Systems and methods are disclosed for using machine-learning techniques for labeling incoming calls with categories relating to a risk level. A model is generated using call log data. The call log data is augmented using information from additional data sources to generate features for the model. The model may then be used to categorize additional incoming calls. The model may be used in real-time to categorize incoming calls, or categorization results may be stored for a plurality of calling numbers. Various embodiments provide various technical advantages by virtue of how the components of the system are deployed between an endpoint communication device, a telephony provider system, and possibly other systems.

Pre-authorized communication services and/or transactions are provided via a plurality of networks in response to a request received from a user to provide at least one of a communication service, a transaction and user account information via a plurality of networks of different types. Prior to processing the request, there is verification of the user's authorization to receive the at least one of the communication service, the transaction, and the user account information, and that an account associated with the user has a sufficient amount currently available for payment of the at least one of the communication service and the transaction. After verification, an authorized account associated with the user is charged in real time as the at least one of the communication service and the transaction is provided.

Asynchronous and/or synchronous zero charge telephony protocol systems and methods may include an asynchronous signaling switch and/or a call duration time quota from a synchronous charging onset to place and complete a call. A call request is received with a second device mobile address. The asynchronous systems include instructions to automatically modify the mobile address with a routing prefix when the first device has insufficient balance or independent of balance, route to the asynchronous signaling switch based on an associated modified address trunk path, revert to the call signal at the asynchronous signaling switch, and deliver and automatically disconnect the call immediately when the call is completed. The synchronous systems include instructions to automatically set the call duration time quota upon insufficient balance, and deliver and automatically disconnect the call from the second user mobile device when the call is completed and the call duration time quota is exceeded.

Aspects of the invention determining a threat score of a call traversing a telecommunications network by leveraging the signaling used to originate, propagate and terminate the call. Outer-edge data utilized to originate the call may be analyzed against historical, or third party real-time data to determine the propensity of calls originating from those facilities to be categorized as a threat. Storing the outer edge data before the call is sent over the communications network permits such data to be preserved and not subjected to manipulations during traversal of the communications network. This allows identification of threat attempts based on the outer edge data from origination facilities, thereby allowing isolation of a compromised network facility that may or may not be known to be compromised by its respective network owner. Other aspects utilize inner edge data from an intermediate node of the communications network which may be analyzed against other inner edge data from other intermediate nodes and/or outer edge data.

Systems and methods for using machine-learning techniques for labeling incoming calls with categories relating to a risk level. A model is generated using call log data. The call log data is augmented using information from additional data sources to generate features for the model. The model may then be used to categorize additional incoming calls. The model may be used in real-time to categorize incoming calls, or categorization results may be stored for a plurality of calling numbers. Various embodiments provide various technical advantages by virtue of how the components of the system are deployed between an endpoint communication device, a telephony provider system, and possibly other systems.

A method and system for providing a second line service (SLS) feature to a subscriber using a telecommunications device (TD) which includes receiving at a switch on the network of the subscriber's primary service provider a communication made up of a trigger and a directory number. When the communication is received at the primary service provider's switch, the switch parses the communication and detects the trigger. Once the switch has received the communication, the switch additionally transmits a query message to a SLS platform that manages the SLS feature. As a result of the switch's query message transmission, the switch receives a reply to the query message from the SLS platform. Based at least in part on the reply to the query message, the switch can route the communication such that the switch connects one or multiple voice channel circuit between the subscriber's TD and the terminating TD.

Pre-authorized communication services and/or transactions are provided via a plurality of networks in response to a request received from a user to provide at least one of a communication service, a transaction and user account information via a plurality of networks of different types. Prior to processing the request, there is verification of the user's authorization to receive the at least one of the communication service, the transaction, and the user account information, and that an account associated with the user has a sufficient amount currently available for payment of the at least one of the communication service and the transaction. After verification, an authorized account associated with the user is charged in real time as the at least one of the communication service and the transaction is provided.

A method and system for providing a second line service (SLS) feature to a subscriber using a telecommunications device (TD) which includes receiving at a switch on the network of the subscriber's primary service provider a communication made up of a trigger and a directory number. When the communication is received at the primary service provider's switch, the switch parses the communication and detects the trigger. Once the switch has received the communication, the switch additionally transmits a query message to a SLS platform that manages the SLS feature. As a result of the switch's query message transmission, the switch receives a reply to the query message from the SLS platform. Based at least in part on the reply to the query message, the switch can route the communication such that the switch connects one or multiple voice channel circuit between the subscriber's TD and the terminating TD.

Aspects of the invention determining a threat score of a call traversing a telecommunications network by leveraging the signaling used to originate, propagate and terminate the call. Outer-edge data utilized to originate the call may be analyzed against historical, or third party real-time data to determine the propensity of calls originating from those facilities to be categorized as a threat. Storing the outer edge data before the call is sent over the communications network permits such data to be preserved and not subjected to manipulations during traversal of the communications network. This allows identification of threat attempts based on the outer edge data from origination facilities, thereby allowing isolation of a compromised network facility that may or may not be known to be compromised by its respective network owner. Other aspects utilize inner edge data from an intermediate node of the communications network which may be analyzed against other inner edge data from other intermediate nodes and/or outer edge data.

Pre-authorized communication services and/or transactions are provided via a plurality of networks in response to a request received from a user to provide at least one of a communication service, a transaction and user account information via a plurality of networks of different types. Prior to processing the request, there is verification of the users authorization to receive the at least one of the communication service, the transaction, and the user account information, and that an account associated with the user has a sufficient amount currently available for payment of the at least one of the communication service and the transaction. After verification, an authorized account associated with the user is charged in real time as the at least one of the communication service and the transaction is provided.