A method, computer system, and a computer program product for filtering a phone call are provided. An incoming phone call to a phone is detected. Call metadata from the incoming phone call is received. The call metadata is compared to entries of a learned relationship filter. The entries of the learned relationship filter are obtained by monitoring behavior of a phone user on the phone during previous calls to the phone and application usage on the phone so that learned relationships to the phone user are identified and saved. The learned relationship filter provides a filtering response. The filtering response is performed to the incoming phone call.

A technique for acquiring and correlating session-related information from an Internet Protocol Multimedia Subsystem, IMS, is described. The technique comprises the acquisition of control plane information from control plane signalling tapped at an IMS control entity, the acquisition of user plane information from user plane traffic tapped at an IMS user plane entity, and the acquisition of context information from tapped signalling between the IMS control entity and the IMS user plane entity. The acquired context information permits to correlate the control plane information and the user plane information acquired for a particular session.

A computerized-method for identifying and utilizing effectiveness of an agent elevating channels during an interaction, in an Omnichannel-Session-Handling environment, is provided herein. The computerized-method may operate, during a duty-cycle, an Elevated Interaction Efficacy (EIE) module for each agent in a data-storage of agents. The EIE-module may include: (a) operating an interaction-module to retrieve one or more interactions of the agent; (b) filtering out from the retrieved interactions, one or more elevated interactions, based on one or more attributes from metadata of the retrieved interactions; (c) calculating an Elevated Interaction Handling (EIH) score for the agent based on one or more attributes from the metadata of the one or more elevated interactions; (d) storing the calculated EIH score in the data-storage of agents; and (e) sending the EIH score to one or more applications, to take one or more follow-up actions based on the EIH score and a calculated EIH threshold.

Systems for and methods of training a spoofing detection model include receiving a plurality of customer call interactions; classifying each of the plurality of customer call interactions as a spoofed call or a non-spoofed call using a spoofing detection model; generating a voiceprint for each of the plurality of customer call interactions; comparing the generated voiceprints; grouping the generated voiceprints into one or more clusters based on the comparing, wherein each cluster represents a single speaker; locating a cluster containing a spoofed call and a non-spoofed call, thereby indicating that the non-spoofed call was misclassified by the spoofing detection model; and updating the spoofing detection model with the non-spoofed call.

Embodiments described herein provide for passive caller verification and/or passive fraud risk assessments for calls to customer call centers. Systems and methods may be used in real time as a call is coming into a call center. An analytics server of an analytics service looks at the purported Caller ID of the call, as well as the unaltered carrier metadata, which the analytics server then uses to generate or retrieve one or more probability scores using one or more lookup tables and/or a machine-learning model. A probability score indicates the likelihood that information derived using the Caller ID information has occurred or should occur given the carrier metadata received with the inbound call. The one or more probability scores be used to generate a risk score for the current call that indicates the probability of the call being valid (e.g., originated from a verified caller or calling device, non-fraudulent).

Aspects of the subject disclosure may include, for example, a method of receiving, by a processing system including a processor, a call for a subscriber; determining, by the processing system, that the call is from an interactive voice response (IVR) system; determining whether the IVR system is providing a query that requires a response; and responsive to a first determination that the IVR system requires the response, providing the response. Other embodiments are disclosed.

Secure system and method of detecting and preventing inmate to inmate message relays. A system and method which monitors inmate communications for similar phrases that occur as part of two or more separate inmate messages. These similar phrases may be overlapping in real time as in a conference call or can occur at separate times in separate messages. The communications that appear similar are assigned a score and the score is compared to a threshold. If the score is above a certain threshold, the communication is flagged and remedial actions are taken. If the flagged communication contains illegal matter then the communication can be disconnected or restricted in the future.

Systems and methods are provided to stop both external and internal fraud, ensure correct actions are being followed, and information is available to fraud teams for investigation. The system includes components that can address: 1) behavioral analytics (ANI reputation, IVR behavior, account activity)—this gives a risk assessment event before a call gets to an agent; 2) fraud detection—the ability to identify, in real time, if a caller is part of a fraudster cohort' and alert the agent and escalate to the fraud team; 3) identity authentication—the ability to identify through natural language if the caller is who they say they are; and 4) two factor authentication—the ability to send a text message to the caller and automatically process the response and create a case in the event of suspected fraud.

Aspects of the subject disclosure may include, for example, identifying a first user associated with a first mobile device, and determining a first user type associated with the first user. Further embodiments can include identifying a first identity associated with the first user based on the first user type and identifying a second identity associated with the first user based on the first user type. Additional embodiments can include providing first alternate content to the first mobile device to mask the first identity and providing second alternate content to the first mobile device associated with the second identity. Other embodiments are disclosed.

Real time audio stream validation is provided. An audio stream of a voice communication corresponding to a call is segmented into a plurality of blocks in response to receiving the audio stream from a user. The plurality of blocks is modified to generate a first modified audio stream corresponding to the call that includes hashed values of the plurality of blocks. The first modified audio stream along with the hashed values of the plurality of blocks is sent via a network.