Disclosed are systems, methods, and non-transitory computer-readable media for verifying an incoming communication. A recipient client device receives an incoming communication including an identifier identifying a second client device as having initiated the incoming communication. A verification service installed on the recipient client device queries a call placement service directory based on the first identifier. The call placement service directory maintains a listing of identifiers for client devices and corresponding communication providers that manage the identifiers. The call placement service directory returns information identifying the communication provider that manages the identifier. In turn, the verification service transmitting a request to the communication provider to confirm whether the second client device initiated the incoming communication. The verification service processes the incoming communication based on the response from the communication provider indicating whether the second client device initiated the incoming communication.

A system for authenticating the calling device used to place a call to an enterprise call center. The system uses a premise component, a cloud-based Call Authentication Service (CAS), and orchestration between these two components. The premise component includes a number of sub-components including servers and probes. The CAS includes a Decision Engine that utilizes a number and variety of authentication plugins. The disclosed system may be used independently or as part of a multi-factor authentication strategy with other techniques such as reduced Knowledge-Based Authentication or voice biometrics.

A method for protecting user data during an audio interaction includes various operations performed by a processing system including at least one processor. In one example, the operations include detecting an audio signal that is part of an interaction between a user and another party, converting the audio signal into a string of text, detecting that the interaction is likely to put sensitive data of the user at risk, based on a comparison of the string of text to a library of interactions that are known to put sensitive data at risk, and sending an alert to notify the user that the interaction is likely to put the sensitive data of the user at risk, wherein the alert is sent to prevent the user from providing the sensitive data to the another party, and wherein the method is performed contemporaneously with an occurrence of the interaction.

Systems and methods for using machine-learning techniques for labeling incoming calls with categories relating to a risk level. A model is generated using call log data. The call log data is augmented using information from additional data sources to generate features for the model. The model may then be used to categorize additional incoming calls. The model may be used in real-time to categorize incoming calls, or categorization results may be stored for a plurality of calling numbers. Various embodiments provide various technical advantages by virtue of how the components of the system are deployed between an endpoint communication device, a telephony provider system, and possibly other systems.

An example method of operation may include one or more of identifying an inbound call intended for a mobile device subscribed to a protected carrier network, determining the inbound call is assigned an origination telephone number that is subscribed to the protected carrier network, determining whether an inbound call origination source location indicates the protected carrier network or an out-of-network carrier network based on one or more call parameters received with the inbound call, and determining whether to transmit an indication to the mobile device that the inbound call has an elevated likelihood of being a scam call based on the inbound call origination source location.

One example method of operation may include determining a call received from a calling party and intended for a subscriber device has an elevated likelihood of being a scam call, determining a percentage of calls over a current period of time being filtered as scam calls by a carrier server, when the percentage of calls being filtered as scam calls during the current period of time is above a call threshold percentage, retrieving call history information associated with a subscriber profile of the subscriber device, identifying one or more call patterns from the call history information of the subscriber profile corresponding to the received call, and determining whether to permit the received call based on the identified one or more call patterns.

A system and method may identify a fraud ring based on call or interaction data by analyzing by a computer processor interaction data including audio recordings to identify clusters of interactions which are suspected of involving fraud each cluster including the same speaker; analyzing by the computer processor the clusters, in combination with metadata associated with the interaction data, to identify fraud rings, each fraud ring describing a plurality of different speakers, each fraud ring defined by a set of speakers and a set of metadata corresponding to interactions including that speaker; and for each fraud ring, creating a relevance value defining the relative relevance of the fraud ring.

A contact center server enables a contact center engagement between a device of a contact center agent and a device of a contact center user. At some point during the contact center engagement, the contact center server restricts access by the device of the contact center agent to media from the device of the contact center user based on a request prompted to the contact center user during the contact center engagement. The contact center server reenables the access based on a verification of information obtained from the device of the contact center user responsive to the request.

Methods and apparatuses for managing spoofed calls to a mobile device are described, in which the mobile device receives a call transmitted over a cellular or mobile network. The call may include a set of information associated with the network, such as a geological location of a device that generated the call, a hardware device identifier corresponding to the device, an internet protocol (IP) address associated with the device, or a combination thereof. The mobile device may determine whether the call is spoofed or genuine based on the set of information. Subsequently, the mobile device may assist a user of the mobile device to manage the call, such as blocking the call from reaching the user, informing the user that the call is spoofed, facilitating the user to report the call as spoofed to an authority and/or a service provider of the network.

Embodiments described herein provide for systems and methods for verifying authentic JIPs associated with ANIs using CLLIs known to be associated with the ANIs, allowing a computer to authenticate calls using the verified JIPs, among various factors. The computer builds a trust model for JIPs by correlating unique CLLIs to JIPs. A malicious actor might spoof numerous ANIs mapped to a single CLLI, but the malicious actor is unlikely to spoof multiple CLLIs due to the complexity of spoofing the volumes of ANIs associated with multiple CLLIs, so the CLLIs can be trusted when determining whether a JIP is authentic. The computer identifies an authentic JIP when the trust model indicates that a number of CLLIs associated with the JIP satisfies one or more thresholds. A machine-learning architecture references the fact that the JIP is authentic as an authentication factor for downstream call authentication functions.