A method for processing messages by a device of a Voice over IP (VoIP) network. The method includes, following receipt of a message initiating a VoIP call coming from a terminal: determining whether the message contains a public telephone identity allocated to a user by the VoIP network; if so, triggering setting-up the VoIP call with a recipient of the message; otherwise: setting up a VoIP channel between the terminal and a voice server hosted by the device; obtaining, by the server via this channel, an authentication code of a user of the terminal; if the authentication code is associated at VoIP network level with a public telephone identity allocated by the network to a user, providing to the terminal the public telephone identity and authentication data associated at VoIP network level with this identity for making VoIP calls and being authenticated to the VoIP network.

A voice over Internet protocol processing method and a related network device are disclosed. The method includes: detecting, by a calling access network element, an off-hook event; encapsulating, by the calling access network element, the off-hook event into first signaling; sending, by the calling access network element, the first signaling to a cloud server; receiving, by the calling access network element, second signaling sent by the cloud server, where the second signaling is used to establish a first transmission path between the calling access network element and the cloud server, and the first transmission path is used to transmit data between the calling access network element and the cloud server; and establishing, by the calling access network element, the first transmission path based on the second signaling. Overall efficiency of the voice over Internet protocol system can be improved, and the construction costs can be lowered.

A system and method are disclosed that leverage multi-factor authentication features of a service provider and intelligent call routing to increase security and efficiency at a customer call center. Pre-authentication of customer support requests reduces the potential for misappropriation of sensitive customer data during call handling. A contactless card uniquely associated with a client may provide a second factor of authentication to reduce the potential for malicious third-party impersonation of the client. Pre-authorized customer support calls are intelligently and efficiently routed in a manner that reduces the opportunity for malicious call interference and information theft.

A system can be operable to receive a call from a communication device and identify whether the call is a spoofed based on, for example, whether a caller party user equipment associated with a caller identification number (caller ID number) is in an “idle” status, whether there are inconsistencies in the geographic location associated with a calling party's network and the geographic location determined to be associated with the caller ID number presented, and whether the phone number presented as the caller ID number is registered with a calling party's network.

Systems and methods for network-controlled scam/robocall handling are described. When an incoming call for a user device is received, a user may elect to add the originating number of the incoming call to a block list or a report list at the network level. Future calls from the originating number, if placed on the block list, are then blocked by the network from being received by the user device. Numbers on the report list may be moved by the user from the report list to the block list, and numbers on the block list may be moved from the block list to the report list. Also, the user may request additional information in order to determine whether to add the originating number to the block list or the report list.

Methods and systems are described for authenticating calls. An example method may comprise receiving a message indicative of a call request. Header data associated with the message may be analyzed to determine an attestation value. A signature may be generated based on the attestation value. A signed message comprising the signature and at least a portion of the message may be sent.

Various embodiments of the invention are detection systems and methods for detecting call provenance based on call audio. An exemplary embodiment of the detection system can comprise a characterization unit, a labeling unit, and an identification unit. The characterization unit can extract various characteristics of networks through which a call traversed, based on call audio. The labeling unit can be trained on prior call data and can identify one or more codecs used to encode the call, based on the call audio. The identification unit can utilize the characteristics of traversed networks and the identified codecs, and based on this information, the identification unit can provide a provenance fingerprint for the call. Based on the call provenance fingerprint, the detection system can identify, verify, or provide forensic information about a call audio source.

There is a growing problem in correctional facility telecommunications systems in which parties on a voice call may connect inmate callers with restricted parties. Prison communication systems monitor calls to prevent such activity, but in Voice over Internet Protocol (VoIP) environments such systems may fail to detect this activity. The present disclosure provides details of a system and method for using SIP messages common in VoIP environments to detect illicit activity initiated by a party on a voice call within a controlled environment. Scenarios are detected in which a called party connects an inmate caller to a restricted party via three-way call conferencing, call forwarding, or other call features. Corrective actions are then taken when such activity is detected, such as call blocking or alerting officials illicit activity is occurring.

Systems and methods for call detail record (CDR) analysis to determine a risk score for a call and identify fraudulent activity and for fraud detection in Interactive Voice Response (IVR) systems. An example method may store information extracted from received calls. Queries of the stored information may be performed to select data using keys, wherein each key relates to one of the received calls, and wherein the queries are parallelized. The selected data may be transformed into feature vectors, wherein each feature vector relates to one of the received calls and includes a velocity feature and at least one of a behavior feature or a reputation feature. A risk score for the call may be generated during the call based on the feature vectors.

Various embodiments of the invention are detection systems and methods for detecting call provenance based on call audio. An exemplary embodiment of the detection system can comprise a characterization unit, a labeling unit, and an identification unit. The characterization unit can extract various characteristics of networks through which a call traversed, based on call audio. The labeling unit can be trained on prior call data and can identify one or more codecs used to encode the call, based on the call audio. The identification unit can utilize the characteristics of traversed networks and the identified codecs, and based on this information, the identification unit can provide a provenance fingerprint for the call. Based on the call provenance fingerprint, the detection system can identify, verify, or provide forensic information about a call audio source.