BACKGROUND OF THE INVENTION Fraud costs the telecommunications industry billions of dollars per year. There are many techniques used to perpetrate fraud. The fraud can be as simple as using a stolen credit card to charge a long distance call, or it can involve sophisticated looping techniques, such as repeatedly calling a private PBX system, finding the correct sequence to access an outside line (by trial and error or other hacking techniques) and then placing a costly long distance call through the PBX system. The telecommunications industry is involved in an intensive and ongoing effort to identify different types of fraud and then to develop and implement ways of preventing such fraud.

Fraud is more costly to certain telecommunications companies than others. For example, where a fraudulent call is directed at a company that owns the underlying telecommunications infrastructure, the cost of the call is less than the cost to an independent company that incurs access charges to the owner (s) of the infrastructure supporting the call, even if the call is fraudulent. In either case, however, the cost to the industry is significant.

Particular methods of fraud control and systems for implementing them are known in the industry Fraud control may be divided conceptually into identifying a call that is likely to be fraudulent and responding after a call is identified as likely to be fraudulent.

Methods of identifying calls that are likely to be fraudulent vary from the simple to the sophisticated and are generally directed at a particular type of fraudulent activity. For example, a call is likely to be fraudulent if it is made using a calling card that has been reported stolen by the owner. A more sophisticated method and system of identifying fraudulent calls is described in U. S. Patent No. 5,768, 354, entitled"Fraud Evaluation And Reporting System and Method Thereof', which is owned by the assignee of the present invention. Fraudulent activity is identified in the'354 patent by monitoring a billing detail record created for each call. In the simple case, where the company's database shows that the billing number being used for a call has been reported lost, stolen, etc. , the billing detail record includes a header designating it is a "Dad billing number", the call is immediately identified fraudulent and an alert is generated in the system.

The'354 patent is directed at calls that require"special sewice", that is, which are placed through an operator or an automatic operation support system. Such calls generally require the caller to manually supply the billing number, such as by pressing numbers on a payphone, swiping the magnetic strip on a card or speaking with an operator. It may also require the caller to identify the category of billing product (such as credit card, calling card, pre-paid phone card) for the billing number. The category of the billing product may alternatively be identified by the system by matching all or part of the billing number with billing numbers (or ranges of billing numbers) stored in an identification database, where the stored billing numbers are correlated with the category of billing product. The identification database may also correlate a billing number with the particular type of billing product for the category. For example, where the category of the billing number is identified as a credit card, the identification database may use the billing number to further identify the type of credit card, such as Visa, Master Card, American Express, etc.

The'354 patent also identifies fraudulent activity by monitoring use of a billing number over time. For example, where the number of domestic calls placed within a certain amount of time using the same billing number exceeds a threshold, an alert is generated. International calls are similarly handled, however, the threshold may be adjusted so that fewer calls within the time period generate an alert. In addition, the threshold may be further adjusted for calls to countries where a high percentage of fraudulent calls are directed. The thresholds may also be varied by the billing product. For example, fraudulent activity may be determined to be more likely to occur on a calling card than on a third party call ; consequently, the threshold may be set lower for calling card products.

Once a call initiates an alert that the call might be fraudulent, additional activity may be taken to further examine whether the billing number is being used fraudulently, or steps may be taken to prevent further calls using the billing number. In the'354 patent, after an alarm is generated, data for prior calls charged to the billing number are sent to a fraud analyst, who analyzes that data and may determine whether or not to deactivate the card. If the decision is to deactivate the card, the'354 patent describes the analyst as setting a fraud flag. Setting of the fraud flag causes subsequent calls using this billing number to be intercepted or blocked.

There are different methods and systems for blocking or intercepting a call that is made using a flagged billing number. In a simple case where the billing product is issued by the telecommunications company (such as a calling card), the billing number can be removed from the account database of the company. When the call is placed, the system tries to verify the billing number, does not find it, and does not authorize the call. Removing a billing number from a billing number database can be a slow process, however, since it is typically processed in batches. Thus, a significant amount of time may elapse between the detected fraudulent activity and when the number is taken down. This allows fraudulent activity to persist for that billing number during that time. In addition, such a system does not work where the call is placed using a billing number that is not in the company's own system, such as a credit card.

For certain billing products, a faster method and system for blocking or intercepting a call made on a flagged billing number utilizes a billed number screening database. A billed number screening database is known for calling cards and credit card billing products. When it is determined that a calling card is being used to place fraudulent calls, a data file is created in the billed number screening database that is retrievable using the card number, thus flagging the card. Before connecting a special services call that is placed using a calling card or a credit card (either through an operator or an automatic response unit), the operator or automatic response unit checks to see if the billing number is flagged in the billed number screening database. If it has, then the call is intercepted or blocked. If not, the call is allowed to proceed.

Creation of a file (flag) for a calling card in the billed number screening database once fraudulent activity has been detected can be done within a few minutes after fraud is detected, and is immediately accessible by operators and the automatic response unit. Thus, the billed number screening database reduces the amount of time from when the fraud is detected to when the calling card is blocked or intercepted.

A difficulty arose in the prior art with storing (thus flagging) billing numbers for different categories of billing products, such as calling cards and credit cards, in the same billed number screening database. Flagged billing numbers for the various billing products were all stored together indiscriminately in the database. Thus, when the billed number screening database was checked for a call placed using a calling card or a credit card, the algorithm had to sort through a relatively large number of billing numbers to determine whether the caller's billing number was flagged in the database. This was a relatively slow and inefficient process. It also prevented expansion of the billed number screening database to include additional categories and types of billing products.

Another billing product that may be used to place special services calls is the pre-paid phone card. Pre-paid calling cards are similar to debit accounts where money is deposited in an account and calls are charged against the account number. A pre-paid calling card may be stolen and used for fraudulent calling activity. In general, the level of fraudulent activity is limited to the amount remaining in the card's account. However, in many instances, the pre-paid calling card account is linked to a customer's credit card, so that it is replenished upon the request of the user. Under these circumstances, it is possible for a criminal who has the pre-paid calling card to have the card replenished. Alternatively, such a pre-paid calling, card account can be replenished with a stolen credit card.

Pre-paid calling cards received a separate, but related type of fraud treatment in the past.

Calls placed using pre-paid calling cards were monitored for fraud and an alert was generated if fraudulent activity was detected. For example, the method described in the'354 patent was one known way of detecting fraudulent use of pre-paid phone cards. Once fraud was detected on the pre-paid phone card, an account database was accessed to determine if a credit card was linked to the account to replenish the phone card. If so, it was entered in a separate screening database for pre-paid phone cards. When a user called the account services branch of the telecommunications company to have a pre-paid calling card replenished with a credit card, the account representative would check the pre-paid phone card screening database and, if the credit card number was found in the pre-paid phone card screening database, the person was not permitted to charge or purchase the phone card.

Use of a separate database to block replenishment by use of a credit card when fraudulent activity is detected on a pre-paid phone card is inefficient. In addition, if a stolen credit card unrelated to the pre-paid phone card account is used to replenish (or create) the pre-paid phone card, it will not get blocked by the pre-paid phone card screening database. Notably, this would occur where fraudulent'calling activity had previously been detected on the credit card itself and the credit card had been flagged in the billed number screening database discussed above. (As noted, the billed number screening database was checked before connecting a special service call placed using a credit card or a calling card. It was not checked by the account services branch when a pre-paid phone card was being replenished. ) This, of course, allowed fraudulent replenishment of the pre-paid calling card which could have been blocked using internal resources. Finally, a credit card that was blocked in the pre-paid phone card screening database would not be blocked in the billed number screening database and could be used to place special services calls, even though fraudulent activity had been detected on a related pre-paid phone card.

SUMMARY OF THE INVENTION Use of separate screening databases for different billing products makes blocking or intercepting fraudulent use of billing numbers unnecessarily complex, time consuming and expensive. It also allows fraudulent use of a billing product for certain telecommunication services where that billing product is blocked in a screening database that is not invoked for those services. And, of course, not providing a method and system for blocking or intercepting fraudulent calls made using certain billing products (such as calls placed using credit cards directly) allows such calls to proceed with their attendant losses.

It is an objective of the invention to provide a method and system for blocking or intercepting fraudulent use of billing numbers, regardless of the billing product. It is an objective to provide a method and system that is comprehensive and includes all billing products, thus allowing fast and inexpensive blocking and intercepting of fraudulent use. It is also an objective of the invention to provide a comprehensive database that is generally accessed by systems or personnel in the telecommunications company that process a billing number of a billing product.

It is also an objective to organize the data in the screening database to minimize the time to check a billing number for a billing product.

In accordance with these objectives, the present invention includes a database having input that receives billing numbers that generate a fraud alert. The database is configured to store billing numbers of a multiplicity of categories of billing products. Storage of billing numbers in the database is organized by at least one indicia of the billing product for the billing number.

Thus, the database may be organized by category of billing products, such as calling cards, credit cards and pre-paid phone cards. In addition (or alternatively), the database may be organized by type of billing product.

The database interfaces and receives billing numbers as input from a computer that generates fraud alerts. The computer may have software that analyzes the billing number record of at least one prior charge to a billing number and generates a fraud alert for the billing number when a pre-defined condition is met.

The database is accessed by at least one system for checking whether a billing number tendered to or invoked via the system is in the database. The system may be an automatic response unit, a manual telephone operator console, a system that replenishes pre-paid calling cards, and/or a system that creates a new account. The service is denied if the billing number is found in the database.

BRIEF DESCRIPTION OF THE DRAWINGS Fig. 1 is a block diagram of a telephone system that includes an intelligent services network (ISN) ; Fig. I a is a block diagram of an alternative telephone system that includes an ISN; Fig. 2 is a block diagram of a first preferred embodiment of the present invention as supported by the infrastructure of an ISN; and Fig. 3 is a block diagram of a second preferred embodiment of the present invention as supported by the infrastructure of an ISN.

DETAILED DESCRIPTION Referring to Fig. 1, a representation of an underlying telephone system is shown which provides the context for the present invention. A call from an originating telephone 10 (also referred to as an originating automatic number indicator or originating ANI) is connected to an ISN 40 through a first competitive local exchange carrier 20 (CLEC) and a first bridge switch (B/S) 30. After processing, the ISN 40 routes the call to terminating telephone 70 (also referred to as an terminating automatic number indicator or terminating ANI) via a second B/S 50 and a second CLEC 60.

Depending on where the call originates and terminates, additional or alternative infrastructure may support the connection between the originating AM and the ISN and/or between the terminating ANI and the ISN. For example, as shown in Fig. 1 a, if the call is made to a terminating ANI 70a in a foreign country, the call is routed from the ISN 40a to the terminating ANI 70a through B/S 50a, international gateway switching 60a and the local switching infrastructure 65a of the foreign country. The foreign country infrastructure 65a can be comprised of a number of regional and local carriers.

The supporting, connections for a call that is placed using the ISN platform are billed to a company that owns and/or operates the ISN (referred to as the"telecornmunications company").

Thus, referring back to Fig. 1, the connection charges of CLEC 20, B/S 30, B/S 50 and CLEC 60 are the responsibility of the telecommunications company. Similarly,, the telecommunications company is responsible for the connection charges shown in Fig. 1 a, including the international gateway connection 60a and the connections 65a made in the foreign country by foreign carriers.

The telecommunications company, of course, passes these costs along to its customer, typically the caller at the originating AM For example, where the caller uses a calling card at an originating ANI that is a pay phone, the call is billed to the card account number by the telecommunications company.

However, if the call has been placed fraudulently, the telecommunications company still must pay the supporting connection charges for the call, but cannot bill a customer for the call. This is the principle cost of fraud to the telecommunications company: having to pay connection charges to other companies that support the fraudulent call. While there is also a loss to the telecommunications company for use of the ISN, the cost of internal use is small in comparison with telecommunications company's responsibility for third party connection charges.

Fig. 2 represents a preferred embodiment of a system 100 of the present invention. The system shown in Fig. 2 is part of a larger ISN platform, such as the ISN platforms represented in Figs. 1 and la. The system 100 is comprised of a local area network (LAN) 110 that interfaces with a fraud control center 120 and three sub-platforms 130a, 130b, 130c. The three sub- platforms 130a-c each have component systems that support the present invention which are substantially equivalent, and each sub-platform 130a-c provides access to the ISN platform, including processing and switching of calls.

Thus, sub-platform 130a includes an automatic response unit (ARU) 132a, a manual telecommunications operator console (MTOC) 134a and a BNS server 136a (described in more detail below) that interface via an ethernet rail 138a. Second and third sub-platforms 13Ob, 13Oc have analogous components designated with the same numbers having"b"and"c"suffixes, respectively. A special service call is received by the ISN via one of the ARUs or one of the NITOCs. Thus, for example, the call shown in Fig. 1 may be connected from the B/S 30 to the ISN 40 via one of the ARUs 132a-c or MTOCs 134a-c shown in Fig. 2. As previously noted, calls that require special services generally require the caller to manually supply a portable billing number (such as a credit card, calling card, pre-paid phone card, supplying a home phone number for a third party call, etc. ), such as by pressing numbers on a payphone, swiping the magnetic strip on a card or speaking with an operator. Special services of an ISN are typically accessed by a toll free or special access number, such as MCI Worldcomm's (800) 888-8000 access number.

Each sub-platform shown in Fig. 2 may, for example, focus on serving different geographic regions, different categories of calls, etc. Alternatively, they may be used to provide redundancy, in the event one sub-platform fails or requires maintenance. Alternatively, one or more of the sub-platforms may remain dormant until caller demand for the other active sub- platform (s) requires extra capacity.

Fraud control center 120 generates alerts and flags for all billing numbers suspected of being used to make fraudulent calls using the Sin's special services. Thus, call data received through the ARUs 132a-c or the MTOCs 134a-c is sent via the LAN 110 to fraud control center 120. Fraud control center 120 has processors and software that monitors the billing numbers used to place calls over time. Fraud control center 120 also includes analysis software that generates alerts of possible fraud based on the calling patterns, originating ANIs, terminating ANIs, etc. for calls placed on a billing number- Importantly, the fraud control center 120 receives and analyzes billing numbers for substantially all billing products that may, be used to place special services calls. Common billing products that may be used to place special service calls through an ISN include calling cards, pre-paid phone cards and credit cards. Thus, the billing numbers that the fraud control center may analyze include calling card numbers for a multiplicity of calling card products, pre- paid phone card numbers for a multiplicity of pre-paid phone products, and a number of types of credit cards.

When possible fraud is detected for a billing number, the software at the fraud control center 120 generates an alert. The data may be sent to a fraud analyst, who, after analyzing the data and/or communicating with the caller, may determine that the billing number is being used fraudulently and set a fraud flag in the system. Alternatively, the software may set a fraud flag without any further inquiry. The alerts and flags for the billing numbers may be generated, for example, by creating billing detail records and using the method and system described in the'354 patent.

As shown in Fig. 2, fraud control center 120 interfaces with a master billed number screening (BNS) database 122. All billing numbers that receive fraud flags are entered in the BNS database 122. Each billing number entered in the BNS database 122 is referenced by the category of billing product, such as credit cards and calling cards (as previously noted, the category of the billing product is normally identified by the caller when placing the special service call). The billing number is also further referenced in the database by the particular type of billing product for the category. For example, where the category of the billing product for a billing number is a credit card, the type may be Master Card, American Express, Visa, etc.

Where the category of the billing product for a billing number is MCI calling cards, for example, the type may be MCI Card, Telecom USA Card, PSCC Card, VNET Vision, etc.

For example, fraud is detected on calls being made with a Visa credit card number 0123- 0123-0123-0] 23. The Visa credit card is the billing product and the account number 0123-0ì 93- 0123-0123 is the billing number. Category"03"is selected to reference credit cards in the BNS database 122 and type"02"is selected to reference Visa cards. Thus, the billing number 0123- 0123-0123-0123 is stored by a controller or processor in the area of the BNS database 122 database referenced by category 03, type 02. As described further below, such subdividing the billing numbers stored in the BNS database 122 according to category and type provides faster and more reliable look-up of blocked billing numbers.

Billing numbers for pre-paid phone cards that generate fraud flags are not directly entered into the BNS database 122. The outstanding balance on a phone card is finite and is pre-paid to the ISN company. Thus, there is greater benefit to blocking use of a credit card to re-charge the phone card. Accordingly, for pre-paid phone cards that generate a fraud flag, the fraud control center 120 looks up the pre-paid phone card account in a general billing number (account) database to determine whether a credit card is used to charge the phone card. If so, the credit card number is entered in the BNS database 122, likewise referenced by the category number for credit cards and the type number for the particular card, as described above.

The BNS database 122 thus contains billing numbers that are flagged for fraud, stored according to category and type of billing product. (The entry of a billing number in the BNS database 122 may itself be considered"flagging"the billing number. ) Once it is determined that a billing number is being used fraudulently, the entry of the billing number in the BNS database 122 may be executed in real time: If software in the fraud control center 120 directly determines that the card is being used fraudulently, the computer electronically transmits the billing number, category and type for storage in the BNS database 122. If a fraud analyst makes the final determination, then the software allows the fraud analyst to view the billing number data on a display screen, and provides the operator with a key, icon or equivalent to electronically transmit the billing number, category and type for storage in the BNS database 122. Thus the BNS database 122 is continuously updated with fraudulent billing numbers as soon as they are identified.

The BNS database 122 is used as the principle database for blocking or intercepting fraudulently placed calls. Referring again to Fig. 2, newly identified fraudulent billing numbers that are stored in master BNS database 122 (referenced by category and type) are also sent to BNS servers 136a-c for the first, second and third sub-platforms over the LAN 110. BNS servers 136a-c also store the billing numbers by category and type. Thus BNS servers 136a-c duplicate the data found in the BNS database 122. Similar to BNS database 122, the BNS servers 136a-c are updated with billing numbers identified as being used fraudulently within minutes of their identification. Because the BNS servers 136a-c are updated over the LAN 110, there may be a slight time delay between when the BNS database 122 is updated with billing numbers that are newly identified as being used fraudulently and when the BNS servers 136a-c are updated with those numbers. Also, the system software may send newly identified numbers to the BNS servers 136a-c in batches after a short period of time, in order to simplify management by the LAN. However, like the BNS database 122, the BNS servers 136a-c are effectively updated immediately after the fraud is detected.

A call that is placed using the special services of the ISN may be connected through CLEC 20 and B/S 30 shown in Fig. 1. It may be received at the ISN via an ARU or an MTOC.

The ARU and MTOC are generally computer based systems. For example, a call placed using a particular billing number may be received and processed by ARU 132a of the first sub-platform 130a shown in Fig. 2. Before the call is connected, ARU 132a accesses BNS server 136a via the ethemet rail 138a to determine if a fraud flag exists for the billing number. The billing number is looked up according to category and type of billing product in the database of the BNS server 132a. Because billing numbers are stored in the BNS server 132a by category and type of billing product (like the BNS database 122 and the other BNS servers 132b-c), the look-up is quicker since it is not compared with billing numbers for other products. If the billing number is found in the BNS server database for the category and type of billing product, then a message is sent to the ARU 132a to block the call or to have an operator intercept the call and make further inquiry.

If not, the call is connected. The billing numbers for all special service calls received by the ISN via one of the ARUs 132a-c or one of the MTOC's 134a-c are checked against the billing numbers for the category and type in the respective BNS server 136a-c.

In the example described above'of fraud detected on calls being made with Visa credit card number 0123-0123-0123-0123, the credit card is flagged for fraud in the BNS database 122 by storing billing number 0123-0123-0123-0123 in category 03, type 02 of the BNS database 12 ?. As also noted above, this billing number is rapidly distributed to the BNS servers 136a-c, where it is also stored according to category and type. If ARU 132a (for example) receives a call placed using Visa credit card number 0123-0123-0123-0123 after it has been flagged in the BNS database 122 and BNS servers 138a-c, then the check of BNS server 136a for Visa credit card (i. e., category 03, type 02) having billing number 0123-0123-0123-0123 will reveal it has been flagged and the call is either blocked or otherwise intercepted by the ARU 132a.

As previously noted, the second and third sub-platforms 130b, 130c have analogous components to sub-platform 130a. Thus, second and third sub-platforns 130b, 130c also have an ARU 130b, 130c, MTOC 134b, 134c, BNS server 136b, 136c and interfacing ethernet rail 138b, 138c. These additional sub-platforms can serve different regions, provide extra calling capacity, etc. Thus, a special service call may be received by the ISN via any ARU 132a-c or MTOC 134a-c, and a fraud look-up will take place for the billing number using the BNS server 136a-c for the sub-platform. The call will be blocked or intercepted if a billing number for the category and type of billing product is found in the BNS server 136a-c, or will be connected if it is not.

The BNS database 122 (and the BNS servers 136a-c) is a centralized blocking database for the ISN that is rapidly updated and provides an immediate block of a fraudulently identified billing number. It provides blocking data for all billing numbers, organized by category and type of billing product.

In addition, the BNS database 122 (or the BNS servers 136a-c) is not simply used to block calls, but is used to block other frauds that are perpetrated via the ISN. The BNS database 122 may be consulted by any system in the telecommunications company where a billing product is tendered or invoked. In particular, it may be used by the customer service operations when a person attempts to create or replenish an account using a billing product.

For example, for pre-paid calling cards that generate fraud flags described above, the credit card used to charge the calling card is flagged in the BNS database 122 by billing number, category and type. When distributed to the BNS servers 136a-c as described above, the credit card will be effectively blocked for direct use in placing special service calls. In addition, when a person attempts to charge a pre-paid phone card, the billing number being used to charge the card may also be checked against the BNS database 122. If the billing number is found listed for the category and type of the billing product in the BNS database 12 ?, then the charge is denied.

Similarly, billing numbers that are used to open accounts, such as a pre-paid phone card account or even a wired telephone number, may also be checked against the BNS database before it is opened. If the billing number is found listed for the category and type of the billing product in the BNS database 122, then the account is not opened. Thus, the BNS database can eliminate fraudulent accounts before their inception.

Some or all of the information in the BNS database may also be shared or licensed to third parties, such as the companies issuing the credit cards that have been flagged as fraudulent.

Thus, the BNS database may be used by the ISN to block fraudulent calls and may also be used by credit card companies to block other use of flagged cards.

The preferred embodiment shown in Fig. 2 and described above includes first through third sub-systems 130a-c that each use a separate BNS server 136a-c to determine whether the call should be connected or blocked. As noted, the three sub-systems can provide service to separate geographical regions, provide extra capacity, and/or provide redundancy. However, the present invention may also be supported by other system configurations, such as the more simplified system shown in Fig. 3. The system 100x of Fig. 3 is comprised of an ARU 132x, an MTOC 134x, fraud control center 120x and BNS 122x that interface via ethernet rail 138x.

(BNS 122x is depicted as interfacing with fraud control center 120x because in general the master (and in this case, the only) BNS database 122x will be located in the same physical facility as the fraud control center 120x. However, the ARU 132x and the MTOC 134x may access the BNS database 122x as if it were connected directly to the ethernet rail 138x.) The system of Fig. 3 functions in the same manner as the system of Fig. 2, except that the three sub-systems of Fig. 2 are effectively replaced by one ARU 132x and one MTOC 134x.

The BNS server is eliminated since the ARU 132x and MTOC 134x directly access the BNS database 122x in the fraud control center 122x. Thus, the fraud control center 120x generates alerts for potential fraudulent use of billing numbers and fraud flags for the billing numbers are created in the BNS database 122x, referenced by category and type of billing product. The ARU 132x or the MTOC 134x receive and process special service calls, including checking whether the billing number for the category and type of billing product being used for the call is found in the BNS database 122x. If so, the call is blocked or otherwise intercepted. If not, the call is connected. Other systems in the telecommunications company, such as the system (s) 140x that serve the customer service operations, may also access the BNS database 122x whenever a billing product is tendered or invoked.

While this invention has been described in connection with what is presently considered to be the most practical and preferred embodiment, it is to be understood that the invention is not limited to the disclosed embodiment, but, on the contrary, it is intended to cover various modifications within the spirit and scope of the appended claims.