Login| Sign Up| Help| Contact|

Patent Searching and Data


Title:
METHOD AND SYSTEM FOR SECURE REDIRECTION OF INCOMING AND OUTGOING MULTIMEDIA SESSIONS OVER A DATA NETWORK
Document Type and Number:
WIPO Patent Application WO/2007/010541
Kind Code:
A2
Abstract:
The present invention presents a method and system for enabling users to communicate over telephony and WWW networks, comprising: (a) one or more community servers connected to the WWW network for receiving and redirecting calls from a caller to a called party, wherein at least the caller is a registered user; (b) a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through said one or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; and (c) a plurality of users' phones, each comprising a corresponding client node device or connected to said corresponding client node device for communicating over the telephony and WWW networks. The present invention further relates to methods for: (a) determining a best available communicating route for transferring a call between a caller and a called party over a telephony and WWW networks; (b) providing a secure registration of users over telephony and WWW networks; (c) providing secure authentication of registered users over telephony and WWW networks; (d) sharing communication resources over telephony and WWW networks to provide the best available communication route; (e) providing a SPAM control over telephony and WWW networks; (f) providing a multilingual answering machine service over telephony and WWW networks; and (g) providing a secure eCommerce service over telephony and WWW networks.

Inventors:
NISENBLAT, Pol (39/49 Soroka Moshe Street, Haifa, 34759, IL)
EFRATI, Ofir (Pardess Meshutaf Street, Raanana, 43355, IL)
Application Number:
IL2006/000846
Publication Date:
January 25, 2007
Filing Date:
July 20, 2006
Export Citation:
Click for automatic bibliography generation   Help
Assignee:
BACKVON LTD. (5 Haatzma'ut Street, Raanana, 43461, IL)
NISENBLAT, Pol (39/49 Soroka Moshe Street, Haifa, 34759, IL)
EFRATI, Ofir (Pardess Meshutaf Street, Raanana, 43355, IL)
International Classes:
H04J4/00
Foreign References:
US6282281B1
US6701303B1
Attorney, Agent or Firm:
LUZZATTO, Kfir et al. (P.O. Box 5352, Beer Sheva, 84152, IL)
Download PDF:
Claims:

Claims

1. A system for enabling users to communicate over telephony and WWW networks, comprising: a. one or more community servers connected to the WWW network for receiving and redirecting calls from a caller to a called party, wherein at least the caller is a registered user; b. a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through said one or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; and c. a plurality of users' phones, each comprising a corresponding client node device or connected to said corresponding client node device for communicating over the telephony and WWW networks.

2. System according to claim 1, further comprising a plurality of personal computers for communicating over the telephony and/or WWW networks, each connected to its corresponding client node device.

3. System according to claim 1, wherein the WWW network is selected from one or more of the following: a. the Internet; b. a VoIP network; and c. a peer-to-peer network.

4. System according to claim 1, wherein the telephony network is selected from one or more of the following:

a. a PSTN network; and b. a cellular network.

5. System according to claim 1, wherein the client node device is a software device.

6. System according to claim 1, wherein the client node device is a hardware device.

7. System according to claim 5, wherein the client node device is installed within a personal computer or a mobile device.

8. System according to claim 6, wherein the client node device is installed within an ATA box.

9. System according to claim 1, wherein the community server further comprises a proxy server for routing incoming and outgoing calls from one user to another.

10. System according to claim 1, wherein the community server further comprises a VoIP gateway server for communicating with other community servers and for communicating with clients node devices.

11. System according to claim 1, wherein the community server further comprises a registration and authentication server for registering and authenticating each user, and for verifying his identity.

12. System according to claim 1, wherein the community server further comprises an attribution server for instructing client node devices to access their corresponding community servers.

13. System according to claim 1, wherein the community server further comprises a conference server for handling conference calls.

14. System according to claim 1, wherein the community server further comprises a mail server for receiving and storing messages received from the client node devices.

15. System according to claim 1, wherein the community server further comprises a SPAM server for SPAM detection and filtration.

16. System according to claim 1, wherein the community server further comprises an answering machine server for providing an answering machine services.

17. System according to claim 1, wherein the community server further comprises a Web server for providing to each user one or more WEB sites.

18. System according to claim 1, wherein the community server further comprises a calls history server for storing all incoming and outgoing calls.

19. System according to claim 1, wherein the community server further comprises a fax and recording server for recording received voice messages, for receiving fax messages and converting them to email messages to be sent to the called party.

20. System according to claim 1, wherein the community server further comprises a database for storing one or more profiles of client node devices and their corresponding registered users.

21. A method for determining a best available communicating route for transferring a call between a caller and a called party over a telephony and WWW networks, wherein at least the caller is a registered user, comprising: a. providing one or more community servers connected to the WWW network for receiving and redirecting calls from the caller to the called party; b. providing a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through said one or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; c. providing a plurality of users' communication devices, each comprising a corresponding client node device or connected to said corresponding client node device for communicating over said telephony and/or WWW networks; d. calling the called party by sending a predefined sequence using the caller's communication device, said communication device comprising its corresponding client node device or connected to said corresponding client node device; e. receiving said predefined sequence by means of the community server, to which said corresponding client node device is connected; f. if the called party is a registered user, then identifying said user by analyzing his profile stored within his corresponding community server over said WWW network and transferring the call to one or more communication devices of said registered user; and

g. if the called party is an unregistered user, then determining his location, and selecting the best communication route according to a list of communication providers and their tariffs stored within said community server.

22. Method according to claim 21, further comprising providing a predefined sequence as a mail tag.

23. Method according to claim 21, further comprising providing a predefined sequence as a fax.

24. Method according to claim 21, further comprising providing a predefined sequence as a multimedia message.

25. Method according to claim 21, further comprising providing a predefined sequence as a voice message.

26. Method according to claim 21, further comprising providing the communication device from one or more of the following: a. a PSTN phone; b. a cellular phone; c. a personal computer; and d. a PDA.

27. Method according to claim 21, further comprising communicating with the client node device using the communication device by means of WLAN and/or WWAN communication.

28. Method according to claim 21, further comprising determining the best available communication route in terms of call charges.

29. Method according to claim 21, further comprising determining the best available communication route in terms of the quality of service.

30. A method for providing a secure registration of users over telephony and WWW networks, comprising: a. providing one or more community servers connected to the WWW network for receiving and redirecting users' calls; b. providing a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through said one or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; c. providing a plurality of users' communication devices, each comprising a corresponding client node device or connected to said corresponding client node device for communicating over the telephony and/or WWW networks; d. establishing a secure connection with the corresponding community server by means of an unregistered client node device; e. retrieving the identification data of said unregistered client node device by means of said community server; f. building within said community server a profile(s) of one or more users connected to said unregistered client node device; g. selecting one or more registered client node devices to receive a call from said client node device for determining its phone number; h. issuing a secure certificate for said unregistered client node device based on the determined phone number by means of

said community server using a secure key generated by said community server; and i. transferring said secure certificate to said unregistered client node device that becomes registered upon receiving said key.

31. A method for providing a secure authentication of registered users over telephony and WWW networks, comprising: a. providing one or more community servers connected to the WWW network for receiving and redirecting users' calls; b. providing a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through said one or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; c. providing a plurality of users' communication devices, each comprising a corresponding client node device or connected to said corresponding client node device for communicating over the telephony and/or WWW networks; d. establishing a secure connection with the corresponding community server by means of the registered client node device; e. retrieving the identification data of said registered client node device along with its secure certificate by means of said community server; f. verifying said secure certificate by comparing it to the same stored within a profile of said client node device, said profile stored within said community server; and

g. if said certificates are identical, then authorizing said client node device to receive calls over telephony and/or WWW networks.

32. A method for sharing communication resources over telephony and WWW networks to provide the best available communication route, comprising: a. providing one or more community servers connected to the WWW network for receiving and redirecting users' calls; b. providing a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through said one or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; c. providing a plurality of users' communication devices, each comprising a corresponding client node device or connected to said corresponding client node device for communicating over the telephony and/or WWW networks; and d. sharing communication resources of the client node devices of registered users for transferring calls thought said client node devices over said telephony and/or WWW networks to achieve the best available communication route.

33. Method according to claim 32, further comprising achieving the best available communication route in terms of call charges.

34. Method according to claim 32, further comprising achieving the best available communication route in terms of the quality of service.

35. A method for providing a SPAM control over telephony and WWW networks, comprising: a. providing one or more community servers connected to the WWW network for receiving and redirecting calls from a caller to a called party; b. providing a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through said one or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; c. providing a plurality of users' communication devices, each comprising a corresponding client node device or connected to said corresponding client node device for communicating over the telephony and/or WWW networks; d. receiving a call from said caller by means of the called party communication device; and e. inserting the caller's identification data into a black or white list before accepting the call, during the call or after terminating the call by pressing one or more predefined buttons on said called party communication device and reporting to the corresponding community server accordingly.

36. A method for providing a multilingual answering machine service over telephony and WWW networks, comprising: a. providing one or more community servers connected to the WWW network for receiving and redirecting calls from a caller to a called party; b. providing a plurality of client node devices, each provided to one or more users for enabling said users to communicate with

other registered or unregistered users through said one or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; c. providing for each registered user a list of preferred languages, said list stored in a profile of said each registered user within user's corresponding community server; and d. activating answering machine service when said called party is unavailable and introducing to said caller a recorded voice message in the language that is preferred by said caller and said called party according to their lists of preferred languages.

37. A method for providing a secure eCommerce service over telephony and WWW networks, comprising: a. providing one or more community servers connected to the WWW network for receiving and redirecting calls from a caller to a called party; b. providing a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through said one or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; c. providing a plurality of users' communication devices, each comprising a corresponding client node device or connected to said corresponding client node device for communicating over the telephony and/or WWW networks; d. connecting to a seller Web site and selecting one or more products to be purchased;

e. requesting a transaction authorization code from the buyer's community server by means of the buyer's communication device for processing the payment; f. receiving said transaction authorization code by means of said buyer's communication device and inserting it in a corresponding text field within seller's Web site; and g. authorizing the product(s) purchase and, optionally, sending said one or more products to buyer's address indicated within his profile stored in said buyer's community server.

38. System according to claim 1, wherein the communication between each client node device and each community server is secure.

39. Method according to claim 35, further comprising blocking the caller by one or more community servers according to the reports received from the client node devices.

Description:

METHOD AND SYSTEM FOR SECURE REDIRECTION OF INCOMING AND OUTGOING MULTIMEDIA SESSIONS OVER A

DATA NETWORK

Field of the Invention

The present invention relates to voice and video communication over a data network, such as the Internet. More particularly, the invention relates to a method and system for providing secure redirection of incoming and outgoing multimedia sessions (calls) over the wired, wireless and WWW (World Wide Web) networks.

Background of the Invention

Throughout this specification, the following definitions are employed:

Peer-To-Peer Network (or P2P); is a computer network in which each workstation has equivalent capabilities and responsibilities. This differs from client-server conventional networks, in which some computers are dedicated to serving the others. P2P computer network relies on the computational power and bandwidth of the participants in the network rather than on a relatively low number of servers, as conventional networks do.

Session: is either a lasting connection using the session layer of a network protocol or a lasting connection between a user (or a user agent) and a peer, typically a server, usually involving the exchange of many packets between the user's computer and the server.

Session Initiation Protocol (SIP): is a protocol for initiating, modifying, and terminating an interactive user session that involves multimedia elements such as video, voice, instant messaging, online games, virtual

reality, etc. It is one of the signaling protocols for the VoIP (Voice over IP (Internet Protocol)).

SIP Phone: is a VoIP telephone based on the SIP protocol.

Virtual Private Network (VPN): A virtual private network is a private communications network usually used within a company, or by several different companies or organizations to communicate over a public network. VPN message traffic is carried on public networking infrastructure (e.g. the Internet) by using standard (often insecure) protocols, or over a service provider's network providing VPN service guarded by well-defined Service Level Agreement (SLA) between the VPN customer and the VPN service provider.

Broadband internet connection has become a leading factor of the communication revolution widely evolved within the last decade. Millions of householders and most of all small to large-scale businesses are subscribed to always-on broadband internet connection services, such as those based on DSL (Digital Subscriber Line), cable, fiber, wireless or PLC (Power Line Communication) communication. Although, being connected by broadband service means to be able to maintain significantly high speed data communication with any other network participant anywhere on the globe, most of the voice communication sessions are still initiated using PSTN (Public Switched Telephone Network) or cellular (such as the GSM (Global System for Mobile Communications)) services.

In the last years, the VoIP service has become an attractive alternative to the conventional PSTN service due to its flat rates (no per minutes charges) and almost unlimited list of possible add-on features like video and voice conversations, voice mail, multi-channel conversations, etc. The conventional VoIP service, which has been available for already more than a

decade, can be denoted as a "software VoIP service". The most popular software VoIP services are "SKYPE ® ", "MSN ® Messenger", "ICQ ® ", while there are plenty of others less familiar. However, they are all suffering from the same drawbacks:

• The free conversation requires additional information about the user, such as user's nickname, a network type, etc.

• Some of the services involve exposure of IP address to the rest of the network, which puts user's personal computer under potential threats and privacy intrusion.

• The service involves personal computer presence; the computer must be switched on during the conversation.

• The service requires some minimal computer skills.

• The free conversation can be made only between two service members who are logged in and online.

• These services are grasped by the users themselves as a nonprofessional service due to the facts that availability of called party (even if being a user of the same service) is relatively low and emergency calls are not supported (i.e. in the United States "911" services).

In addition, the emerging market of the "software VoIP service" is gradually making a shift toward P2P (Peer-to-Peer) VoIP, an architecture which makes use of the client's personal computer as a resource for the whole network, and therefore impairs the privacy and user's security of the personal computer of the users.

A more controlled and secured conventional method for conducting VoIP conversation is the hardware VoIP solution service, which is also widely available today. The service is similar to the regular PSTN phone service: a unique number is assigned as an identifier to each user, and also each user is provided with a special VoIP phone device or VoIP adapter. The

conversations inside the same network (the same vendors of VoIP devices) are usually free, since it requires using IP network only such as the Internet. If a VoIP user placing a call to the non-member phone number, the connection is performed using the IP network up to the closest to end point area, and then the rest of the connection is done by placing a call using PSTN network at the short distance rate. This technique of a partial VoIP call is called a "call completion" or "call out". The hardware VoIP service has valuable advantages over PSTN solution especially for middle to large businesses and incorporate communication schemes. Long distance communication rates are most likely cheaper compared to regular phone rates, so the service can be attractive to householders as well. However, the conventional hardware VoIP solutions still have some significant drawbacks:

• Users need to pay a basic flat rate monthly fee for the service usually covering limited areas/countries. For international calls, an extra fee is required (per minute rate, similarly to the PSTN).

• The connection point is virtual or "location free". Any time the user makes a call, he dials a full phone number including the country and area code, since the service server does not know where the user is located. The same reason prohibits usage of location-dependent emergency services like "911" and some toll free numbers.

In addition, in a typical hardware VoIP solution, most of the telephony services are integrated as part of the local phone/equipment, making it relatively expensive.

Technically, the user who is connected to conventional PSTN network, cellular network and the Internet can select three different options for making an outgoing voice call:

(i) to make a call over the PSTN line;

(ii) to make a call over using cellular line;

(iii) to have a voice conversation by using VoIP dedicated software (installed on a personal computer) and/or additional hardware connected to said personal computer, such as a USB (Universal Serial Bus) VoIP phone; and

(iv) to have a voice conversation by using a conventional hardware VoIP service provided by a VoIP vendor, such as the Vonage™ company located in United Sates.

Even if using the PSTN service only, it can be relatively complicated. Typically, the user can choose different carriers by dialing some prefix before the destination phone number, or even using a calling card, which requires dialing a different number first for getting an access to the desired destination. Although, the cost of conversation can significantly vary between the above options (points i, ii and iii), the decision of which connection to use can be difficult for the user. In practice, most of the small to large businesses worldwide are employing both PSTN and broadband internet connections, and almost all of the voice communication to the business and between the businesses are performed with an intensive usage of expensive PSTN.

Further, according to the prior art, a user selects a desired carrier/vendor for each communication session to be established. The user's decision can be based on selection of the cheapest vendor or on the vendor providing the best voice quality. In addition, the user can decide to select a vendor according to specific services provided by said vendor. When such user establishes a session, the user selects the appropriate vendor from a list of those vendors with whom he has a communication agreement and according to his decision at the time of the session establishment. For example, a user may own one or more calling cards, where the use of each one of these cards is optimized for different purposes based on: the time of each communication

session, the calling party location, the called party location, a communicating device type (e.g. a cellular phone, wireless PDA (Personal Digital Assistant), a PSTN phone), etc. The following example lists alternatives that a user needs to deal with when trying to establish a phone call based on the minimal cost:

• Select a service provider among several providers;

• Select a fee plan among several fee plans where each plan uses different fee criteria (e.g. the time of each phone call, call destination, etc.).

• Select the best communication device for establishing cheapest phone calls (e.g. a cellular phone, wireless PDA (Personal Digital Assistant), PSTN phone, PC (Personal Computer)).

• Use a preset calling card dealing number.

• Use a selected prefix code for communicating through a preferred vendor.

• Dial an access code number in order to reach the selected service provider.

Thus, the prior art fails to teach providing a system that enables users automatically establish optimized communication sessions without the need to manually select desired parameters.

In addition, user's identification and secure authentication is one of the most important tasks of any service provider. It becomes critical for services that have per-usage charge, such as telephony, cable television and variety of other services offered over data networks, such as the Internet. The prior art fails to prevent identity thefts and malicious frauds that are the most dangerous "enemies" of any service provider.

Further, the VoIP communication raises significant privacy and security issues, involving a possible risk of undesirable incoming communication

calls (SPAM), computer intrusions and attacks that may cause damage, identity thefts and various privacy violations. The prior art VoIP communication, including SIP and P2P networks, cannot provide valuable protection to their users from SPAM and possible network attacks. In most cases, users' IP addresses are exposed during each communication session that can originate from an untrusted source. The conventional SPAM prevention systems are implemented as smart logic devices placed at the input of the user system for blocking undesirable messages/VoIP calls. The SPAM prevention system detects annoying sources, for example, by analyzing the content of the message or by identifying a "black" list source (prohibited source), etc. The conventional SPAM prevention systems block SPAM messages/VoIP calls at the destination rather than at the source. Thus, an email/VoIP call can be faked at the source by changing the ID (Identification) number/IP address of said source and thus bypassing the "black" lists. Therefore, there is a need to provide a system that blocks SPAM messages /VoIP calls at the source.

In prior art conventional communication systems, the voice messages such as welcome messages, auto -answering machine messages, voice operated services, etc. are usually stored and presented to the caller in the most common language according to the called party settings. For example, the Spanish American who speaks English and Spanish would setup his answering machine to play an English welcome message, since English is the most common language in United States. Thus, it can confuse his Mexican friend, calling from Mexico, -who does not speak English. A further example, if a person who speaks English calls his friend in Japan, then listening to a message in Japanese can confuse him. The prior art systems rather consider the called party preferences than the caller preferences and are fully based on the called party settings. However, as said, it is confusing and often does not answers the caller needs. Thus, there is a need to provide

a method and system that enables the caller to set a preferred language for introducing to him stored voice messages.

Further, one of the main problems in eCommerce is securing private information during online purchases. Usually a user who wishes to make an online purchase needs to provide some private information, such as to enter his personal details and credit card number, which sometimes allows the sellers to trace said user's details or in more extreme cases allows to fake sellers' sites and malicious use of user's private information. On the other hand, the seller needs to obtain information about the user, so he can be sure that the user's credit card is valid. The prior art conventional eCommerce systems have failed to provide sufficient solutions that ensure users' privacy.

Therefore, there is a continuous need to overcome the above prior art drawbacks.

It is an object of the present invention to provide a method and system for enabling secure communication of users over a data network, such as the Internet, PSTN, cellular network, etc.

It is another object of the present invention to provide a method and system for providing smart redirection of incoming and outgoing multimedia sessions over the wired, wireless and WWW networks (such as the Internet).

It is still another object of the present invention to provide a method and system for providing smart redirection of multimedia sessions by determining the most cost effective network or by determining the optimal voice quality route.

It is still another object of the present invention to provide a method and system for enabling centralized, automatic and secure telephony and internet resource sharing.

It is still another object of the present invention to provide a method and system for communicating over a data network, wherein users are always connected to said network, thus enabling keeping a real-time track of each user connection status and location.

It a further object of the present invention to provide a method and system for enabling secure authentication and registration of users and enabling secure multimedia data transmission over a data network for preventing connection of fraud users.

It is still a further object of the present invention to provide a method and system for controlling incoming or outgoing calls, such as SPAM calls, blocking outgoing calls to certain destinations, blocking calls over specific networks, etc.

It is still a further object of the present invention to provide a method and system for blocking SPAM messages/VoIP calls at a source rather than at a destination.

It is still a further object of the present invention to provide a method and system for multilingual voice messaging according to the calling party preferences.

It is still a further object of the present invention to provide a method and system for enabling users to make secure eCommerce/eTrading.

It is still a further object of the present invention, to provide a method and system in which the seller can publish his merchandise on his personal Web site without the need to use central ecommerce publishing Web sites (such as eBay®) and without the need to verify buyer's personal information (such as his name, billing address, credit card number).

It is still a further object of the present invention, to provide a method and system in which the buyer does not need to provide his personal information (such as his name, billing address, credit card number) to make the online purchase.

It is still a further object of the present invention to provide a method and system, which is relatively inexpensive.

It is still a further object of the present invention to provide a method and system, which is user friendly.

Other objects and advantages of the invention will become apparent as the description proceeds.

Summary of the Invention

The present invention relates to a method and system for providing secure redirection of incoming and outgoing multimedia sessions (calls) over the wired, wireless and WWW networks (such as the Internet).

A system for enabling users to communicate over telephony and WWW networks comprises: (a) one or more community servers connected to the WWW network for receiving and redirecting calls from a caller to a called party, wherein at least the caller is a registered user; (b) a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through said one

or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; and (c) a plurality of users' phones, each comprising a corresponding client node device or connected to said corresponding client node device for communicating over the telephony and WWW networks.

Preferably, the system further comprises a plurality of personal computers for communicating over the telephony and/or WWW networks, each connected to its corresponding client node device.

Preferably, the WWW network is selected from one or more of the following: (a) the Internet; (b) a VoIP network; and (c) a peer-to-peer network.

Preferably, the telephony network is selected from one or more of the following: (a) a PSTN network; and (b) a cellular network.

Preferably, the client node device is a software device.

Preferably, the client node device is a hardware device.

Preferably, the client node device is installed within a personal computer or a mobile device.

Preferably, the client node device is installed within an ATA box.

Preferably, the community server further comprises a proxy server for routing incoming and outgoing calls from one user to another.

Preferably, the community server further comprises a VoIP gateway server for communicating with other community servers and for communicating with clients node devices.

Preferably, the community server further comprises a registration and authentication server for registering and authenticating each user, and for verifying his identity.

Preferably, the community server further comprises an attribution server for instructing client node devices to access their corresponding community servers.

Preferably, the community server further comprises a conference server for handling conference calls.

Preferably, the community server further comprises a mail server for receiving and storing messages received from the client node devices.

Preferably, the community server further comprises a SPAM server for SPAM detection and filtration.

Preferably, the community server further comprises an answering machine server for providing an answering machine services.

Preferably, the community server further comprises a Web server for providing to each user one or more WEB sites.

Preferably, the community server further comprises a calls history server for storing all incoming and outgoing calls.

Preferably, the community server further comprises a fax and recording server for recording received voice messages, for receiving fax messages and converting them to email messages to be sent to the called party.

Preferably, the community server further comprises a database for storing one or more profiles of client node devices and their corresponding registered users.

A method for determining a best available communicating route for transferring a call between a caller and a called party over a telephony and WWW networks, wherein at least the caller is a registered user comprises: (a) providing one or more community servers connected to the WWW network for receiving and redirecting calls from the caller to the called party; (b) providing a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through said one or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; (c) providing a plurality of users' communication devices, each comprising a corresponding client node device or connected to said corresponding client node device for communicating over said telephony and/or WWW networks; (d) calling the called party by sending a predefined sequence using the caller's communication device, said communication device comprising its corresponding client node device or connected to said corresponding client node device; (e) receiving said predefined sequence by means of the community server, to which said corresponding client node device is connected; (f) if the called party is a registered user, then identifying said user by analyzing his profile stored within his corresponding community server over said WWW network and transferring the call to one or more communication devices of said registered user; and (g) if the called party is an unregistered user, then determining

his location, and selecting the best communication route according to a list of communication providers and their tariffs stored within said community server.

Preferably, the method further comprises providing a predefined sequence as a mail tag.

Preferably, the method further comprises providing a predefined sequence as a fax.

Preferably, the method further comprises providing a predefined sequence as a multimedia message.

Preferably, the method further comprises providing a predefined sequence as a voice message.

Preferably, the method further comprises providing the communication device from one or more of the following: (a) a PSTN phone; (b) a cellular phone; (c) a personal computer; and (d) a PDA.

Preferably, the method further comprises communicating with the client node device using the communication device by means of WLAN and/or WWAN communication.

Preferably, the method further comprises determining the best available communication route in terms of call charges.

Preferably, the method further comprises determining the best available communication route in terms of the quality of service.

A method for providing a secure registration of users over telephony and WWW networks comprises: (a) providing one or more community servers connected to the WWW network for receiving and redirecting users' calls; (b) providing a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through said one or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; (c) providing a plurality of users' communication devices, each comprising a corresponding client node device or connected to said corresponding client node device for communicating over the telephony and/or WWW networks; (d) establishing a secure connection with the corresponding community server by means of an unregistered client node device; (e) retrieving the identification data of said unregistered client node device by means of said community server; (f) building within said community server a profile(s) of one or more users connected to said unregistered client node device; (g) selecting one or more registered client node devices to receive a call from said client node device for determining its phone number; (h) issuing a secure certificate for said unregistered client node device based on the determined phone number by means of said community server using a secure key generated by said community server; and (i) transferring said secure certificate to said unregistered client node device that becomes registered upon receiving said key.

A method for providing a secure authentication of registered users over telephony and WWW networks comprises: (a) providing one or more community servers connected to the WWW network for receiving and redirecting users' calls; (b) providing a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through said one or more community

servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; (c) providing a plurality of users' communication devices, each comprising a corresponding client node device or connected to said corresponding client node device for communicating over the telephony and/or WWW networks; (d) establishing a secure connection with the corresponding community server by means of the registered client node device; (e) retrieving the identification data of said registered client node device along with its secure certificate by means of said community server; (f) verifying said secure certificate by comparing it to the same stored within a profile of said client node device, said profile stored within said community server; and (i) if said certificates are identical, then authorizing said client node device to receive calls over telephony and/or WWW networks.

A method for sharing communication resources over telephony and WWW networks to provide the best available communication route comprises: (a) providing one or more community servers connected to the WWW network for receiving and redirecting users' calls; (b) providing a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through said one or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; (c) providing a plurality of users' communication devices, each comprising a corresponding client node device or connected to said corresponding client node device for communicating over the telephony and/or WWW networks; and (d) sharing communication resources of the client node devices of registered users for transferring calls thought said client node devices over said telephony and/or WWW networks to achieve the best available communication route.

Preferably, the method further comprises achieving the best available communication route in terms of call charges.

Preferably, the method further comprises achieving the best available communication route in terms of the quality of service.

A method for providing a SPAM control over telephony and WWW networks comprises: (a) providing one or more community servers connected to the WWW network for receiving and redirecting calls from a caller to a called party; (b) providing a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through said one or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; (c) providing a plurality of users' communication devices, each comprising a corresponding client node device or connected to said corresponding client node device for communicating over the telephony and/or WWW networks; (d) receiving a call from said caller by means of the called party communication device; and (e) inserting the caller's identification data into a black or white list before accepting the call, during the call or after terminating the call by pressing one or more predefined buttons on said called party communication device and reporting to the corresponding community server accordingly.

A method for providing a multilingual answering machine service over telephony and WWW networks comprises: (a) providing one or more community servers connected to the WWW network for receiving and redirecting calls from a caller to a called party; (b) providing a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through

said one or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; (c) providing for each registered user a list of preferred languages, said list stored in a profile of said each registered user within user's corresponding community server; and (d) activating answering machine service when said called party is unavailable and introducing to said caller a recorded voice message in the language that is preferred by said caller and said called party according to their lists of preferred languages.

A method for providing a secure eCommerce service over telephony and WWW networks comprises: (a) providing one or more community servers connected to the WWW network for receiving and redirecting calls from a caller to a called party; (b) providing a plurality of client node devices, each provided to one or more users for enabling said users to communicate with other registered or unregistered users through said one or more community servers, each client node device connected to its corresponding community server over said WWW network, wherein at least a portion of said client node devices are also connected to said telephony network; (c) providing a plurality of users' communication devices, each comprising a corresponding client node device or connected to said corresponding client node device for communicating over the telephony and/or WWW networks; (d) connecting to a seller Web site and selecting one or more products to be purchased; (e) requesting a transaction authorization code from the buyer's community server by means of the buyer's communication device for processing the payment; (f) receiving said transaction authorization code by means of said buyer's communication device and inserting it in a corresponding text field within seller's Web site; and (g) authorizing the product(s) purchase and, optionally, sending said one or more products to buyer's address indicated within his profile stored in said buyer's community server.

Preferably, the communication between each client node device and each community server is secure.

Preferably, the method further comprises blocking the caller by one or more community servers according to the reports received from the client node devices.

Brief Description of the Drawings

In the drawings:

Fig. IA is a schematic illustration of a system for providing smart redirection of incoming and outgoing multimedia sessions (calls) over wired, cellular and WWW networks, according to an embodiment of the present invention;

Fig. IB is another schematic illustration of a system for providing smart redirection of incoming and outgoing multimedia sessions over wired, cellular and Internet networks, according to an embodiment of the present invention;

Fig. 2 is a schematic block diagram of a Community Server architecture, according to an embodiment of the present invention;

Fig. 3A is a schematic illustration of a sample process for establishing a telephone call, according to an embodiment of the present invention;

Fig. 3B is a flow chart for determining the best route (the most appropriate network, called party device type within his all available communication devices, etc.) for communicating between the calling and called parties, according to an embodiment of the present invention;

Fig. 4 is a flow chart for conducting a call, initiated over a PSTN line, according to an embodiment of the present invention;

FIG 5 is a flow chart of an attribution process, according to an embodiment of the present invention;

Fig. 6A is a schematic illustration of a system for secure registration, authentication and continuous verification of user identity based on a secure data channel, according to an embodiment of the present invention;

Fig. 6B is a flow chart of connecting and authenticating an unregistered Client Node device to a Community Server, according to an embodiment of the present invention;

Fig. 6C is a flow chart of connecting and authenticating a registered Client Node device to a Home Server, according to an embodiment of the present invention;

Fig. 7 is a schematic illustration of utilizing resources of registered users for a per-usage fee by establishing an automatic VoIP communication, according to an embodiment of the present invention;

Fig. 8 is a schematic illustration of a SPAM control system, according to an embodiment of the present invention;

Fig. 9 is a schematic illustration of a multilingual messaging service, according to an embodiment of the present invention;

Fig. 10 is another schematic illustration of a system that enables its registered user to purchase services offered by other registered users of said system 10, according to an embodiment of the present invention; and

Fig. 11 is a schematic illustration of a secure eCommerce/eTrading system, according to an embodiment of the present invention.

Detailed Description of the Preferred Embodiments

The description below mainly relates to voice communication sessions. However, it should be noted that according to an embodiment of the present invention any type of session, such as a multimedia session can be established. Such sessions can be used for transferring multimedia data (video clips, movies, pictures, images, data files, etc.) over any data network(s), such as the Internet, PSTN network, cellular network, VoIP network, peer-to-peer network, etc.

Fig. IA is a schematic illustration of system 10 for providing smart redirection of incoming and outgoing multimedia sessions (calls) over wired, cellular and WWW networks, according to an embodiment of the present invention. System 10 comprises a plurality of Community Servers (CSes), such as CS 100(i), CS lOO ® , CS 100(3) and CS 100(4) spread over a data network, such as Internet 110, and a plurality of users, such as User 1, User 2 and User 3, who are connected to the Internet. In addition, each user can be connected to additional networks, such as PSTN 111 or cellular 112 networks. For example, User 1 is connected to the PSTN network by means of his telephone 121, and User 2 is connected to the cellular network by means of his conventional cell phone 122, which is connected to the Internet through WLAN (Wireless Local Area Network) 113, such as Bluetooth, Wi- Fi (Wireless Fidelity'), etc.

User 1 is connected to the Internet and to the PSTN network by means of Client Node device 101, which is a hardware device, such as a conventional ATA (Analogue Telephone Adapter) box. Client Node device 101 is a VoIP device having a PSTN gateway that allows interconnection between Internet 110, PSTN Network 111 and telephone device 121. Client Node device 101 may also include a broadband internet modem, thus providing a user with Internet broadband modem services within a single device. In addition, Client Node device 101 can comprise a router for routing IP packets and performing NAT (Network Address Translation) for providing additional security and supporting multiple devices connected to said Client Node device 101. The multiple devices can be multiple phones in a house or office. It should be noted, that according to an embodiment of the present invention, no additional hardware needs to be installed within each ATA box. There is a need to install a software component for enabling the user to use system 10.

User 2 is connected to the Internet and to the cellular network by means of Client Node device 102, which is a software logical device. Client Node device 102 is a software application installed within conventional cellular phone 122. Conventional cellular phones, especially 3G (3-rd generation) phones, usually comprise a User Interface for connecting to the Internet by using the WLAN (such as Bluetooth, Wi-Fi, etc.) communication. WLAN terminals are usually installed in public places around the world, such as in airports, train stations, restaurants, etc. allowing users to connect to the Internet from any WLAN-supported equipment.

User 3 is connected to the Internet by means of Client Node device 103, which is a software logical device, running on a laptop or a desktop computer 123. The software is either an application installed on said computer 123 or an add-on component automatically loaded from the Internet during the Web browsing (such as an ActiveX component).

Each Community Server (such as CS 100 (1 ), CS 100(2), CS 100 (3 ) and CS 100(4)), which is typically a single or multiple-computers server, holds users' settings, enables and routes communication sessions between users of system 10 according to the most cost effective network and/or according to the optimal voice quality route.

Fig. IB is another schematic illustration of system 10 for providing smart redirection of incoming and outgoing multimedia sessions over wired, cellular and Internet networks, according to an embodiment of the present invention. The Community Servers, such as CS 100(i), CS 100(2), CS 100(3) and 100(4) are connected among them, interconnecting each Client Node device, such as CN device 101, CN device 102 and CN device 103 one to another. For example, User 1 that is connected to the Internet by means of Client Node device 101, can communicate with User 2 and User 3 connected to the Internet by means of Client Node device 102 and Client Node device 103, respectively.

According to an embodiment of the present invention, the architecture of system 10 is mixed of client-server and peer-to-peer network topologies. Although, Client Node devices connected to the Internet can maintain direct peer-to-peer connections between them, each Client Node device is introduced first to the network by one of the Community Servers available. Further, the available Community Server acts as a gateway for said Client Node device.

Hereinafter, the Community Server that holds user profile related to a specific Client Node device is referred as a Home Server (HS) for that Client Node device. According to an embodiment of the present invention, the community servers are trusted domains with fixed, global IP addresses and are designed to serve a plurality of Client Node devices that are located at

the same geographical area. For example, CS 100(i) is located in Canada, CS 100(2) is located in United States, New-York, CS 100(3) is located in Israel and CS 100(4) is located in United States, Los-Angeles.

It should be noted that system 10 can employ only one Community Server that would serve all users of Client Node devices.

Fig. 2 is a schematic block diagram of Community Server 100(i) architecture, according to an embodiment of the present invention. Community Server 100(i) can be implemented on a single computer or distributed among multiple computers. Community Server 100(i) comprises Proxy Server 330 for routing call invitation messages to the called party phone; VoIP Gateway Server 340 for communicating with other Community Servers and with Clients Nodes; Registration and Authentication Server 350 for registering and authenticating each user of system 10 (Fig. IA), verifying his identification; Attribution Server 360 for instructing Client Node devices how to access their corresponding Home Servers; Conference Server 370 for handling conference calls; Mail Server 373 for receiving and storing messages (such as text, voice and multimedia messages) received from Client Node devices; SPAM Server 374 for SPAM detection and filtration, preventing undesired sessions to arrive to the called party; Answering Machine Server 375 for providing an answering machine service; Web Server 376 for providing personal/family WEB sites to users; Calls History Server 377 for storing all incoming and outgoing calls (that can be used for providing billing or statistical information to the user); Fax and Recording Server 378 for recording received voice messages (voice mail), for receiving fax messages and converting them to email messages to be sent to a designated user, etc.; and database 305 for storing profiles(such as profiles 301, 302 and 303) of Client Node devices connected to the community server, each profile related to one or more users connected to each of said Client Node devices.

As said, Community Server 100(i) is a Home Server for Clients Nodes whose profiles are stored within said Community Server. Each CN device profile holds all connected users-related information along with services provided to the users, such as account data 311, preferences 312, Voice/Video mail box 313, SPAM list and rules 314, call policies 315, Web sites 316, calls history 317 and automatic answering machine 318.

It should be noted that each Client Node device is related to one or more users and each user can have one or more Client Node devices, such as CN devices 101, 102 and 103 (Fig. IA). In addition, each profile (such as Profile 301) is related to one or more users and to one or more Client Node devices. For example, a profile can relate to a Client Node device installed within a house in an ATA (Analog Telephone Adapter) box, in which several users are defined. Each user has different dialing extension, and thus the CN device can be used for each home member (i.e., leaving messages to different family members by using different dialing extensions). In a further example, a profile relates to 2 CN devices of the same user (one installed within his cellular phone and another one in the ATA box connected to the PSTN). Thus, said user gets telephone calls either to his cellular phone or to the PSTN phone. Therefore, the received voice messages are saved within the same profile of said user.

According to an embodiment of the present invention, all Client Node devices connected to the same Community Server use the same country and area codes.

Each Client Node device profile (such as Profile 301) comprises the following users' settings and features:

(i) Each user account data 311, comprising:

• one or more phone numbers assigned to the user; Each phone number contains a country code, area code and a local phone number.

• ID (Identification) data of the Client Node device, such as the Ethernet MAC (Media Access Control) address, a serial number of said Client Node device, identification codes of the Client Node device, such as its manufacture serial number and its CPU (Central Processing Unit) ID number.

• username of the user and his personal information, such as an age, sex, etc.;

• address and contact information of said user; and

• billing information of said user.

(ii) Preferences 312 of each user, comprising:

• security rights of the user defining, for example, whether the user can modify settings of other users within the profile of a corresponding Client Node device, etc.

• privacy and security rules - to determine whether user's IPs are protected and whether sessions initiated by the user are encrypted or secured at a predefined level.

• user's login information (token, security certificates, public or private keys, etc.)

• user's specific preferences (spoken languages, templates); and

• user's address/phone book, favorites, etc.

(iii) Voice /Video mail box 313 for storing any type of multimedia data sent/received by each user, comprising:

• email;

• voice mail;

• video mail;

• fax; and

• instant messaging.

(iv) SPAM list and rules 314 of each user, comprising:

• "black" list of forbidden calling parties;

• "white" list of allowed calling parties;

• rules and conditions of approving/denying calls, such as pressing one or more predefined keys before (or during, or after) accepting the call to block said call and to insert the caller phone number in a "black" list; pressing one or more predefined keys before (or after or during) the call to allow the call and to insert the caller phone number in a "white" list.

(v) Call policies 315 of each user, comprising tables, rules and policies for various telephony services and calls redirection or forwarding, comprising:

• dial-out policy : the user can configure certain rules to limit automatic decisions of Community Servers to select the best available route for transferring the call. For example, the user can instruct the corresponding Community Server to transfer outgoing calls over a PSTN line instead of the Internet if transferring over the Internet costs more than 1 cent per minute. For another example, the user can instruct the corresponding Community Sever to send all incoming calls to user's both cell phone and personal computer (and/or PSTN phone).

• call forwarding or redirection — routine tables, policies and rules for: i. redirecting calls originating from outside system 10 to other destinations inside or outside said system 10. ii. redirecting calls originating from inside system 10 to other destinations inside or outside said system 10.

• call routing policy, such as routing calls through the most optimal path in terms of delay or voice quality.

• other rules and parameters for telephony services, such as: i. a caller ID; ii. call waiting; iii. call return; iv. call hunt, which is a conventional telephony service that "looks for" the user in deferent locations by sending incoming calls to different phone numbers with a predefined delay ; and v. a conference call.

(vi) Web site 316 of each user, allowing user to maintain within system 10:

• a secured personal web site providing an instant access to preferences 312, mail box 313, etc.

• a general-purpose web site (such as a family web site) comprising contact information, photos, etc.

(vii) Call history 317 of each user, comprising:

• a log of all outgoing and incoming calls.

• billing-related data for presenting to the user outgoing (and incoming) calls indicating the communication route, calls duration, calls charges (tariffs), involved call providers (PSTN, cellular providers). The billing-related data can further comprise recommendations showing what could be the calls charges if the communication route was different, etc.

• additional rules and parameters for providing useful information to said each user, such as statistical usage of system 10 by said user, trends, forecasts and recommendations for potential reduction of a telephony bill.

(viii) Answering Machine 318 - an automatic answering machine service for each user connected to Community Server 100(i) by one or more Client Node devices.

Account data 311 comprises one or more phone numbers of at least one user. The phone numbers are usually owned or used by the Client Node device whose settings are stored within Profile 301. Each phone number can be either a telephone number, which is used by user's PSTN line (such as line 123 (Fig. IA)) or a cellular phone number used by user's cellular phone (such as cellular phone 122 (Fig. IA)), or it can be an Internet phone number that is a number which is used by an Internet device or an internet application (such as laptop 123 (Fig. IA)).

It should be noted that each profile, such as Profile 301 can comprise more than one phone number stored within its account data 311 that are related to different Client Node devices and belong or used by the same user or a group of related users. Each phone number is used by the corresponding Community Server to address and forward incoming or outgoing multimedia sessions between other Community Servers and between other Client Node devices. Each Community Server of system 10 stores the same copy of a lookup table 319. Lookup table 319 comprises a plurality of prefix code strings enabling said each Community Server to resolve the location of the user and the IP address of the corresponding Community Server to which said user is currently connected. According to an embodiment of the present invention, each prefix code string comprises a "country + area" code and the IP address of the corresponding Community Server wherein said lookup table 319 is stored. For example, if an entry of the lookup table 319 is "972- 3" and "212.127.234.16", then it relates to the Tel-Aviv area in Israel and to the Community Server having the "212.127.234.16" IP address. According to another embodiment of the present invention, lookup table 319 can be based

on user(s) phone numbers range rather than on the "country + area" code. For example, an entry of said lookup table 319 can be "972-3-5100000 to 972-3-5159999" and "212.127.234.16", indicating users' phone numbers range and the IP address of the corresponding Community Server (to which said user(s) are currently connected), respectively.

According to an embodiment of the present invention, each Community Server is connected to all users located in the same country or city, and it stores all profiles of said users. According to another embodiment of the present invention, more than one Community Servers relate to users located in the same country or city. The reason for this can be a large number of users within the same physical location (counts/city) or usage of phone numbers by users located outside said location. In this case, the search in lookup table 319 returns more than one Community Server and then all Community Servers are queried during the attribution process described on Fig. 5.

Proxy server 330 transfers messages sent from one or more Client Node devices to CS 100(i) by using a conventional communication protocol, such as the extended SIP protocol. Proxy server 331 routes call invitation messages, according to the settings of the calling party (CN device) profile (such as Profile 301), to the called party phone by using lookup table 319. Proxy Server 330 further enables redirecting of incoming and outgoing sessions.

According to an embodiment of the present invention, each Client Node device communicates with other Client Node devices, and «ach Community Server communicates with other Community Servers and with Clients Nodes by means of VoIP Gateway Servers 340 located within each Community Server using any conventional signaling protocol, such as the SIP (Session Initiation Protocol). According to an embodiment of the present invention, for using the SIP, each Client Node device functions as a SIP

agent (relating to the end point of a logical device that allows the user to have communication sessions) and each Community Server functions as a SIP proxy server. According to another embodiment of the present invention, the ISIP communication protocol is used. Proxy Server 331, Registration Server 350 and Attribution Server 360 can use ISIP protocol, which is based on a secure channel (in contradistinction to the SIP protocol), that must have a predefined level of encryption and authentication.

VoIP Gateway Server 340 can also forward calls and process multimedia sessions outside system 10. For example, calls can be forwarded from system 10 to a PSTN or cellular network or to a VoIP network over the Internet by means of a conventional communication protocol, such as the SIP protocol. VoIP Gateway Server 340 decides (based on the data stored within user's profile) how to forward a call outside system 10: VoIP Gateway Server 340 can handle the call either by converting said call to a corresponding format of the desired external system or by forwarding it to a predefined external VoIP Gateway.

Registration and Authentication Server 350 enables registering and authenticating each user of system 10 (Fig. IA), verifying his identification.

Attribution Server 360 enables instructing each Client Node device connected to it how to access its Home Server.

Conference Server 370 enables handling conference calls without the need to install additional hardware units and/or software components on the Client Node devices. Conference Server 370 allows the user to create multiple telephone calls combining them together such that the user can hear and converse with other persons.

SPAM Server 374 performs SPAM detection and filtration, preventing undesired sessions to arrive to the called party. SPAM server 374 can keep

"white" and "black" lists for destinations that are allowed or prohibited, respectively, to initiate incoming communication sessions according to SPAM list and rules settings 314. It should be noted that "white" and "black" lists can be automatically generated and regularly updated by said SPAM Server 374.

Mail Server 373 enables receiving and storing messages (such as text, voice and multimedia messages) received from Client Node devices without the need to install and use additional hardware units and/or software components on each Client Node device.

Answering Machine Server 375 checks whether a called party is unavailable or busy and then activates an answering machine service according to user's Answering Machine settings 318. For example, the language of an answering message can be selected automatically according to the language of the calling party or according to the physical location from which the call is initiated.

WEB Server 376 is used to provide for each user a personal WEB site according to his unique identification, such as a phone number. For example, if Community Server 100(i) has a domain name "www.well_known_domain.com" and a user has a phone number "001-123- 123-1234", then user's personal web site can be located at "www.well_known_domain.com/001-123-123-1234.htm". The data relating to said user's web site (such as a link to said web site) is provided within Web site settings 316 in Profile 301 stored in Database 305. According to an embodiment of the present invention, WEB Server 376 provides call establishment by means of WEB browsing, further connecting speakerphones/headset to user's PC (Personal Computer). For example, a user surfing to "www.well_knowii_domain.com/001-123-123-1234.htm" will automatically generate a call to the desired destination (to the phone number "001-123-123-1234"). For supporting such automatic call, a

conventional active internet control (ActiveX) can be automatically downloaded (popped up) from WEB Server 376, and then the call is initiated through the user's PC. Similarly, many other features can be added. For example, a user having an email address myemail@somesite.com that defined in the profile (such as Profile 301) of the corresponding Community Server, can be reached by other users when said users surf to the following link: http://www.well_kiiown_domain.com/call_myemail@somesite.com.

According to another embodiment of the present invention, Web site software component 316 can provide local advertisements. Since Web site 316, is part of user(s) profile (such as Profile 301), the corresponding CS (such as CS lOO(i)) knows the physical area of each of its user and therefore can provide to said each user one or more local advertisements. Any user wishing to make an advertisement, for example, of a local coffee store, can add the advertising data into his Web site settings 316. Then, CS 100(i) would provide advertisements to all users physically located close to said user (within close proximity of said user, within the same city or neighborhood).

Calls History Server 377 stores all incoming and outgoing calls that can be used for providing billing or statistical information to the user.

Fax and Recording Server 378 records received voice messages (voice mail), receives fax messages and converts them to email messages to be sent to a designated user, etc.

Fig. 3A is a schematic illustration of a sample process for establishing a telephone call, according to an embodiment of the present invention. CN device 101 is a calling party and CN device 103 as a called party. CS/HS 100(i) is a Community/Home Server of CN device 101 and CS/HS 100(2) is a Community/Home Server of CN device 103. CN device 101 sends INVITE message 410 to CS/HS lOO(i) after the user dials the destination phone

number for making an outgoing phone call. The message comprises the dialed phone number. Then, the CS/HS 100(i) sends WAIT message 411 to said CN device 101. The dialed sequence (phone number) is used to resolve the full identification of the called party using user's address book, dial list or other data stored within his profile, such as Profile 301 (FIG 2). For example, the dialed sequence can be a shortcut of one or more digits (speed dialing) that is associated to an entry within the address book (or dial list), in which the full telephone number is indicated. Further, the best way to communicate with the called party is determined according to said called party profile, as shown on Fig 3B. Upon determining the best communication way, CS/HS 100(i) sends to CN device 101 the DISPLAY message 413. DISPLAY message 413 comprises an identifier (such as the phone number) and name of the called party along with a type of selected session carrier (a network selected for transferring a phone call). With receiving the same, CN device 101 can display to its user a message such as "Calling <name> by the <network>". Such message can be a voice message, such as "Please wait, calling <name> by the <network>". In addition, instead of providing to CN device 101 the called party identifier, the expected cost per minute of the current session can be provided, informing the calling party about further expenses. Depending on the way for communicating with the called party (PSTN, cellular communication, etc.), the further processing of CS/HS 100(i) can significantly vary. For example, if the PSTN communication is selected, CS/HS 100(i) instructs CN device 101 how to complete a call over the PSTN line and provides him a complete sequence of digits to be dialed (provides the full phone number of the called party). If the called party (called device) is a SIP phone, then CS/HS 100(i) operates in a way compatible with the SIP protocol, operating as a SIP proxy server. If the called party is recognized as a user of system 10 (Fig. IA) connected to CN device 103, then CS/HS 100(i) sends INVITE message 415 to CS/HS 100(2). INVITE message 415 contains the calling party data (such as the caller name, phone number, etc.) including caller's language

preferences. Then, CS/HS 100(2) determines by using its SPAM Server 374 (Fig. 2) whether the calling party is allowed to call the called party according to the settings of said called party stored within the corresponding profile of CN device 103 in CS/HS lOOrø and according to the global SPAM lists provided within SPAM Server 374 of said CS/HS 100 ® . If the caller is identified as a potential SPAMMER, then CS/HS 100(2) sends CANCEL message 416a to CS/HS 100(i) along with a cause for terminating the session. Then, CS/HS 100(i) stores the SPAM complain at the profile of the calling party within CS/HS 100(i) and transfers the "cancel" request to CN device 101. If the calling party is not identified as a spammer, then CS/HS 100(2) randomly issues a session key, which is transferred to CN device 103 along with INVITE message 416. The session key is a generated randomly at the server's side for each communication session, each session having a different key for enhancing users' security and protecting the transferred data. If CN device 103 is ready to receive the call, it replies by READY message 417. Then, READY message 417 along with the session key is transferred to CS/HS lOO(i) and in turn to CN device 101, said message comprising the actual IP addresses of CS/HS 100(2) and CN device 103. The IP address of CN device 103 can be hidden and then the communication is handled by using CS/HS 100(2) as a proxy server. The IP address can be hidden for increasing security: in that case all data (signaling signals and voice data) is routed via the server (that functions as a proxy server) in such way that the Client Node device of the caller can not determine the IP address of the Client Node device of the called party, and as a result it can not use it later for fraud or other malicious purposes. Upon receiving READY 417 message, CN device 101 establishes a secure VPN (Virtual Private Network) connection with CS/HS 100(2) and with CN device 103 according to the received IP addresses and received session key. When the connection is established, CN device 103 starts ringing and sends RINGING message 419 to CS/HS 100(2), which is in turn redirected to CN device 101. If the called party picks up the phone within the ringing time defined in his

profile within CS/HS 100(2), then CN device 103 generates OK message 420 and sends it to CS/HS 100(2) to be further transferred to CS/HS 100(i) and then to CN device 101. OK message 420 is used by CS/HS 100(i) and CS/HS 100(2) to identify the actual start of the phone conversation. Upon receiving OK message 420, CN device 101 initiates the actual VoIP conversation by using the KTP (Real-time Transport Protocol) or any other streaming protocol. OK message 420 contains an IP address of the called party that accepted the call. In case the called party picked up the phone, said IP address is of CN device 103. Otherwise, CS/HS 100(2) generates said OK message 420 putting its IP address as the called party IP address. In that case the voice conversation is established between CN device 101 and CS/HS 100(2), and Answering Machine Server 375 (Fig. 2) activates an answering machine according to Answering Machine settings 318 (Fig. 2) of the called party profile stored within said CS/HS 100(2). Then, the calling party is provided with a welcome message in the predefined language. After that, the message for the called party is recorded. The recorded message is stored in Mail Box 313 (Fig. 2) located in the called party profile within CS/HS 100(2). Upon completion of the conversation, BYE message 421 is generated by CN device 101, CN device 103 and/or CS/HS 100 (2) . BYE message 421 is sent to CN device 101, CS/HS 100(i), CS/HS lOOrø and CN device 103 to end the call session. CN device 101 can further establish an additional OK message 422 to be further send to CN device 103.

Fig. 3B is a flow chart for determining the best route (the most appropriate network, called party device type within his all available communication devices, etc.) for communicating between the calling and called parties, according to an embodiment of the present invention. System 10 (Fig. IA) automatically determines the best carrier/vendor according to settings of the calling party (the caller) stored in the profile (such as Profile 301 (Fig. 2)) within user's Community/Home Server (such as CS/HS 100(i) (Fig. 2)) without the need of said user to make a manual selection. System 10 is

constantly updated to have up-to-date carrier/vendor offerings. The user's settings according to which the best available communication route is determined, can be based on the call session charges, the best available QoS (Quality of Service) such as the voice quality, security issues, etc. Further, the user's settings can comprise data regarding user's preferred device for establishing a new session and for accepting a session established by another user. Each Community/Home Server determines the best route for each user without the need of a user to be familiar with current call (session) tariffs, discounts, security alerts, Quality of Service problems, etc.

Each Community/Home Server stores a list of all communication providers (carriers/vendors) and their tariffs per various communication plans based on: time of each call, QoS, payload (flat or based on session duration), etc. It should be noted that for conducting each session (such as a phone call), more than one vendor can be selected, and than during the session the communication is switched from one vendor to another.

Each session can be established by a user of system 10 and by a person who is not a user of said system. If the calling party is a user of system 10, then said system routes the session according to the profile of the calling and/or called party. For example, the possible call routes are:

• If the called party is also a user of system 10, then the session may be established as a VoIP session between the calling and called parties.

• If the called party is not a user of system 10 and the calling party is a user of system 10, then the calling party equipped with, a VoIP device initiates a session that propagate via the Internet through the VoIP Gateway of a specific vendor to the PSTN device of said called party.

• Session routes starts as an Internet route and is routed via another user's endpoint (such as a Client Node device). Then, from said

user's endpoint, the session is routed to the PSTN user. This enables system 10 to utilize resources of the re-routing endpoint for performing the "call completion" to the PSTN user as a VoIP Gateway (free of charge).

• If the called party is not a user of system 10, then the "call completion" may be performed via the network to which the called party is connected, assuming that system 10 has an access to this network. For example, he called party can be a PSTN user, or a Skype® user, etc.

• System 10 may forward the call to the called party through PSTN lines or cellular networks and change the prefix (such as a country code) of the dialed number in order to select the most appropriate vendor for establishing said call. For example, when a PSTN user in Israel dials a phone number in United States starting with the international extension "001", system 10 may find a better PSTN call provider (in terms of call charges and/or QoS (Quality of Service)) and then system 10 automatically changes the dialed number accordingly , for example, to "014".

• If the called party is a PSTN user but not a user of system 10, then system 10 can conduct a free local PSTN call from the calling party, by using a gateway of another user of system 10. This is done by sharing resources (one or more Client Node devices) of said another user and using his PSTN and/or cellular and/or Internet connections as described on Fig. 7 and Fig. 10. This rerouting is performed according to settings stored within calling, and/or called parties profiles (e.g. allow/disallow rerouting, a time widow during a day/month when the rerouting can take place, costs for sharing resources having PSTN and/or cellular and/or Internet connections, etc).

A user of System 10 user may own a PSTN number and to connect via his Client Node device (endpoint Gateway) to the PSTN as well as to the Internet such as User 1 on Fig. IA. Similarly, a user of system 10 user may have a Dual Mode Cell Phone (connected to the cellular and Internet networks) that can be connected to either one or more cellular network or to the Internet. There are a variety of possible route selections between a user of system 10 (a system user) and not a user of said system (a non-system user). For example, a session wherein the calling party is a non-system user, and the called party is a system user, can be routed via the PSTN network to the PSTN number of the called user's endpoint Gateway (Client Node device). If a system user (the called party) has a Dual Mode Cell Phone, his Client Node device is aware of this, and when receiving an incoming call from the PSTN line, it reroutes it via the Internet to said Dual Mode Cell Phone (since communicating over the Internet is free of charge). Thus, the established route is also much cheaper for the called party, since said called party does not have to pay for roaming of this call (the called party would pay for roaming if the cellular communication is used). The Client Node device serves as a conventional Home Location Register (HLR) for the called party, and system 10 uses said Client Node device for routing the call instead of using the Home Location Register of the cellular network, thus decreasing the overall cost for the call.

In Fig. 3B is assumed that the calling party is a user of system 10 (a system user). It is supposed, that each system user is assigned with a PSTN number. Each Home Server has a database for storing users' profiles and services that are available in the geographical area in which said users are located. System 10 (Fig. IA) automatically determines the best carrier/vendor according to settings of the calling party (the caller) stored in the profile (such as Profile 301 (Fig. 2)) within user's Community/Home Server (such as CS/HS 100(i) (Fig. 2)) without the need of said user to make a manual selection.

At step 500, CS/HS lOO(i) 401 receives a dialed sequence from CN device 101 (Fig. 3A). Then, at step 501 CS/HS 100(i) analyzes the dialed sequence (such as a phone number) for determining the called party destination data (such as the country, city, etc.) and other data (such as the called party name). If the called party is a registered user of system 10, then all data is determined from his profile stored in the corresponding Community Server. If the called party is not a registered user of system 10, then system 10 can use external services, such as ENUM (E.164 Number Mapping that is a telephone number mapping service, providing user's name according to his phone number; E.164 is a conventional telephony standard), etc. for determining the above data. The dialed sequence is compared to the speed dialing sequences (very short sequences) stored in the profile of CN device 101 within CS/HS 100(i). Some dialed sequences can be defined by the calling party as mail tags and not as telephone numbers. Thus, when the calling party dials a destination phone number, a voice message is automatically sent to the called party and no phone conversation is established. If the dialed phone number is not defined as a speed-dial number, then the number is a conventional phone number based on the conventional PSTN requirements (according to the E.164 format of telephone numbers) for the geographical location of the calling party. For example, for establishing an international call, the PSTN user dials a phone number with one or more prefixes that are recognized by CS/HS 100(i) located in user's geographical area. By recognizing those prefixes, CS/HS 100(i) converts the dialed sequence to a phone number according to the E.164 format. At step 502, the determined called party data (such as the called party name and destination) is sent to the calling party (to CN device 101), which can be displayed on a calling party phone display or pronounced by voice to let said the calling party to verify the call. If the dialed sequence is a phone number at step 503, the best way to initiate the call would be further determined. The network selection priorities are defined by the

calling party in the profile (such as Profile 301) within CS/HS 100(i). For example, the calling party priorities can be as follows: a) Local calls should be handled over the PSTN line. b) Outside of local area and International calls should be routed according to the following priority list: bl) the same network; b2) a third party network; b3) SIP network; and b4) the cheapest PSTN or cellular carrier (provider) network.

Based on the above priority list, at step 504, if the dialed number is identified by CS/HS 100(i) as a local number (or other special numbers, such as emergency call 911 or 1-800 like free of charge call), the call should be completed over the PSTN line (to achieve the cheapest tariff). The number can be identified as local, if for example the caller calls another person by using his cellular phone and said another person is located in the same geographical location (such as the same city). Thus, at step 513 the sequence to be dialed by the calling party is sent (along with the called party name (if available)) to CN device 101 instructing the Client Node device of the said calling party how to initiate the PSTN conversation: said Client Node device receives a PSTN phone number of the called party to be automatically dialed. If the destination is not recognized as local, then it should be determined whether the called party is a system user or not. For that, CS/HS 100(i) should search for the Home Server of said called party at step 505 by using its lookup table 319 (Fig. 2). If the called party is a system user (its Home Server was identified) the call is completed at step 506 by forwarding it the Home Server of the Called party (such as CS/HS 100(2) (Fig. 3A)) and in turn to the Client Node device (such as CN device 103 (Fig. 3A)) of the called party.

If the called party is not a system user, then at step 507 the called party phone number is examined whether it is served by one or more third party SIP-based VoIP networks. For that, CS/HS 100 ( i) analyses a SIP record of

the dialed phone number. It can be done, for example, by the DNS-like request using the conventional ENUM service or conducting a search within a conventional database of SIP numbers provided over the Internet, for example. If it was determined that the called party is served by one or more SIP-based VoIP networks, then at step 508 the call is conducted as the conventional SIP communication, wherein the Home Server (CS/HS 100(i)) of the calling party operates as a standard SIP proxy server sending an INVITE message to the destination SIP proxy server (such as CS/HS 100(2)).

If the called party phone number is not served by one or more third party SIP-based VoIP networks, it can be still related to other VoIP networks. For example, the called party is the PSTN user, which is also connected to a peer-to-peer VoIP network, such as Skype® or GoogleTalk®. Then, the call can be conducted over such networks, if allowed in calling and/or called party profile.

If the called party phone number is not IP capable (the called party is neither the same network user nor his phone number is served by any VoIP network), then at step 509 CS/HS 100(i) checks for the cheapest PSTN provider (in terms of per minute rate for the called party destination) to make the call. It should be noted that more than one provider can be used. The calling party also can have a calling card with discounted rates for one or more predefined destinations. The call providers and calling card details are stored in the calling party profile within CS/HS 100(i) along with corresponding price lists for different destinations. Thus, the "call completion" option can be considered. For example, the call can be routed from CN device 101 to the VoIP Gateway in the calling party geographical location and then to another VoIP Gateway in the called party geographical location. After that, the call can be completed by a local PSTN call from said VoIP Gateway (in the called party geographical location) to the called party Client Node device (such as CN device 103).

Other third party carriers based on SIP or peer-to-peer networks can offer the same service. Thus at step 510, the per-minute charges of said carriers are compared to the per-minute charge of the cheapest PSTN carrier determined at step 509. If using the determined PSTN carrier is cheaper than using said other carriers based on SIP or peer-to-peer networks, then at step 511 the call is conducted according to the best "call completion" service provider found (in terms of the call charge and/or QoS). Otherwise, at step 512, the dialed sequence is modified to conduct the call by means of one or more of said carriers based on SIP or peer-to-peer networks. Thus, at step 513 the sequence to be dialed by the calling party is sent (along with the called party name (if available)) to CN device 101 instructing said calling party how to initiate the PSTN conversation (the calling party receives a PSTN phone number to be dialed).

It should be noted that according to an embodiment of the present invention, before initiating the completion call at step 511 and before sending a PSTN sequence to the calling party at step 513, CS/HS 100(i) further checks for other available routes through communication resources (Client Node devices having PSTN, cellular and/or Internet connection) of registered users, who agree to share said resources for a predefined fee, as described in Fig. 7 and Fig. 10. If using such resources is cheaper, then the calling party is routed through said users.

If the dialed sequence is not a valid phone number, as determined at step 503 by CS/HS 100 ( i), then at step 514 CS/HS 100 ( i) determines whether it is an email. If it is an email, then at step 515 the dialed sequence is stored within CS/HS 100(i) and after that at step 516 it is sent to the called party email over the Internet. If said dialed sequence is not an email, then at step 517 CS/HS 100(i) determines whether it is a voice message to be sent to the called party, whose phone number is stored in a address book within calling

party profile in said CS/HS 100(i) (the called party is identified at step 501). If said dialed sequence is a voice message, then at step 518 it is stored within CS/HS 100(i) and after that at step 519 it is sent to the called party mailbox within CS/HS 100(2).

It should be noted that each Community Server stores within its database the geographic zone tables containing telephone numbers for each zone and lists of call providers (such as PSTN and cellular providers) along with their call rates, special discounts, communication protocols, etc. for said each zone. In addition, said zone tables contain data related to routing calls to Gateway providers that provide call out service, such as SIP based Gateway providers or others.

According to an embodiment of the present invention, when the called party zone is identified, system 10 (Fig. IA) searches for system users in called party geographical location in whose profiles is indicated that they are wishing to share their resources for free or for a low charge, as described in Fig. 7 and Fig. 10. The shared resources are Client Node devices connected to the PSTN and/or cellular lines, and/or connected to the Internet. Therefore, such users become Gateways for the PSTN, cellular, Internet and other networks.

Fig. 4 is a flow chart for conducting a call, initiated over a PSTN line, according to an embodiment of the present invention. At step 600, a Client Node device (such as CN device 101 (Fig. IA)) at the called party side detects an incoming call over a PSTN line. Then at step 601, the Client Node device checks whether the connection to its Home Server (such as CS/HS 100(2) (Fig. 3A)) is available. If not, the call is processed as a conventional PSTN phone call: the Client Node device sends a ringing signal to the user's telephone at step 612, then the called party answers the phone (off-hook) call and start conversation at step 613. Finally, at step 614, the

calling party terminates the call (on-hook) at the end of the conversation. If the connection to the Home Server is available, the Client Node device sends a message said Home Server, informing it about the call and providing a caller ID (Identification) string. The caller ID string can comprise a caller phone number, caller name, the preferred language for introducing to the calling party a Welcome message or answering machine service, etc.). Then at step 602, said Home Server checks in the called party profile (such as Profile 301 (Fig. 2) whether a previously recorded Welcome message is required. The voice Welcome message introduced to the caller can be, for example, "Hello, you have reached the phone number <number>, please dial 101 to <userl> or 102 to <user2>". After the caller dials one of the above numbers, the number is determined by the caller Client Node device and then sent to the caller Home Server. The dialed sequence is used by said Home Server to determine which communication device (a cellular phone, a PSTN phone or a computer) is going to receive the call. If at step 602 it was determined that the Welcome message is required, the Home Server sends a signal to the Client Node device of the caller instructing it to establish a conventional voice packet exchange channel. By means of that channel, the recorded Welcome message is further sent to the caller by said Home Server to said Client Node device using the RTP (Eeal-time Transport Protocol) or any other conventional protocol. The Welcome message can be introduced to the caller in different languages, either prior recorded by the called party or automatically generated by said Home Server. The language preferences are defined in the caller ID string and/or they are defined in the caller (calling party) profile within its corresponding Home Server. According to an embodiment of the present invention, the preferred one or more languages are defined per called user within the address book in said profile. If the caller does not have language preferences, the language is selected according to the geographical location of the caller at the time of initiating the call. If the called party did not define a Welcome message within his profile, then at step 615 the Client Node device needs to determine the

destination user if more than one user is connected to said Client Node device (otherwise, as said, the caller selects the destination user (called party) by dialing the corresponding number as requested in the welcome message). For that, the destination user is automatically retrieved from the calling/called party address book by finding within said address book the preferred user among all users connected to said Client Node device. At step 604, the Home Server instructs the Client Node device to start ringing at the desired device(s) of the determined called party. If no preferred user was found at step 615, then the Client Node device sends a command to start ringing to at all available phone devices. If the user picks a phone within the time period predefined within the calling/called party profile at step 605, then the called party Client Node device recognizes the user that picked up the phone (off-hook) and sends a signal to the Home Server at step 606 informing said Home Server that the conversation has started. If no signal is received by the Home Server, the answering machine service is activated at step 607 by means of Answering Machine Server 375 (Fig 2) provided within said Home Server. For that, the Home Server sends a signal to the Client Node device instructing it to establish a streaming communication channel for providing said answering machine service. Then, an answering machine message saying that the user cannot answer right now and following by a beep is activated in the language preferred by the caller (as defined in his profile). After that, the caller leaves a message. If the Home Server determines at steps 608 and 609 that the caller sends a fax message, then Fax and Recording Server 378 (Fig. 2) initiates the fax communication and receives the fax at step 611. Then, the received fax is stored in user's mail box as an image (in any conventional image format). If no fax transmission was detected, the left message is stored, at step 610, within the called party mail box in the Home Server of said called party (it is stored in the MP 3, WAV or any other conventional audio format).

According to an embodiment of the present invention, the voice streaming packets of the phone conversation are recorded on the Home Server. The calling/called party can start recording at any time by pressing one or more predefined keys on his communication device after starting a phone conversation at step 606. The recording is performed by means of Fax and Recording Server 378 (Fig. 2). If the Client Node device or Home Server detects that the caller sends a fax message during the conversation, then the conversation is terminated and the called party receives a fax by means of said Fax and Recording Server 378. When the caller or the called party generates an on-hook signal then the call is terminated. The start and end time of the phone call is recorded by the Home Server and stored within the calling and called parties profiles.

According to an embodiment of the present invention, an incoming call from any communication device (such as a cellular phone, PSTN phone, computer, etc.) is forwarded by the Home Server to an alternative destination. For example, it is supposed that a user of system 10 (Fig. IA) has a Client Node device installed within his home and connected to the Internet and to the PSTN line (such as CN device 101 (Fig IA)). The user is traveling abroad with his laptop or cellular phone. The user configures Call policies 315 (Fig. 2) in his profile (such as Profile 301 (Fig. 2)) so that all incoming calls to said Client Node device at his home are forwarded to his laptop over the Internet. Thus, the call cost is dramatically reduced - the user has a local call charge or no charge at all instead of having an international call to his cellular phone. Alternatively, the call can be forwarded form his home to his cellular phone over the most cost efficient route selected by his Home Server (for example, when the cellular phone is connected to the Internet). In addition, while abroad the user can initiate phone calls to his home area from his laptop, calling for example a family member. In this case, the call is received by the Home Server and further transferred to user's Client Node device at his home from which a local

PSTN call is transferred to his family member. In this case, the cost of the call is also dramatically reduced from an international call rate to a local call rate.

According to an embodiment of the present invention, the Client Node device can have one or more functionalities of a Community Server. For example, the Client Node device can download the call forwarding data or routing tables from Account data 311 (Fig. 2) and Call policies 315 (Fig. 2) stored within said Community Server. Then, the Client Node device would act as a proxy server for routing outgoing and incoming calls to other Client Node devices. Thus, the Client Node device would handle outgoing or incoming communication sessions without the need for the Community Server.

FIG 5 is a flow chart of an attribution process, according to an embodiment of the present invention. All Client Node devices can access one or more Community Servers over a data network, such as the Internet by surfing to a corresponding domain (for example, www. well known domain.com). By surfing to such domain, each Client Node device can log in into the system 10 (Fig. IA), to reconnect to system 10 after it is switched on, to register to system 10 and then to initiate the communication for the first time, etc. For each Client Node device is assigned a Community Server, which becomes its Home Server. According to an embodiment of the present invention, there can be a plurality of Community Servers spread over a data network, such as the Internet to cope with a large number of users. The load is split between these servers by means of conventional load balancing techniques. The attribution process is initiated by a Client Node device to locate its Home Server for handling communication for a specific phone number, such as "x-y-z" where x is a country code, y is an area code and z is the local phone number. After each Client Node device is just installed within user's home/office, or when the Client Node device can not establish

communication with its Home Server (for example, when the Home Server is not used any more, and a new Community Server have taken its place and stores its users' profiles; it can happen, for example, when reconstructing system 10 and adding new servers to serve larger number of users), said Client Node device does not know which server over the data network (such as the Internet) is its Home Server, and it needs to find it. Thus at step 700, the Client Node device initiates a "Discover HS" request which comprises a destination full phone number. By issuing said request, the Client Node device asks "Which server is the Home Server for the phone number x-y-z?".

In addition to the phone number, the identification data (such as a serial number) of the destination Client Node device and a corresponding security key are sent to Attribution Server 370 (Fig. 2) of one of Community Servers spread over the data network (which can be accessed by surfing to a corresponding domain (for example, www. well known domain.com)) in order to identify said Client Node device. Said corresponding Community Server searches for the Home Server at step 710 by using lookup table 319 (Fig. 2) stored within said Community Server. In addition, it can query other Community Servers for said Home Server. From said lookup table 319, the Community Server obtains a list of available Home Servers by parsing the country and area codes provided by the Client Node device within the destination phone number. If the search result list is not empty at step 720, and more than one Home Server was found at step 730, then there is a need for an additional query at step 731: the Community Server queries each Home Server within the result list, saying "Do you store a profile for a country (x), area (y) and number (z)?". All Home Servers receiving said query looks inside their databases (such as database 305 (Fig. 2)) for a profile having the requested phone number. The Home Server that finds said number sends a message (replies) to the Community Server, said message comprising its IP address or domain name and informing that it is

the Home Server of the x-y-z phone number. If such reply was received at step 740, then at step 750 the Community Server sends a "Discover Success" message to the corresponding Client Node device along with the IP or domain name of the found Home Server. If such reply was not received at step 740 or the search result list is empty as determined at step 720, then the Community Server decides for the best available Community Server for further secure authentication of the corresponding Client Node device, as is further described in Fig. 6 (the best available Community Server can be selected within the same geographical location as said Client Node device; the selected Community Server also should be the most available in term of processing recourses). Then, a "Discover Fail" message is sent at step 761 to said Client Node device. The "Discover Fail" message comprises a IP/DNS number of the Community Node for performing the secured authentication of said Client Node device, as is further described in Fig. 6.

Fig. 6A is a schematic illustration of a system for secure registration, authentication and continuous verification of user identity based on a secure data channel with system 10 (Fig. IA) , according to an embodiment of the present invention. System 800 bounds between data network 110 (such as the Internet, DSL (Digital Subscriber Line), wireless network — Wi-Fi, WLAN, cable television, IPTV (Internet Protocol Television)) and phone network 802 (such as the PSTN or cellular network), wherein said data network 110 uses said phone network 802 for authenticating data network users. User 1 and User 2 use PSTN and cellular network, respectively. Each user has a Client Node device (such as CN device 101 (Fig. IA) and CN device 102 (Fig. IA), respectively with a dual interface — one for the telephone data network (PSTN or cellular) and another one for another data network 110, such as the Internet. Each secure Community Server within a plurality of Community Servers 804, such as Community Servers 100(i), 100(2), 100(3) and 100(4) (Fig. IA) is connected to data network 110 and stores profiles (such as Profile 301 (Fig. 2)) of all users connected to it.

When User 1 and User 2 are authenticated, they have a secure "hot line" (always-on) connection to their corresponding Home Servers, such as 100(i) and 100(2) (Fig. IA).

Fig. 6B is a flow chart of connecting and authenticating an unregistered Client Node device to a Community Server, according to an embodiment of the present invention. When User 1 connects to data network 110 (Fig. 6A) for the first time by means of his Client Node device (such as CN device 101 (Fig. IA)), said Client Node device automatically initiates a secure connection to the corresponding Community Server at step 610 (the Client Node device has a predefined network address and/or URL of said Community Server). The secure connection is handled over a conventional secure channel, such as the VPN (Virtual Private Network) or SSL (Secure Socket Layer) channel. Then at step 615, the Community Server retrieves from the Client Node device the identification information of said Client Node device, and finds that said Client Node device is a "new subscriber". The Community Server analyses the data network address of the Client Node device to determine its geographical location. If the Client Node device is installed within cellular phone 122 (Fig. IA), the Community Server can retrieve additional information from said Client Node device for identifying the cellular services provider along with the number of said cellular phone. At step 620, the Community Server builds a profile(s) of all users connected to said Client Node device. Then at step 625, one or more already subscribed users, such as User 2 are randomly selected. User 2 can be selected from users located at the same geographical area as User 1, or User 2 can be selected from users connected to the same cellular services provider as User 1 (so that a minimal or zero cost would be involved when conducting a call between User 1 and User 2). After that at step 630, the Client Node device of User 2 (such as CN device 102 (Fig. IA)) is instructed to be ready to receive an identification type incoming call, on which said Client Node

device is instructed not to answer the call (no off-hook) and to keep the call silent (no ringing). Then, the Client Node device of User 1 is instructed to initiate an identification call to User 2 (the phone number of User 2 was previously determined by said Community Server). At step 635, User's 2 Client Node device receives a call, recognizing User's 1 phone number (according to the caller ID (Identification) or according to the conventional ANI (Automatic Number Identification) service, and then reports to the Community Server. According to an embodiment of the present invention, steps 630 and 635 can be repeated with one or more additional corresponding users to insure the high level of confidence in detecting the phone number. Also, one or more of said users can be instructed by the Community Server to call back to the detected phone number, and then the Client Node device of User 1 authenticates the Client Node device of User 2 and reports said phone number to the Community Server. When the authentication is accomplished, the Community Server stores said phone number in User's 1 profile along with other data retrieved at step 615. Then at step 640, the Community Server issues a unique secure certificate (an encrypted digital data record) for the Client Node device of User 1 by using a key known only to said Community Server. It should be noted that the key can be generated by said Community Server. The issued certificate can comprise identification data of said Client Node device, said detected phone number, the issue and expiration dates for performing periodical automatic revoking and renewing. Then, the certificate is transferred to the Client Node device of User 1 over a secure channel (established at step 610) and stored in it's local memory for future use. Finally, User 1 is declared as "subscribed" and is ready to receive services offered by the Community Server.

It should be noted that according to an embodiment of the present invention, at step 630 the Community Server can instruct the Client Node device of User 1 to receive a call from the Client Node device of User 2. The

rest of the above authentication process is changed accordingly. The unique secure certificate is issued only after the authentication is accomplished. This verification assures that User 1 and/or User 2 are actual owners of the detected phone numbers.

According to an embodiment of the present invention, at steps 630 and 635 SMS (Short Message Service) messaging or any other instant messaging service is used for sending instructions to Client Node devices, wherein each message comprises a session unique key to insure additional verification of the sender. Such key can be generated by said Community Server.

According to an embodiment of the present invention, at step 635 the Client Node device of User 2 accepts the call (on-hook) and receives a session unique key from the Client Node device of User 1 (e.g. by means of the DTMF (Dual-Tone Multifrequency) signal) to insure additional verification of User 1.

Fig. 6C is a flow chart of connecting and authenticating a registered Client Node device to a Home Server, according to an embodiment of the present invention. It is supposed that User 1 connected to its Home Server, such as CS 100(i) by means of a Client Node device, such as CN device 101 (Fig. IA) is a registered user. When switching on said Client Node device at step 650, it automatically establishes a secure connection to its Home Server (the Client Node device has a predefined network address and/or URL of said Home Server). The secure connection is handled over a conventional secure channel, such as the VPN (Virtual Private Network) or SSL (Secure Socket Layer) channel. Then at step 655, the Home Server retrieves identification data of said Client Node device and determines that the Client Node device of User 1 is registered. After that at step 660, the Home Server retrieves the certificate data stored within said Client Node device. This certificate data is verified against the similar data stored in User's 1 profile within the

Home Server, at step 665. The certificate expiration date is also verified. In case of an error or mismatch, the Home Server can treat the Client Node device as an unregistered device and perform steps shown on Fig. 633. When all certificate data is verified, the Client Node device of User 1 is declared as authenticated and is ready to receive services offered by the Home Server.

When authenticated User 1 calls another authenticated User 2 over phone network 802 (Fig. 6A), User 2 identifies a phone number of User 1 and reports it to the Home Server. Then, the Home Server verifies User's 1 phone number stored within said Home Server in User's 1 profile against the number received by said User 2. If the phone numbers do not match, the Home Server can revoke the certificate stored within the Client Node device of User 1.

Fig. 7 is a schematic illustration of utilizing resources of registered users for a per-usage fee by establishing an automatic VoIP communication, according to an embodiment of the present invention. The established VoIP communication is transparent to each registered user of system 10 and is gateway free, which means that no external gateway provider is required for transferring the VoIP call to a PSTN line or to a cellular line, since users of Client Node devices function as internal gateways. The utilized resources are registered users' Client Node devices, such as CN device 101 and CN device 102 (Fig. IA) having a dual connection: to a data network, such as the Internet and to PSTN and/or cellular networks.

It is supposed, for example, that User A and User C are registered users of system 10 (Fig. IA). They are authenticated (as described on Figs. 6A to 6C) and have a secure "hot line" (always on) connection to their corresponding Home Servers, such as 100(i) and 100(2) (Fig. IA). Users A and C use their CN device 701(i) and CN device 701(2), respectively, each having a dual connection: one to data network 110, such as the Internet and another one

to telephone network 802, such as a PSTN, cellular, cable or VoIP network (VoIP network enables the user to communicate through a VoIP external provider in addition to conventional phone lines). User B is a conventional PSTN network user, which is not registered to use system 10 and does not have a Client Node device. User B is located within the same geographical location as User C (User B and User C when communicating over the PSTN line pay for a local call only or do not pay at all if said local call is free of charge ).

For simplicity, in Fig. 7 are shown only PSTN devices 121 (such as conventional telephones 121) and Client Node hardware devices CN device 701(i) and CN device 701(2) that are installed within conventional ATA boxes, but it should be noted that system 10 is applicable for any other type of dual mode Client Node device (hardware and/or software device/application) installed, for example, within cellular phone 122 (Fig. IA) or personal computer 123 (Fig. IA).

When User A calls User B, the dialed number is detected by CN device 701(i) and transferred to Home Server 100(i) that stores User's A settings. Then, Home Server 100(i) receives the dialed number and the cheapest communication possible route is being selected by comparing rates of all possible 3-rd parties route providers (vendors) according to User's A calling Preferences 312 stored within Profile 301, considering User's B location and the call time (day, night, noon hours, etc.), as described in Fig. 3B. If a zero (or close to zero) per minute charge (for the call) over the best communication route is determined (as described in Fig. 3B), then the call is processed according to step 510 (Fig. 3B). It should be noted that the communication route can be determined according to User's A settings stored within Profile 301 and can be based on involved charges and/or QoS, such as the voice quality. If the determined best communication route involves per minute change that is greater than zero, then Home Server

100(i) sends a query to Community Server 100(2). The query contains the calling party (User A) and called party (User B) data, such as their phone numbers, locations, etc. informing said Community Server 100(2) that User A wishes to place a call for X cents per minute and asking said Community Server 100(2) if any registered user is interested to share his resources (a Client Node device having a dual connection) for a per-usage fee, for example. Community Server 100(2) checks within its database 305 and picks up an appropriate user, which has agreed to share his resources. Such registered user by agreeing to such service signs an appropriate agreement/statement stored within his profile. The agreement can be related to the specific time of a day or night. After Community Server 100(2) determines such registered user, it sends a message to Home Server 100(i) confirming providing the requested call for X cents per minute. If no such registered user is determined, than Community Server 100(2) sends a corresponding message to said Home Server 100(i) informing it about the inability to provide the call by sharing resources of other registered users. Then, the call is processed according to step 510 as described in Fig. 3B.

Service fees can be negotiated automatically between Home Server 100(i) of User A and Home Servers 100(2) of User C according to preferences of said users stored in their corresponding profiles within said servers. If the cheaper communication route can be obtained, then Home Server 100(i) issues a unique secure key, which is valid for this communication session (for this call) only. The key is transferred to CN device 701(i), to Home Server 100(2) and to CN device 701(2) over a secure communication channel. The, the peer-to-peer communication is established between said CN device 701(i), Home Server 100(2) and CN device 701(2). Alternatively, User A and User B can define in their profiles not to communicate directly with other users, such as User C. This can be done for protecting said Users A and B from exposing their IP addresses to prevent identity frauds or other malicious uses. Thus, Home Servers 100(2) and 100(3) can operate as proxy

servers. Finally, CN device 701(2) allows CN device 701(i) to connect to it over the established secure P2P communication channel (or through said proxy servers). Then, CN device 701(2) establishes a conventional bidirectional audio channel between PSTN phones 121 of User A and User B. After that, User A starts the call with User B. When the call is over, CN device 701(i) and CN device 701(2) can report to Home Servers about session termination and the servers calculate the session duration. It should be noted that Home Servers 100(2) and 100(3) can determine session duration without receiving the report from said Client Node devices. Finally, User's A account is charged for corresponding fees and User's C account is credited accordingly.

Fig. 8 is a schematic illustration of a SPAM control system, according to an embodiment of the present invention. Registered Client Node devices 101 and 103 are securely connected to Home Servers (HSs) 100(i) and 100(3), respectively. To become an active Client Node device, each Client Node device must be first authenticated by its Home Server using the certificate data issued and stored within said Client Node device and within a profile of said Client Node device in its Home Server (within account data 311 (Fig. 2) of said profile). The IP address of each Home Server is static, and an IP address of each Client Node device can be either static or dynamic. The secure connection between each Client Node device and its corresponding Home Server is handled over a conventional secure channel, such as the VPN (Virtual Private Network) or SSL (Secure Socket Layer) channel. Each Client Node device denies all incoming calls until it receives an authorization from its Home Server.

It is supposed that CN device 101 initiates a call to CN device 103 by sending an INVITE message to its Home Server 100(i). Then, Home Server 100(i) establishes a secure connection (a secure session) with Home Server 100(3) of said CN device 103, sending to said Home Server 100(3) an invitation from said CN device 101 and providing full information about the

caller (about CN device 101). Home Server 100(3) determines, by examining the profile of CN device 103 (stored within database 305 (Fig. 2)), whether the caller is allowed to initiate communication with CN device 103. Home Server 100(3) examines the profile of CN device 103 to determine whether the caller is within the "black" list, "white" list and global SPAM lists published across the data network. If the caller's information is not accessible (e.g. the caller prohibits providing his personal information to the called party), then the caller is declared as "unknown" by Home Server 100(3). "Unknown" callers have a limited access to called parties, according to settings of said called parties stored within their corresponding profiles. For example, "unknown" callers can be able to initiate a call within a specific time period during a day or from a specific geographic location only. If the caller is found within the "white" list, then he gets a permission to make a call and a unique session key is assigned to the established session by Home Server 100(3) (the key can be randomly generated by said Home Server 100(3)). The key is valid for this session only and for corresponding IP addresses of parties participating in said session: CN device 101, HS 100(i), 100(3), CN device 103. The key is provided to CN device 103 and HS 100 ( i) over a secure communication channel. If the session requires peer-to-peer communication between CN device 101 and CN device 103 and/or HS 100(3), the HS 100(i) transfers the key also to CN device 101. By means of the session key, CN device 101 and HS 100(i) can securely connect to CN device 103 and HS 100( 2 ) over secure channels 706, 707 and 708.

According to an embodiment of the present invention, the called party during the conversation, before, or after the conversation (after terminating the call), can add the caller to a "black" or "white" list by pressing one or more predefined keys on his phone keypad. For example, when pressing "*b" the user inserts the caller (his phone number and/or IP address and/or other identification data) into the "black" list. For another example, when pressing "*a" the user inserts the caller into the "white" list. If the caller is

blocked, next time lie tries to reach the called party it will fail to do so. If a predefined number of users reports such caller as the spammer, then the caller phone number/IP address is inserted in a global SPAM list that relates to all users of system 10 (Fig. IA). Thus, this caller is automatically blocked when calling to each user of system 10. Further, callers that are not identified by HS 100(3) can be automatically blocked.

According to another embodiment of the present invention, no direct communication to the destination Client Node device, such as CN device 103 is allowed. The IP address of CN device 103 remains hidden. Therefore, all data packets are transferred through its Home Server 100(3) that functions as a proxy server.

Fig. 9 is a schematic illustration of a multilingual messaging service, according to an embodiment of the present invention. Each registered user of system 10 (Fig. IA) is requested to provide a list of spoken languages in a preferred order, such as: 1) English; 2) Spanish; and 3) French. Then, these settings are stored within his profile in his corresponding Home Server. For example, the profile of User 1 comprises English and Spanish spoken (preferred) languages for introducing to him voice messages (English has the higher priority), and the profile of User 3 comprises Japanese, French and English languages in this preferred order. If User 1 calls User 3, then the Home Server of User 1 provides the list of spoken languages (English and Spanish) to the Home Server of User 3. Then, the Home Server of User 3 compare the list of User's 1 preferred languages to the list of User's 3 preferred languages and decides to provide all voice messages in English.

For another example, the profile of User 2 comprises Spanish and Portuguese languages in this preferred order, for introducing to him voice messages. If User 2 calls User 1, then the Home Server of User 2 provides the list of spoken languages (Spanish and Portuguese) to the Home Server

of User 1. Then, the Home Server of User 1 compare the list of User's 2 preferred languages to the list of User's 1 preferred languages and decides to provide all voice messages in English.

Fig. 10 is another schematic illustration of system 10 that enables its registered user to purchase services offered by other registered users of said system 10, according to an embodiment of the present invention. According to an embodiment of the present invention, no identity data (such as a credit card number, a bank account number, etc.) is exposed and exchanged between the calling and called parties. A secure e-commerce process is established over a data network between registered users of system 10 by means of corresponding Community Servers, such as 100(i) and 100(2). User A is registered user of system 10 that is authenticated (as described on Figs. 6A to 6C) and has a "hot line" (always-on) secure data communication channel between its Client Node device 701(i) and Home Server 100(i). User B can have a dual mode cellular phone 122 with WWAN (Wireless Wide Area Network) and/or WLAN communication capabilities (such as Bluetooth, Wi-Fi (Wireless Fidelity'), etc.) and/or personal computer 123 with said WLAN capabilities and/or any other mobile device, such as PDA (Personal digital assistant) having the Client Node hardware/software device installed within it and also having said WLAN capabilities.

User B is also a registered user of system 10 and he wishes to purchase one or more services offered by User A, such as sharing a PSTN line or Internet connection of User A. User B is not connected to data network 110 and therefore he is not authenticated by system 10. Client Node device 701(2) of User's B (installed within User's B personal computer 123 and/or cellular phone 122) establishes non-secure communication with Client Node device 701(i) of User A. In turn, CN device 701(i) establishes an automatic routing service to Home Server 100(i) for each request received from CN device 701(2) (each request from User B (from CN device 701(2)) is routed to Home Server

100(i) over a secure communication channel). User B establishes a secure connection (such as the SSL) with Home Server 100(i) via CN device 701(i) of User A and then the identity of said User B is verified by said Home Server 100(i) using a prior issued secure certificate (as described on Figs. 6A to 6C), which is stored within said Client Node device 701(2) of said User B. When User B is verified, he receives a list of services offered by User A. Then, User B can automatically (according to the settings stored within his profile in his corresponding Home Server, such as Home Server 100(2) (Fig. lA), said Home Server determined by attribution process described in Fig. 5) or manually select one or more services provided by User A. The list of services offered by User A can comprise: (a) eCommerce/eTrading between User A and User B; (b) providing his Internet communication resources (his WWW communication recourses) to User B by means of Client Node device 701(i) connected to the Internet, and/or by means of his personal computer connected to the Internet, and/or by means of his cellular phone with WLAN capabilities to connect to the Internet, etc.; and (c) providing his telephone communication recourses to User B by means of Client Node device 701(i) connected to the PSTN and/or cellular networks. The Home Server of User B, such as Home Server 100(2) negotiates about the fees of one or more services selected by User B with Home Server 100(i) of User A. When negotiating, the settings of User A and User B stored within their corresponding profiles are analyzed. If the service can not be purchased automatically according to said settings, then User B can is requested to confirm the price. Upon finishing the negotiations, Home Servers 100(i) and 100(2) issue unique secure key (only for this session) for providing the selected one or more services, said key transferred to CN device 701(i) and CN device 701(2) over a secure channel. CN device 701(2) of User B uses the key for establishing a new connection with CN device 701(i) of User A. When said connection is verified by CN device 701(i), then the requested one or more services are provided to User B. CN device 701(i) and CN device 701(2) report their communication status and service duration to their Home

Server 100(i) and 100(2). It should be noted that Home Servers 100(i) and 100(2) can determine session duration without receiving the report from said Client Node devices. Then, User's B account is charged and the money is transferred to User's A by Home Servers 100(i) and 100(2).

According to an embodiment of the present invention, users' accounts are managed by Community/Home Servers so that there is no need for bank transfers (and in turn, there is no bank commissions). Each user account can have a prepaid sum of money, which the Home Server charges or credits accordingly.

Fig. 11 is a schematic illustration of secure eCommerce/eTrading system 10, according to an embodiment of the present invention. User 2 has Client Node device 102 and User 3 has Client Node device 103. To each of said Client Node devices can be connected any communication device, such as a PSTN phone 121, cellular phone 122, personal computer 123, PDA, etc. It is supposed that User 2 is already authenticated (as described on Figs. 6A to 6C) and has a secure connection with its Home Server 100(2). User B is also authenticated and has a secure connection with its Home Server 100(3) User B holds an Internet store site that sells products online. User's B online store can be related, for example, to a supermarket online web store or to a software/hardware products store. Profiles of User 2 and User 3 are stored within databases in their corresponding Home Servers. Their profiles contain their credit data indicating positive and negative money balance. User 2 can not access the data stored within profile of User 3, and vice- versa.

User 2 surfs to the online store of User 3 and wishes to buy a product from his Web site. Thus, User 2 selects the product and proceeds to the conventional "Confirm Purchase" page within said Web site. If the purchase requires shipment of the product, then User 2 may need to provide his home

address. Alternatively, User 2 may configure his profile so that the shipping address is provided automatically without the need to enter said address in said Web site and by such way preventing personal data from being exposed to hackers. Then User 2, instead of providing his personal details, such as his credit card number, etc., he should provide a unique authorization code. For that, User 2 request such transaction authorization code from his Home Server 100(2) (the code is valid for this transaction only) User 2 may initiate such request by pressing one or more predefined keys on his phone keypad, or by sending an SMS (Short Message Service) message or email (according to his profile settings). User A can limit the transaction to a predefined sum of money by adding a money limit to the request sent to said Home Server or by pre-configuring his profile to limit a transaction charge. User A can further add an extra security by configuring his profile to request a user name and password prior to sending the authorization code (this may be necessary if, for example, his cell phone connected to Client Node 102 is stolen). In turn, Home Server 100(2) generates a random unique authorization code for said transaction, and sends it to User 2. The code can be valid for a limited period of time (for example, 5 minutes). The code is displayed on a screen of User's 2 cell phone, telephone or personal computer. This code can be a numerical or an alphanumerical code that is complicated to prevent random typing or guessing by other persons.

According to an embodiment of the present invention, the authorization code is stored within a database in Home Server 100(2) (or within a global database of all Community Servers over a data network) and is shared for a limited time period to all Community Servers that check for the currently shared authorization codes. Thus, when the authorization code is inserted in the Web site for purchasing the product, it can be verified by the seller's Home Server.

When User 2 receives the authorization code from his Home Server 100(2), he enters it into the corresponding text field within User's 3 Web site. User's 3 Web site receives this code and communicates with Home Server 100(3) of User 3, transferring this transaction authorization code along with an indication of the sum of money for this purchase.

According to an embodiment of the present invention, Home Server 100(3) searches within a shared database(s) of Community Servers over a data network for the authorization code as provided by User 2. When it is found, Home Server 100(3) communicates with Home Server 100(2) (Home Server 100(2) is determined by Home Server 100(3) by analyzing the authorization code) requesting to accept the required money charge. Home Server 100(2) checks if the charge is within the limits defined by User 2 and then authorizes the transaction. Home Server 100(2) may deny the transaction if the credit in User's 2 account is not smaller than required, or the debit in User's 2 account is too big, or for any other reason.

It should be noted that, since the online purchasing can require inserting buyer's shipping address, User's 2 profile (stored within his Home Server 100(2)) may contain his shipping address data. User 2 can configure his profile to enable Home Server 100(2) automatically provide his shipping address data to Home Server 100(3) and, in turn, to User's 3 online store, when purchasing online. Therefore, according to an embodiment of the present invention, User 3 requests the shipping address data from Home Server 100(3) and Home Server 100(3) obtains this data from Home Server 100(2). User 3 may reject the transaction if he does not receive the shipping address data for any reason, or if he can not physically deliver his product(s) to said address. When User 3 receives User's 2 shipping address data, he authorizes it by sending a confirmation message to Home Server 100(3).

Wlien Home Server 100(3) informs Home Server 100(2) that the transaction is complete, Home Server 100(2) charges User's 2 account for a corresponding sum of money and credits User's 3 account accordingly.

As said, the transaction is made internally within system 10, therefore there is no extra debit, since no credit company, bank or other 3-rd party is involved in the transaction process.

While some embodiments of the invention have been described by way of illustration, it will be apparent that the invention can be put into practice with many modifications, variations and adaptations, and with the use of numerous equivalents or alternative solutions that are within the scope of persons skilled in the art, without departing from the spirit of the invention or exceeding the scope of the claims.