According to examples, an apparatus may include a processor and a computer readable medium on which is stored machine readable instructions that may cause the processor to determine a call duration threshold assigned to an entity, in which a phone number may be associated with the entity. The processor may also track durations of one or more calls placed to the phone number, determine whether the tracked durations of the one or more calls placed to the phone number meet or exceed the call duration threshold, and based on a determination that the tracked durations meet or exceed the call duration threshold, throttle placement of an additional call to the phone number.

A system detects abnormalities in a call signal indicative of call fraud. The system includes a first device situated in an originating call network and configured to send call signals to a second device situated in a terminating call network. The first device is coupled to a first registry to which it sends the call data from the sent signals for storage as originating call records. The second device is coupled to a second registry to which it sends the call data from the received signals for storage as terminating call records. The first and second registries exchange verification requests and responses to detect whether discrepancies exist between the stored originating call records in the first registry and stored terminating call records in the second registry. The registries generate alerts based on detected discrepancies, which may be used by the devices to block the call fraud.

A machine and process for accepting customer payments and placing orders for telecommunications services is disclosed. The machine and process include a kiosk operable to accept account set-up information from an individual, accept payment from the individual, collect identifying data from the individual, and communicate with a system to activate a telecommunication account for the individual. The kiosk may be placed wherever quick telecommunication account set-up and payment verification is necessary, for example: a correctional facility or college campus.

Included are an outgoing call detection unit configured to detect an outgoing call from a first communication terminal to a second communication terminal, a connection control unit configured to cause the outgoing call detected by the outgoing call detection unit to arrive at the second communication terminal, a call duration measurement unit configured to measure a time from when a phone call is started, which is a duration of the phone call, between the first communication terminal and the second communication terminal, and a notification unit configured to transmit, when the duration measured by the call duration measurement unit exceeds a predetermined duration before the phone call ends, a predetermined notification to a third communication terminal.

The invention relates to a method (100) of detecting a soliciting telephone number that is being used fraudulently for soliciting calls to target numbers. The method (100) comprises a plurality of iterations of a detection stage (104) comprising the following steps: sending (106) a telephone call to at least one target number; receiving (108) at least one message; detecting (110) at least one soliciting number from said received message; and detecting a new target number in said received message; the method being characterized in that it includes a new iteration of the detection stage (104) using said new target number when said target number is a new number. The invention also provides a system for performing such a method (100).

In one embodiment, this invention analyzes demographic data that is associated with a specific street address when presented as an address change on an existing account or an address included on a new account application when that address is different from the reference address (e.g., a credit bureau type header data). The old or reference address and the new address, the new account application address or fulfillment address demographic attributes are gathered, analyzed, compared for divergence and scaled to reflect the relative fraud risk.

A system and method for fraud detection and management are provided. The system includes a first communication device that receives a phone call from a second communication device, wherein a call flow of the phone call comprises one or more distinct phases. The system also includes a fraud detection and management system (FDMS) platform that determines whether the phone call exceeds a predetermined risk threshold at each distinct phase of the call flow.

A machine and process for managing restrictions of a wireless device associated with an inmate service account. The machine and process include a kiosk operable to exchange data with the wireless device, including limited-use restrictions related to: an inmate associated with the inmate service account, a correctional facility, and/or a parole requirement. The kiosk may also unlock the wireless device when the inmate is released from the correctional facility by removing the limited-use restrictions from the wireless device.

A method of real-time streaming telecommunication event records. The method comprises receiving event records by a collector component executing on a computer system, storing the event records in a messaging queue by the collector component, where the messaging queue is executed on the computer system, retrieving some of the event records from the messaging queue by a producer component executing on the computer system, where each of the retrieved event records are associated with a same on-going telecommunication activity, aggregating the event records associated with the same on-going telecommunication activity by the producer into a bundle, retrieving the bundle by a consumer component executing on the computer system, formatting the bundle by the consumer component into an aggregated data record, analyzing the aggregated data record based on a predefined fraud pattern by the consumer component, and generating a billing record by the consumer component based on the aggregated data record.

Potential click fraud is determined. When a client device activates an Internet advertisement, the location of the client device is determined. Multiple activations of the same advertisement, by the client device, may indicate fraud.