example,
any update data relating to lost or stolen units prefera- 35
bly should be classified priority for expedited handling
both by the central memory database 4, communication
transmission link 6, and independent service provider
companies Nt ... N n• In this manner, the fraud prevention memory 14 at the local service provider companies 40
can be kept up to date. As illustrated in FIG. SB and 5C,
the priority data is designated for expedited handling
and delivery to the fraud prevention database at the
local operating service provider. As will be further
explained in connection with FIG. 7, the reception of 45
user authorization data at the fraud prevention processor and memory sets an appropriate flag or signal the
presence of which alerts the master mobile switch 16
that the update memory section must be checked before
the service authorization request in process is com- 50
pleted. This enables the local service provider company
Nt ... N n to use the latest available user authorization
data then available before the authorization decision is
made and service is either granted or denied, as appropriate.
55
Referring now to FIG. 6, applicants' improved service authorization process, including supplemental personal identification data, will be explained with reference to the illustrated logic flow diagram. As explained
above with reference to FIG. 5 and FIG. 3, the mobile 60
request for services is initiated by the off-hook signal
which initiates the transmission by the mobile unit of its
SID, ESN and MIN data. Again, upon determination
the requesting unit is a local or at home unit, the normal
home base protocol is initiated for verification, which in 65
accordance with another aspect of applicants' invention, could likewise include supplemental authorization
process steps including personal identification numbers
10
or data as will be hereinafter described with regard to a
roamer. If the requesting unit is classified as a roamer,
again the first check, as before, is whether a roamer
agreement is in effect between the receiving cellular
service provider company and the company identified
by the received SID data. If this decision is negative,
the service denied protocol would be initiated. If the
receiving company has a roamer agreement in effect
with the company identified by the received SID data,
the supplemental authorization process is initiated in
which for example the personal identification data, e.g.,
an authorized voice print data, is extracted from the
received data and compared with the personal identification data previously stored in the fraud processor
memory for the received ESN/MIN data.
As will be understood by those skilled in the computer arts, the personal identification data may be in
either analog or digital format and likewise may be
either in plain text or encrypted data form when stored
in the fraud processor memory 8 and when transmitted
by the requesting cellular telephone unit 20 in connection with its request for service. Particularly if the transmitted personal identification data is in analog form, the
test may be inconclusive because of noise interference
or like types of signal degradation. In which case it may
be necessary to collect another biometric sample before
appropriate sample parameters of the received personal
identification data can be compared with the data for
the same SID/ESN/MIN data stored in the fraud processor memory 8 .can be completed. Again, the test
would result in authorization of requested service or
denial of such service depending upon whether the
comparison was positive or negative, respectively.
Referring now to FIG. 7, the preferred data format
for the user authorization data is illustrated schematically with reference to a typical direct access storage
unit which might for example by an IBM DASD 3380
unit with its associated Controller 3880. For the current
6.3 million phones in service by way of example, the
storage capacity for memory, assuming all 6.3 million
units, ESN 32 bits (4 bytes), MIN 34 bits (5 bytes), and
SID IS bits (2 bytes), is 69.3 million bytes. In order to
provide adequate response times for the comparison of
received data with data stored in the fraud processor
memory, an access and search time of 100 to 500 milliseconds per query is desirable depending upon cellular
system demand. As is known to those skilled in the art,
data structures can be created using for example SIDs
or ESNs as pointers so that a minimum and only relevant stored data is actually searched. As illustrated, the
magnetic disc is arrayed to rotate in a clockwise direction and has on the surface a number of circular tracks
or segments 25, 26, 27, etc. As is known to those skilled
in the art, the magnetic segments or tracks are operably
associated with read/write heads, not shown, which
can be selectively positioned to read or write data at
predetermined addressable locations. In the preferred
embodiment of applicants' fraud prevention process and
apparatus as shown in FIG. 5, the user authorization
data for each respective cellular network Nj of FIG. 2
would be encoded by network Njbefore it is sent to the
fraud prevention central memory 4 by network Nj so
that fraud is further deterred by preventing the inadvertent disclosure of this highly sensitive business information, particularly the personal identification data associated with individual cellular customers. The process or
method of encryption may be any of a number of processes or combination of processes well known in the
11
5,335,278
arts for data protection, for example the Data Encryption Standard and RSA public key algorithm, including
use of various keys or codes and their associated key
management schemes, for example a public key scheme,
for example RSA, for distributing keys to facilitate
cryptographic processes. With the use of encrypted
user authorization data it will be necessary, as is known
to those skilled in the data handling arts, to provide
appropriate means to permit the cellular service company which receives a roamer's request for service to
compare the received user identification data, e.g., SID/ESN/MIN and possibly PIN data or personal data,
with the user authorization data stored in the fraud
processing memory 4. In the preferred embodiment of
applicants' invention, the cryptographic data for a particular independent cellular telephone service provider
Nj would be sent by the network Nj to other service
provider networks Nj ... Nk, which have reciprocal
roamer agreements with network Nj- The received
cryptographic data would then preferably be stored in
the track or segment associated with the user authorization data of network company Nj- In this manner the
cryptographic data could be utilized by a service provider network receiving a request for services to encrypt the received ESN/MIN and/or personal identification data to facilitate the data comparison to be made
between the stored encrypted user authorization data
and the encrypted form of the received roamer ESN/MIN data. Alternatively, cryptographic data would be
supplied by the network Nj to its affiliated companies
which have reciprocal roamer agreements and then the
authorization process would include the additional step
of decrypting the stored user authorization data before
it is compared with the ESN/MIN and/or personal
identification number data received for the requesting
unit, resulting in a comparison of plain text rather than
encrypted data.
As discussed above with reference to FIG. 6, it is
desirable to alert the fraud processor if it is in the process of receiving updated user authorization data. As
illustrated in FIG. 7, this can be done by setting a particular data bit or flag 34 in the record for a particular
network Nj identified by its unique SID data. Thus for
example, if the flag 34 is a logic 1 or is "set", this would
alert the fraud processor 12 that the additional update
memory section or track 36 associated with a particular
SID data must be checked before the user service authorization process is completed. The update flag 34
thus ensures the latest available user authorization data
is checked before the service authorization decision is
made.
The foregoing description of applicants' improved
process and system for detecting fraudulent service
requests in a cellular telephone network is illustrative
and many modifications may be made without departing from the scope of their invention as claimed below.
What is claimed is:
1. In a cellular telephone system including a plurality
of independent cellular telephone networks each network having at least one mobile master exchange
switch and related radio transmission facilities for providing cellular telephone services within its respective
cell areas to mobile cellular subscribers and wherein
each mobile telephone unit authorized for subscriber
use by one of said independent cellular telephone networks has an assigned system identification number
(SID) data for identifying one of said independent cellular telephone networks as the authorizing cellular net-
5
10
15
20
25
30
35
40
45
50
55
60
65
12
,work and further wherein each mobile telephone unit
authorized for use by a subscriber has an assigned customer identifying electronic serial number (ESN) and
mobile identification number (MIN) data pair and
wherein said SID data and said ESN-MIN data pair
collectively comprise subscriber authorization data, a
fraud prevention system comprising:
a central database memory means for storing subscriber authorization data form at least some of said
plurality of independent cellular networks,
data transmission means for facilitating the transmission of said subscriber authorization data form said
central database memory means to individual ones
of said independent cellular telephone networks
having different SID data,
fast access memory means at each said independent
cellular telephone network for storing subscriber
authorization data relating to authorized subscribers of different ones of said independent cellular
telephone networks,
data input means for updating said subscriber authorization data stored in said central database memory
means, and
authorization logic means for comparing user subscriber authorization data received in conjunction
with an off-hook signal from a mobile subscriber
with said subscriber authorization data stored in
said fast access memory means having the same
SID data as said requesting mobile subscriber to
determine if the mobile subscriber requesting service is a valid authorized subscriber.
2. The fraud prevention system of claim 1 wherein
said data transmission means includes orbital satellite
means for simultaneously transmitting data stored in
said central database memory means to individual receiving data terminal means at each of said independent
cellular telephone networks.
3. The fraud prevention system of claim 1 further
including:
data processing means at each of said plurality of
independent cellular telephone networks for encrypting the subscriber authorization data before
said subscriber authorization data is transmitted to
said central database memory means, and
means at each of said plurality of independent cellular
telephone networks for facilitating comparison of
encrypted subscriber authorization data in response to said authorization logic means.
4. The fraud prevention system of claim 1 wherein
said central database memory means comprises a segmented memory including a plurality of separate memory segments whereby subscriber authorization data of
each of said plurality of independent cellular telephone
networks is segregated by SID data into different selectively addressable memory segments.
S. A process for detecting fraudulent request for service by a mobile telephone user in a cellular radio telephone system including a plurality of independent cellular service providers in which each cellular service
provider has at least one master mobile exchange switch
means for providing mobile cellular telephone services
within its respective cell areas within said system, said
process comprising the steps of
storing user unit authorization data for a plurality of
independent cellular service providers in a database,
13
5,335,278
transmitting said user unit authorization data to at
least some of said plurality of independent cellular
service providers,
storing said user unit authorization data in fast access
memory means having data communication connections with a plurality of said independent master
mobile exchange switch means,
accessing said user unit authorization data stored in
said fast access memory means in response to the
receipt at one of said master mobile exchange
switch means of an off-hook request for service
form a mobile telephone user unit, and
determining at said receiving master exchange switch
means whether said mobile telephone user service
request is from a valid authorized user unit by comparing the stored user unit authorization data with
telephone user unit identifying authorization data
received in conjunction with said off-hook request
from a mobile telephone user unit requesting cellular telephone services before cellular telephone
service is granted.
6. The process of claim 5 wherein the step of storing
user authorization data includes the steps of storing
authorized ESN-MIN pair data and of storing ESNMIN data identifying unauthorized mobile telephone
units form individual ones of said independent cellular
service providers.
7. The process of claim 6 further including in the step
of storing the step of storing personal identification data
along with said user authorization data and wherein the
step of determining further includes the step of comparing said stored personal identification data with personal identification data received in conjunction with
said off-hook request.
8. The process of claim 5 where in the step of transmitting said user authorization data comprises the step
of simultaneously broadcasting to receiving means at
individual ones of said independent cellular telephone
service providers.
9. The process of claim 5 additionally including the
steps of updating by said plurality of independent cellular service providers of user authorization data previously stored in said fast access memory and of transmitting updated user authorization data to said plurality of
independent cellular service providers, and
determining at said receiving master exchange switch
means whether calls in progress form said mobile
telephone user units are valid by comparing the
latest received user authorization data with tele-
14
phone user identifying data of calls currently in
progress.
10. An improved master exchange telephone switch
operable in a mobile telephone network for providing
5 . cellular mobile telephone services requiring interaction
between independent cellular systems wherein each
independent cellular system has a different cellular telephone system identification number (SID) data stored
in each cellular telephone subscriber unit authorized for
10 use by each respective one of said plurality of independent cellular systems and for detecting fraudulent requests for services before the service is granted, said
improved master exchange telephone switch comprising:
15
communication means for recognizing an off-hook
service request signal from a cellular mobile telephone subscriber user,
memory means for storing user authorization data for
a plurality of independent cellular systems,
input data means for updating said memory means
20
with updated user authorization data previously
stored in said memory means, and
authorization logic means for selectively accessing
said memory means in response to receipt of an
25
off-hook signal form a mobile cellular telephone
subscriber user for comparing user authorization
data received in conjunction with said off-hook
signal with user authorization data stored in said
memory means.
30
11. The improved master exchange switch of claim 10
wherein said input data means includes receiver means
for receiving updated user authorization data from an
orbital satellite transmitter.
12. The improved master exchange switch of claim 10
35 wherein said memory means comprise a plurality of
individual segments of a segmented memory means for
storing user authorization data of each of a plurality of
independent cellular service providers in separate memory segments.
13. The improved master exchange switch of claim 10
40
additionally including data processing means for facilitating the comparison of said user authorization data.
14. The improved master exchange telephone switch
of claim 10 wherein said memory means includes means
45
for storing ESN-MIN pair data identifying unauthorized mobile telephone units and for storing personal
identification data uniquely identifying each authorized
subscriber.
15. The improved master exchange telephone switch
SO of claim 10 further including means for processing encrypted authentication data unique to each mobile unit.
• • • • •
S5
60
65
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?