WO2022176074A1 - Système de prévention d'apparition de fraude, procédé de prévention d'apparition de fraude, serveur enum/dns et programme - Google Patents

Système de prévention d'apparition de fraude, procédé de prévention d'apparition de fraude, serveur enum/dns et programme Download PDF

Info

Publication number
WO2022176074A1
WO2022176074A1 PCT/JP2021/005978 JP2021005978W WO2022176074A1 WO 2022176074 A1 WO2022176074 A1 WO 2022176074A1 JP 2021005978 W JP2021005978 W JP 2021005978W WO 2022176074 A1 WO2022176074 A1 WO 2022176074A1
Authority
WO
WIPO (PCT)
Prior art keywords
fraud
number information
protected
enum
call
Prior art date
Application number
PCT/JP2021/005978
Other languages
English (en)
Japanese (ja)
Inventor
政憲 秋本
宏 清水
Original Assignee
日本電信電話株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電信電話株式会社 filed Critical 日本電信電話株式会社
Priority to JP2023500193A priority Critical patent/JP7509309B2/ja
Priority to PCT/JP2021/005978 priority patent/WO2022176074A1/fr
Publication of WO2022176074A1 publication Critical patent/WO2022176074A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • H04M3/42Systems providing special services or facilities to subscribers

Definitions

  • the present invention relates to a fraud damage prevention system, a fraud damage prevention method, an ENUM/DNS server, and a program that prevent fraud damage using telephones.
  • Non-Patent Document 1 In view of the fact that many fraud cases using telephones, such as the "It's me” fraud, have occurred, there is a technique in which the called party issues an announcement to warn against fraud before answering the telephone, or regulates the call (for example, see Non-Patent Document 1).
  • an incoming call rejection list 101 is registered in advance in the incoming call destination device 50 located on the incoming call side. Then, in the destination device 50, the call information (originator number) of the signal received from the call processing server 20a is collated with the call rejection list 101, and the matched call is restricted or the guidance device 30a calls attention. to run.
  • the destination device 50 is, for example, an IP (Internet Protocol) telephone (receiving terminal 5) provided in each home, a PBX (Private Branch eXchange) (not shown), or the like.
  • Non-Patent Document 2 a technology that records the content of calls, transfers the audio file to a special fraud countermeasure server, determines whether or not the call is a special fraud by AI (Artificial Intelligence) analysis, and notifies an alarm to call attention.
  • AI Artificial Intelligence
  • Non-Patent Document 1 when the guidance device is used to call attention, the user of the telephone service having the destination device 50 needs to prepare a special anti-fraud guidance device.
  • the call rejection list 101 can be created by the user or by a service provider and updated. Anti-fraud measures may be less effective.
  • Non-Patent Document 2 it is necessary to record the content of the call once and then analyze it with AI. Therefore, since it is necessary to have a conversation with the malicious person of the special fraud once, it is a burden for the user, and there is a problem in terms of immediacy because it is assumed that the call is completed. Furthermore, there is a possibility that the first call may lead to damage to the user.
  • An object of the present invention is to perform effective fraud damage prevention processing before starting.
  • a fraud damage prevention system includes a call processing server that connects a call originating device and a destination device, and an ENUM/ and a DNS server, wherein when the call processing server receives a connection request from the call originating device, the originating number of the originating device and the destination number of the called device are attached.
  • a security level determination request unit that transmits a security level determination request to the ENUM/DNS server; and a security level determination result regarding the connection request from the ENUM/DNS server, and a predetermined fraud damage according to the security level.
  • a fraud prevention processing unit that executes prevention processing
  • the ENUM/DNS server is a fraud number information registering a fraud number indicating a number subject to fraud countermeasures, and a target to be protected from fraud damage.
  • Number information for updating the fraudulent number information and the protected number information stored in the storage unit by acquiring the protected number information in which the protected number indicating the user's number is registered from the external database at predetermined time intervals.
  • the connection pattern of the connection request is determined by determining whether or not the destination number is registered in the fraudulent number information or the protected number information, and fraud damage occurs according to the determined connection pattern.
  • a caution level determination unit that determines a caution level that evaluates that the fraud damage prevention processing of a higher level is required as the possibility is higher.
  • the network side closer to the originating device (originating terminal) rather than the called party performs effective fraud prevention processing before the call starts. can be executed.
  • FIG. 3 is a diagram showing a data configuration example of protected number information according to the present embodiment
  • FIG. 4 is a diagram showing an example of alert levels associated with connection patterns of callers and callees
  • 3 is a functional block diagram showing a configuration example of a call processing server according to this embodiment
  • FIG. It is a figure explaining the example of the caution level countermeasure information which concerns on this embodiment.
  • FIG. 2 is a hardware configuration diagram showing an example of a computer that implements functions of an ENUM/DNS server and a call processing server according to the present embodiment;
  • FIG. 1 is a diagram for explaining a conventional system for preventing fraud on the receiving side;
  • FIG. 1 is a diagram for explaining a conventional system for preventing fraud on the receiving side;
  • this embodiment a mode for carrying out the present invention (hereinafter referred to as "this embodiment") will be described. First, the outline of the present invention will be explained.
  • the fraud damage prevention system has functions for preventing fraud damage by telephone (such as a function to regulate calls and a function to play guidance using a guidance device). It is characterized in that it is provided on the network side without More specifically, in addition to information on the blacklist that is the target of fraud countermeasures (hereinafter referred to as "fraudulent number information"), information on the user number list that is the target of fraud protection (hereinafter referred to as " Protected Number Information”) is provided by an ENUM (E.164 Number Mapping)/DNS (Domain Name System) server.
  • ENUM E.164 Number Mapping
  • DNS Domain Name System
  • a call processing server and an ENUM/DNS server perform connection destination information resolution processing and perform call connection between a calling terminal and a called terminal, and this ENUM/DNS system is utilized.
  • the ENUM/DNS server that receives an inquiry from the call processing server refers to the fraud number information and the protected number information based on both the caller number and the destination number. to determine the alert level.
  • the call processing server obtains information on the alert level determined by the ENUM/DNS server, and according to the alert level, restricts calls as preset fraud prevention processing (predetermined fraud prevention processing). (call disconnection) and delivery of guidance by the guidance device.
  • the ENUM/DNS server uses the ENUM/DNS protocol from an external database ("number database 700" described later) of an administrative agency or the like that stores the latest fraud number information and protected number information. Obtain and update the fraud number information and the protected number information at intervals (for example, in real time or at regular intervals).
  • the fraud damage prevention system prevents fraud damage more effectively than the conventional technology before the call starts on the network side closer to the originating device (originating terminal) rather than on the receiving side. Processing can be performed.
  • Non-Patent Document 3 (“TTC Standard JJ-90.31 Carrier ENUM Interconnection Common Interface” Version 4.0, August 29, 2018, General Incorporated Association Information and Communication Technology Committee) I'm familiar with A fraud damage prevention system of the present invention using this ENUM/DNS server will be described below.
  • FIG. 1 is a diagram showing the overall configuration of a fraud damage prevention system 1000 according to this embodiment.
  • the ENUM/DNS server 10 has fraud number information 110 and protected number information 120 . Then, using the interface between the ENUM/DNS server 10 already provided in the call processing server 20 as a conventional technique, the call processing server 20 generates the calling number and destination number for the call for which the connection request is received. to the ENUM/DNS server 10.
  • the ENUM/DNS server 10 determines whether the caller number is registered in the fraudulent number information 110 and whether the destination number is registered in the protected number information 120. to decide. In other words, the warning level is determined by judging whether the calling party is the number of the malicious person of the special fraud or the receiving party is the number of the protected party.
  • the ENUM/DNS server 10 determines whether the caller number is registered in the protected number information 120 and whether the destination number is registered in the fraudulent number information 110. determine the level. In other words, the warning level is determined by judging whether the caller is the number of the person to be protected or the caller is the number of the malicious person of the special fraud.
  • the ENUM/DNS server 10 determines the pattern of the combination of the source number and the destination number ("connection pattern" to be described later), and the call from the fraud number to the protected number and calls from protected numbers to fraudulent numbers. Based on this vigilance level, the call processing server 20 executes fraud damage prevention processing (call control (call disconnection) and guidance delivery) before starting a call.
  • fraud damage prevention processing call control (call disconnection) and guidance delivery
  • FIG. 2 is a functional block diagram showing a configuration example of the ENUM/DNS server 10 according to this embodiment.
  • the ENUM/DNS server 10 has a conventional function of returning connection destination information (routing information) of the destination number in response to an inquiry from the call processing server 20 . Furthermore, the ENUM/DNS server 10 acquires information on the originating number and the destination number from the call processing server 20 . Then, the ENUM/DNS server 10 determines whether the caller number is registered in the fraudulent number information 110 or the protected number information 120, and whether the destination number is registered in the fraudulent number information 110 or the protected number information 120. It determines whether or not it is safe, and determines the alert level. The ENUM/DNS server 10 returns information on the determined security level to the call processing server 20 .
  • This ENUM/DNS server 10 comprises an input/output unit 11 , a control unit 12 and a storage unit 13 .
  • the input/output unit 11 inputs and outputs information to and from other devices.
  • the input/output unit 11 transmits and receives information to and from the call processing server 20 and the number database 700 (FIG. 1).
  • the input/output unit 11 includes a communication interface for transmitting and receiving information via a communication line, and an input/output interface for inputting and outputting information between an input device such as a keyboard (not shown) and an output device such as a monitor. Configured.
  • the storage unit 13 is configured by a hard disk, flash memory, RAM (Random Access Memory), or the like.
  • the storage unit 13 stores fraudulent number information 110, protected number information 120, and a connection destination information table 130.
  • the fraud number information 110 is information in which numbers (fraud numbers) targeted for fraud countermeasures are registered as a so-called blacklist.
  • the protected number information 120 is information registered as a number list of users to be protected from fraud damage.
  • the connection destination information table 130 stores connection destination information (routing information) in association with each destination number (telephone number of the destination terminal 5).
  • the storage unit 13 also temporarily stores a program for executing each function unit of the control unit 12 and information necessary for processing of the control unit 12 .
  • the control unit 12 controls the overall processing executed by the ENUM/DNS server 10, and includes a number information update unit 121, an alert level determination unit 122, and a connection destination information search unit 123.
  • Number information update unit 121 acquires fraud number information 110 and protected number information 120 at predetermined time intervals from number database 700 ( FIG. 1 ) provided outside fraud damage prevention system 1000 , and stores storage unit 13 .
  • the number database 700 is assumed to be an external database owned by an organization capable of collecting the latest special fraud damage information nationwide, for example, in an administrative agency (National police Agency, Consumer Affairs Agency, Ministry of Internal Affairs and Communications, etc.).
  • the fraud number information 110 stored in the number database 700 is updated based on the latest special fraud damage.
  • the protected number information 120 is registered by a user who is a victim of special fraud by applying to an administrative agency or the like. By doing so, it is possible to collect information on protected numbers without depending on the service provider company or communication carrier.
  • the protected number information 120 includes user (protected) numbers registered to prevent damage from special fraud, such as "03-5555-5555" and "0422-77-7777". It is registered like "06-6666-6666".
  • the fraud number information 110 may include fraud numbers and fraud types.
  • numbers used for specific special frauds that have actually occurred are registered, so the types of special frauds can also be registered at that time.
  • the fraud type "It's me fraud” is registered in association with the fraud number "03-1111-1111". , a plurality of fraud types may be registered.
  • the protected number information 120 may register the protected number and the type of fraud.
  • the registration of the type of fraud suffered in the past is accepted, and the information is recorded.
  • the fraud type information may be left blank. For example, if the user has not yet been victimized by a special fraud, but has registered to prevent being victimized by a special fraud in the future, the field will be blank.
  • the number information update unit 121 acquires the fraud number information 110 and the protected number information 120 from the number database 700 (Fig. 1) using the ENUM/DNS protocol.
  • the ENUM standard shown in Non-Patent Document 3 has specifications for storing and synchronizing data in real time using a real-time DB.
  • the ENUM/DNS server 10 by adopting an information updating method using the ENUM/DNS protocol, the fraudulent number information 110 and the protected number information 120 can be updated in real time from the number database 700. is the most suitable example.
  • the number information updating unit 121 may acquire the fraudulent number information 110 and the protected number information 120 from the number database 700 at predetermined time intervals such as regular intervals.
  • the alert level determination unit 122 receives from the call processing server 20 an alert level determination request to which the caller number and destination number are attached. Then, caution level determination unit 122 first determines whether or not the caller number is registered in fraud number information 110 or protected number information 120 . The vigilance level determination unit 122 also determines whether or not the destination number is registered in the fraudulent number information 110 or the protected number information 120 .
  • the caution level determination unit 122 determines the caution level as shown in FIG. 5 according to the connection pattern based on the determination result of the caller number and the destination number. It should be noted that here, an example will be described in which there are five alert levels as a whole, and the higher the number, the higher the alert level. This warning level is for evaluating that the higher the possibility of fraud damage, the higher the level of fraud damage prevention processing required.
  • connection pattern ⁇ b> the caller number is not registered in the fraudulent number information 110, and the destination number is registered in the protected number information 120. This is the case of a call to This connection pattern ⁇ b> is assumed to be alert level "2".
  • connection pattern ⁇ c> the caller number is registered in the fraudulent number information 110 and the destination number is not registered in the protected number information 120. This is the case of the call of This connection pattern ⁇ c> is assumed to be alert level "3".
  • connection pattern ⁇ d> In the connection pattern ⁇ d>, the caller number is registered in the fraud number information 110, and the destination number is also registered in the protected number information 120. This is the case of "Call”. This connection pattern ⁇ d> is assumed to be alert level "4".
  • connection pattern ⁇ d> the vigilance level determination unit 122
  • detailed caution level determination may be performed as in the following connection patterns ⁇ d-1>, ⁇ d-2>, and ⁇ d-3>.
  • the fraud type of the fraudulent number of the originating terminal and the fraud type of the protected number of the destination terminal are different.
  • ⁇ Connection pattern ⁇ d-1> In the case of "a call from a person with malicious intent who commits fraud to a protected person who is a victim of fictitious billing fraud", the warning level is set to "4-1".
  • ⁇ Connection pattern ⁇ d-2> In the case of "a call from a malicious person who commits fraud to a protected person who is a victim of tax refund fraud", the alert level is set to "4-1”.
  • alert level “4-1” calls made by malicious persons involved in “it's me” fraud
  • alert level “4-2” calls made by malicious persons involved in refund fraud
  • alert levels shall apply to calls originating from a person to be protected.
  • ⁇ Connection pattern ⁇ e> If the caller number is registered in the protected number information 120 and the destination number is not registered in the fraudulent number information 110, that is, in the case of "a call from a protected person to a non-malicious person of special fraud" be. This connection pattern ⁇ e> is assumed to be alert level "1".
  • the alert level is set to "1".
  • the warning level is set to "1”.
  • “Call from malicious party of special fraud to malicious party of other special fraud” can be set arbitrarily, but since the possibility of general users being victimized by special fraud is low, the alert level may be set to "1". .
  • connection pattern ⁇ f> In the connection pattern ⁇ f>, the caller number is registered in the protected number information 120, and the destination number is also registered in the fraud number information 110. This is the case of "Call".
  • This connection pattern ⁇ f> is assumed to be alert level "5". Even if the type of fraud is registered in the fraud number information 110 and the protected number information 120, if the call is from a protected party to a malicious party of a special fraud, the fraud type linked to the fraud number Also, regardless of the type of fraud damage suffered by the person to be protected, the possibility of new damage is high, so the caution level is set to "5".
  • the alert level determination unit 122 thus determines the alert level according to the connection pattern based on the determination result of the caller number and the destination number. Alert level determination unit 122 then returns information on the determined alert level to call processing server 20 .
  • connection destination information search unit 123 receives an inquiry about the connection destination information (routing information) of the called party number (telephone number of the called terminal 5 (FIG. 1)) from the call processing server 20,
  • the information table 130 is referenced to extract connection destination information (routing information) corresponding to the destination number and return it to the call processing server 20 .
  • the ENUM/DNS server 10 acquires the latest fraudulent number information 110 and protected number information 120, and can determine the alert level based on the connection pattern of the calling number and the called number. .
  • FIG. 6 is a functional block diagram showing a configuration example of the call processing server 20 according to this embodiment.
  • the call processing server 20 receives a connection request (call) from each calling device (calling terminal 4) that it accommodates. Then, the call processing server 20 receives the alert level determination result by transmitting to the ENUM/DNS server 10 an alert level determination request to which the caller number and destination number of the caller device are attached.
  • the call processing server 20 controls the call (disconnects the call) and distributes guidance by the guidance device 30 before the call starts as special fraud countermeasures according to the received security level.
  • This call processing server 20 comprises an input/output unit 21 , a control unit 22 and a storage unit 23 .
  • the input/output unit 21 inputs and outputs information to and from other devices.
  • the input/output unit 21 transmits and receives information to and from each terminal (originating device (originating terminal 4), terminating terminal 5, etc.), ENUM/DNS server 10, and the like.
  • the input/output unit 21 includes a communication interface for transmitting and receiving information via a communication line, and an input/output interface for inputting and outputting information between an input device such as a keyboard (not shown) and an output device such as a monitor. Configured.
  • the storage unit 23 is configured by a hard disk, flash memory, RAM, or the like.
  • the storage unit 23 stores caution level countermeasure information 200 (details will be described later) indicating countermeasures against fraud according to each caution level.
  • the storage unit 23 also temporarily stores a program for executing each function of the control unit 22 and information necessary for processing of the control unit 22 .
  • the control unit 22 controls overall processing executed by the call processing server 20, and includes a warning level determination requesting unit 221, a fraud prevention processing unit 222, a connection destination information requesting unit 223, and a call connection processing unit 224. Configured.
  • the alert level determination requesting unit 221 receives a connection request (call) from the calling device (calling terminal 4) that it accommodates. Then, the alert level determination request unit 221 generates an alert level determination request to which the caller number and destination number of the caller device (calling terminal 4) are attached, and transmits the request to the ENUM/DNS server 10.
  • FIG. 1 A connection request (call) from the calling device (calling terminal 4) that it accommodates. Then, the alert level determination request unit 221 generates an alert level determination request to which the caller number and destination number of the caller device (calling terminal 4) are attached, and transmits the request to the ENUM/DNS server 10.
  • the fraud prevention processing unit 222 acquires security level information from the ENUM/DNS server 10 . Then, the fraud prevention processing unit 222 executes fraud prevention processing defined by the caution level countermeasure information 200 stored in the storage unit 23 .
  • FIG. 7 is a diagram illustrating an example of caution level countermeasure information 200 according to this embodiment.
  • the fraud prevention processing unit 222 executes fraud prevention processing such as call restriction (call disconnection) and guidance distribution by the guidance device 30 in association with each security level.
  • Alert level "1" is for cases where the caller number is not registered in the fraudulent number information 110 and the destination number is not registered in the protected number information 120, or when the caller number is not registered in the protected number information 120. However, the destination number is not registered in the fraudulent number information 110, for example. In this case, the fraud prevention processing unit 222 does not perform fraud prevention countermeasure processing. Therefore, the fraud prevention processing unit 222 outputs that fact to the connection destination information requesting unit 223 to continue processing for normal call connection.
  • Alert level "2" is for "calls from non-malicious persons of special fraud to protected persons".
  • the fraud prevention processing unit 222 distributes guidance such as "Please be careful with the other party of the call” to the destination terminal via the guidance device 30 .
  • Alert level "3" is for "calls from malicious persons of special fraud to persons other than protected persons".
  • the fraud prevention processing unit 222 may deliver guidance such as "there is a possibility of a call from a special fraud group" to the destination terminal via the guidance device 30, for example.
  • the user of the destination terminal is not registered as a person protected by the special anti-fraud measures, it is possible to set the anti-fraud countermeasures such as distributing the guidance not to be performed.
  • Alert level "4" covers “calls from malicious persons in special frauds to protected persons".
  • the fraud prevention processing unit 222 delivers guidance such as "There is a possibility of a call from a special fraud group” to the destination terminal via the guidance device 30. Further, the fraud prevention processing unit 222 distributes guidance such as "This call is being recorded” to the malicious person of the special fraud of the originating terminal via the guidance device 30.
  • Alert level "4-1" targets "a call from a malicious person who commits an 'it's me' fraud to a protected person who suffers from a special fraud other than the 'it's me'fraud".
  • the fraud prevention processing unit 222 distributes guidance such as, for example, "There is a possibility of a call from a fraudulent group.” Further, the fraud prevention processing unit 222 distributes guidance such as "This call is being recorded” to the malicious person of the special fraud of the originating terminal via the guidance device 30.
  • Alert level "4-2" is for "calls from malicious persons involved in refund fraud to protected persons who are victims of special fraud other than refund fraud".
  • the fraud prevention processing unit 222 distributes guidance to the destination terminal via the guidance device 30, such as "There is a possibility of a call from a refund fraud group.” Further, the fraud prevention processing unit 222 distributes guidance such as "This call is being recorded” to the malicious person of the special fraud of the originating terminal via the guidance device 30.
  • FIG. In addition, in the case where the fraud type of the fraudulent number of the calling terminal and the fraud type of the protected number of the called terminal are different, the fraud prevention processing unit 222 Deliver guidance to both the Special Fraud STS.
  • Alert level "5" is, for example, "a call from a malicious person who is a fraud victim to a protected person who is a victim of "It's me” fraud. Cases with the same type of fraud are covered. In this case, the fraud prevention processing unit 222 discards (disconnects) the connection request (call) and rejects the incoming call because there is a high possibility of being victimized by special fraud. Another case with alert level "5" is the case of "Call from Protected Person to Special Fraud Service-to-Self". In this case as well, the fraud prevention processing unit 222 discards (disconnects) the connection request (call) because there is a high possibility of being victimized by special fraud, and disallows outgoing calls.
  • the special fraud countermeasures associated with this alert level may change the fraud prevention countermeasure processing for each protected number at the request of each protected person. For example, in the case of "a call from a malicious person of a special fraud to a protected person" with an alert level of "4", guidance is delivered to both the protected person of the called terminal and the malicious person of the special fraud of the originating terminal. Instead, the connection request (call) may be discarded (call disconnection), and the setting may be made such that the call cannot be made. Further, the content of the special fraud countermeasures associated with the alert level may be changed according to the setting of the telecommunications carrier or the like.
  • the connection destination information requesting unit 223 sends the connection destination information with the destination number. and send it to the ENUM/DNS server 10.
  • connection destination information (routing information) corresponding to the called party number from the ENUM/DNS server 10
  • the call processing server 20 as a fraud prevention countermeasure process according to the security level received from the ENUM/DNS server 10, restricts (discards) the call and provides guidance by the guidance device 30 before the call starts. delivery can be performed.
  • FIG. 8 is a sequence diagram showing the processing flow of the fraud damage prevention system 1000 according to this embodiment.
  • the number information updating unit 121 of the ENUM/DNS server 10 acquires the latest fraudulent number information 110 and protected number information 120 from the number database 700 held by an administrative agency or the like, and stores them in the storage unit 13 (step S1). .
  • the update of the fraud number information 110 and the protected number information 120 may be saved and synchronized in real time, for example, by an information update method using the ENUM/DNS protocol.
  • the call processing server 20 receives a connection request (call) from the calling terminal 4 to the called terminal 5 (step S2).
  • This connection request (call) is attached with the destination number of the receiving terminal 5 and the caller number of the calling terminal 4 .
  • the alert level determination requesting unit 221 of the call processing server 20 generates an alert level determination request to which the caller number of the calling terminal 4 and the destination number of the called terminal 5 are attached, and the ENUM/DNS server 10 (step S3).
  • the ENUM/DNS server 10 receives the alert level determination request to which the caller number and destination number are attached. Alert level determination unit 122 then determines whether the caller number is registered in fraud number information 110 or protected number information 120 . The vigilance level determination unit 122 also determines whether or not the destination number is registered in the fraudulent number information 110 or the protected number information 120 . Accordingly, the caution level determination unit 122 determines the connection pattern (see FIG. 5) based on the caller number and the destination number, and determines the caution level according to the connection pattern (step S4). Then, the alert level determination unit 122 sends back the determined alert level information to the call processing server 20 (step S5).
  • step S6 when the fraud prevention processing unit 222 of the call processing server 20 acquires information on the security level from the ENUM/DNS server 10, the special Anti-fraud measures are executed (step S6).
  • the fraud prevention processing unit 222 distributes guidance from the guidance device 30 to the receiving terminal 5 at the alert levels "2" and "3". and call attention to fraud damage.
  • the fraud prevention processing unit 222 causes the receiving terminal 5 to execute the process of distributing guidance from the guidance device 30, and also distributes guidance from the guidance device 30 to the calling terminal 4. to execute the process to be performed.
  • the actual timing at which guidance is delivered to the called terminal 5 and the calling terminal 4 by the guidance device 30 is determined by the connection destination information requesting unit 223 after receiving the connection destination information (routing information) corresponding to the destination number. Before connection.
  • the fraud prevention processing unit 222 performs call regulation processing (call disconnection) to cut off the communication between the malicious person who is the victim of special fraud and the person to be protected, and terminates the processing. finish. Note that the fraud prevention processing unit 222 does not take special fraud countermeasures when the alert level is "1" in the example of the alert level countermeasure information 200 showing five alert levels shown in FIG.
  • connection destination information requesting unit 223 of the call processing server 20 sets the alert level to "5", and except when the call restriction processing (call disconnection) is performed, the connection destination information with the destination number is sent.
  • An inquiry message is generated and transmitted to the ENUM/DNS server 10 (step S7: connection destination information inquiry).
  • connection destination information search unit 123 of the ENUM/DNS server 10 When the connection destination information search unit 123 of the ENUM/DNS server 10 receives the connection destination information inquiry, the connection destination information search unit 123 refers to the connection destination information table 130 and extracts the connection destination information (routing information) corresponding to the destination number. , to the call processing server 20 (step S8: connection destination information response).
  • connection processing server 20 receives connection destination information (routing information) corresponding to the destination number from the ENUM/DNS server 10
  • connection destination information routing information
  • the connection destination indicated in the destination information Call connection is made (step S9), and communication connection between the calling terminal 4 and the called terminal 5 is established.
  • the ENUM/DNS server 10 determines the combination pattern (connection pattern) of the source number and the destination number, and makes a call from the fraudulent number to the protected number, A vigilance level can be determined for both calls from protected numbers to fraudulent numbers. Based on this vigilance level, the call processing server 20 executes fraud damage prevention processing (call control (call disconnection) and guidance delivery) before starting a call. Therefore, according to the fraud damage prevention system 1000, when preventing fraud using a telephone, the network side, which is closer to the originating device (originating terminal) than the receiving side, before the call starts, effectively Fraud damage prevention processing can be executed.
  • FIG. 9 is a hardware configuration diagram showing an example of a computer 900 that implements the functions of the ENUM/DNS server 10 and the call processing server 20 according to this embodiment.
  • the computer 900 includes a CPU (Central Processing Unit) 901, a ROM (Read Only Memory) 902, a RAM 903, a HDD (Hard Disk Drive) 904, an input/output I/F (Interface) 905, a communication I/F 906 and a media I/F 907. have.
  • CPU Central Processing Unit
  • ROM Read Only Memory
  • RAM 903 Random Access Memory
  • HDD Hard Disk Drive
  • I/F Interface
  • the CPU 901 operates based on programs stored in the ROM 902 or HDD 904, and performs control by the control units 12 and 22 (FIGS. 2 and 6).
  • the ROM 902 stores a boot program executed by the CPU 901 when the computer 900 is started, a program related to the hardware of the computer 900, and the like.
  • the CPU 901 controls an input device 910 such as a mouse and keyboard, and an output device 911 such as a display and printer via an input/output I/F 905 .
  • the CPU 901 acquires data from the input device 910 and outputs the generated data to the output device 911 via the input/output I/F 905 .
  • a GPU Graphics Processing Unit
  • a GPU may be used together with the CPU 901 as a processor.
  • the HDD 904 stores programs executed by the CPU 901 and data used by the programs.
  • Communication I/F 906 receives data from other devices via a communication network (for example, NW (Network) 920) and outputs it to CPU 901, and transmits data generated by CPU 901 to other devices via the communication network. Send to device.
  • NW Network
  • the media I/F 907 reads programs or data stored in the recording medium 912 and outputs them to the CPU 901 via the RAM 903 .
  • the CPU 901 loads a program related to target processing from the recording medium 912 onto the RAM 903 via the media I/F 907, and executes the loaded program.
  • the recording medium 912 is an optical recording medium such as a DVD (Digital Versatile Disc) or a PD (Phase change rewritable Disk), a magneto-optical recording medium such as an MO (Magneto Optical disk), a magnetic recording medium, a semiconductor memory, or the like.
  • the CPU 901 of the computer 900 executes the program loaded on the RAM 903 to perform the ENUM/DNS server 10 and the call processing server. It implements the functions of the server 20 .
  • Data in the RAM 903 is stored in the HDD 904 .
  • the CPU 901 reads a program related to target processing from the recording medium 912 and executes it.
  • the CPU 901 may read a program related to target processing from another device via the communication network (NW 920).
  • a fraud damage prevention system includes a call processing server 20 that connects a calling device (calling terminal 4) and a called device (called terminal 5);
  • a fraud damage prevention system 1000 comprising an ENUM/DNS server 10 that performs connection destination information resolution processing, when the call processing server 20 receives a connection request from a calling device, the caller number of the calling device and a warning level determination request unit 221 that transmits a warning level determination request to the ENUM/DNS server 10 to which the destination number of the destination device is attached; a fraud prevention processing unit 222 that executes predetermined fraud damage prevention processing according to the alert level, and the ENUM/DNS server 10 registers fraud number information 110 indicating a fraud countermeasure target number.
  • the caller number is updated to the fraud number information 110 or the protected number information.
  • the connection pattern of the connection request is discriminated by determining whether it is registered in the target number information 120 and whether the called party number is registered in the fraudulent number information 110 or the protected number information 120. and a warning level determination unit 122 for determining a warning level for evaluating that a higher level of fraud prevention processing is required as the possibility of fraud damage is higher according to the connection pattern.
  • the ENUM/DNS server 10 determines the connection pattern using the fraud number information 110 and the protected number information 120 obtained from the external database (number database 700), A security level is determined according to the determined connection pattern, and the call processing server 20 can execute fraud damage prevention processing for each security level. Therefore, fraud damage prevention processing can be executed not on the receiving side but on the network side closer to the calling device (calling terminal 4). In addition, since the fraud damage prevention system 1000 executes fraud damage prevention processing before the start of a call, there is no burden on the user. In addition, by determining the connection pattern, the ENUM/DNS server 10 can also execute fraud damage prevention processing for a call from a person to be protected to a malicious party of a special fraud. Therefore, it is possible to prevent fraud damage more effectively than in the prior art.
  • the alert level determination unit 122 of the ENUM/DNS server 10 has the caller number registered in the protected number information 120 and the destination number registered in the fraud number information 110. In this case, the alert level of the connection request is determined to be the alert level of disconnecting the call as fraud damage prevention processing.
  • the call is regulated (call disconnection) before the call starts, and protection is provided. Damage to the target can be prevented.
  • the fraud number information 110 registers a fraud type indicating the type of special fraud in association with the fraud number
  • the protected number information 120 registers a fraud number associated with the protected number.
  • the type of fraud is registered in the ENUM/DNS server 10, and the warning level determination unit 122 of the ENUM/DNS server 10 determines that the caller number is registered in the fraud number information 110 and the destination number is registered in the protected number information 120.
  • the alert level of the connection request is set to the alert level at which the call is disconnected as fraud damage prevention processing. It is characterized by determining.
  • the fraud type related to the special fraud is registered in association with the fraud number, and in the protected number information 120, the fraud type of the special fraud that the protected person suffered is registered.
  • the alert level determination unit 122 of the ENUM/DNS server 10 issues the connection request. Call can be disconnected. Therefore, for example, like "a call from a malicious person to a victim of an 'It's me' fraud" type of special fraud (e.g., it's me fraud) is the same, and the combination of calls with a high possibility of being victimized is restricted. (Call disconnection) can be performed to prevent damage in advance.
  • the number information updating unit 121 of the ENUM/DNS server 10 exchanges the fraud number information 110 and the protected number with the external database (number database 700) using the ENUM/DNS protocol. It is characterized in that the information 120 is acquired in real time and the fraud number information 110 and the protected number information 120 stored in the storage unit 13 are updated.
  • the ENUM/DNS server 10 can acquire fraud number information 110 and protected number information 120 in real time from an external database (number database 700) using the ENUM/DNS protocol. Therefore, it is possible to prevent fraud damage more effectively by using the latest information.
  • the call processing server 20 is provided with a guidance device 30, and the fraud prevention processing unit 222 of the call processing server 20 performs a predetermined fraud prevention process to prevent fraud damage. At least one of delivering guidance from the guidance device 30 to the destination device, delivering guidance for preventing fraud damage from the guidance device 30 to the originating device, and disconnecting the connection request call.
  • the call processing server 20 distributes guidance from the guidance device 30 provided on the network side to the receiving device (the receiving terminal 5) and the calling device (the calling terminal 4), and disconnects the call for the connection request. you can go Note that the call processing server 20 prevents damage by distributing, for example, guidance calling attention to special fraud to the receiving device. In addition, the call processing server 20 distributes guidance such as recording the call to the originating device, thereby prompting the malicious party of the special fraud to voluntarily disconnect the call. to reduce the distribution and prevent damage.
  • the ENUM/DNS server is the ENUM/DNS server 10 connected to the call processing server 20, and the ENUM/DNS server 10 is a fraudulent fraud number registering a fraud countermeasure target number. It is connected to an external database that stores number information 110 and protected number information 120 in which a protected number indicating the number of a user to be protected from fraud damage is registered. A number information updating unit 121 that acquires fraudulent number information 110 and protected number information 120 and updates the fraudulent number information 110 and protected number information 120 stored in the storage unit 13, and a call processing server 20 that accepts a connection request.
  • a warning level determination request to which the caller number and the called party number are attached, and determines whether the caller number is registered in the fraud number information 110 or the protected number information 120, and whether the called party number is the fraud number information. 110 or the protected number information 120 to determine the connection pattern of the connection request. and a caution level determination unit 122 that determines a caution level that is evaluated to require level fraud damage prevention processing.
  • the connection pattern is determined using the fraudulent number information 110 and the protected number information 120 obtained from the external database (number database 700), and according to the determined connection pattern Determine alert level. Therefore, by transmitting the alert level information to the call processing server 20, the call processing server 20 can execute fraud damage prevention processing according to the alert level. Therefore, fraud damage prevention processing can be executed not on the receiving side but on the network side closer to the calling device (calling terminal 4).
  • the ENUM/DNS server 10 causes the call processing server 20 to perform fraud damage prevention processing before the start of a call, there is no burden on the user. do not have.
  • the ENUM/DNS server 10 can also execute fraud damage prevention processing for a call from a person to be protected to a malicious party of a special fraud. Therefore, it is possible to prevent fraud damage more effectively than in the prior art.

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

L'invention concerne un système de prévention d'apparition de fraude (1000) comprenant un serveur de traitement d'appels (20) et un serveur ENUM/DNS (10). Le serveur de traitement d'appels (20) comprend : une unité de demande de détermination de niveau d'avertissement qui transmet des numéros de source d'appel et des numéros de destination d'appel au serveur ENUM/DNS (10) ; et une unité de prévention de fraude qui exécute un processus de prévention d'apparition de fraude prédéterminé en fonction d'un niveau d'avertissement. Le serveur ENUM/DNS (10) comprend : une unité de mise à jour d'informations de numéro qui acquiert des informations de numéro de fraude et des informations de numéro cible de protection à partir d'une base de données externe (une base de données de numéros 700) ; et une unité de détermination de niveau d'avertissement qui identifie le motif de connexion d'une requête de connexion au moyen des numéros de source d'appel et des numéros de destination d'appel et détermine un niveau d'avertissement en fonction du motif de connexion identifié.
PCT/JP2021/005978 2021-02-17 2021-02-17 Système de prévention d'apparition de fraude, procédé de prévention d'apparition de fraude, serveur enum/dns et programme WO2022176074A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2023500193A JP7509309B2 (ja) 2021-02-17 2021-02-17 詐欺被害防止システム、詐欺被害防止方法、enum/dnsサーバ、および、プログラム
PCT/JP2021/005978 WO2022176074A1 (fr) 2021-02-17 2021-02-17 Système de prévention d'apparition de fraude, procédé de prévention d'apparition de fraude, serveur enum/dns et programme

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2021/005978 WO2022176074A1 (fr) 2021-02-17 2021-02-17 Système de prévention d'apparition de fraude, procédé de prévention d'apparition de fraude, serveur enum/dns et programme

Publications (1)

Publication Number Publication Date
WO2022176074A1 true WO2022176074A1 (fr) 2022-08-25

Family

ID=82930351

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2021/005978 WO2022176074A1 (fr) 2021-02-17 2021-02-17 Système de prévention d'apparition de fraude, procédé de prévention d'apparition de fraude, serveur enum/dns et programme

Country Status (2)

Country Link
JP (1) JP7509309B2 (fr)
WO (1) WO2022176074A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006033586A (ja) * 2004-07-20 2006-02-02 Matsushita Electric Ind Co Ltd Ip電話システム、ip電話装置及び通話方法
JP2010004268A (ja) * 2008-06-19 2010-01-07 Oki Electric Ind Co Ltd 交換システム、着信側電話通信端末、電話システム、中継交換装置及び着信側交換装置
JP2015015530A (ja) * 2013-07-03 2015-01-22 トビラシステムズ株式会社 着信管理装置、着信管理システム及びプログラム
JP2016103800A (ja) * 2014-11-28 2016-06-02 Necネッツエスアイ株式会社 迷惑電話撃退システム
US20200053205A1 (en) * 2018-08-10 2020-02-13 T-Mobile Usa, Inc. Scam call back protection

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101194495A (zh) 2005-04-15 2008-06-04 泰克莱克公司 在通信网络中提供有呈现资格的e.164号码映射(enum)服务的方法、***和计算机程序产品
JP4759074B2 (ja) 2009-04-28 2011-08-31 秀男 松野 振り込め詐欺防止システム
JP2010273071A (ja) 2009-05-21 2010-12-02 Fujitsu Ltd 防犯ガイダンス通知システム
JP2016134641A (ja) 2015-01-15 2016-07-25 日本電信電話株式会社 発信端末信頼度判定システム、および、発信端末信頼度判定方法
JP6480229B2 (ja) 2015-03-26 2019-03-06 株式会社Nttドコモ 中継装置
JP6779658B2 (ja) 2016-05-18 2020-11-04 株式会社日立システムズ 詐欺防止システム、詐欺防止装置、ユーザー端末、詐欺防止方法、及びプログラム
US10863025B2 (en) 2017-05-25 2020-12-08 T-Mobile Usa, Inc. Efficient robocall/scam identification with verification function

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006033586A (ja) * 2004-07-20 2006-02-02 Matsushita Electric Ind Co Ltd Ip電話システム、ip電話装置及び通話方法
JP2010004268A (ja) * 2008-06-19 2010-01-07 Oki Electric Ind Co Ltd 交換システム、着信側電話通信端末、電話システム、中継交換装置及び着信側交換装置
JP2015015530A (ja) * 2013-07-03 2015-01-22 トビラシステムズ株式会社 着信管理装置、着信管理システム及びプログラム
JP2016103800A (ja) * 2014-11-28 2016-06-02 Necネッツエスアイ株式会社 迷惑電話撃退システム
US20200053205A1 (en) * 2018-08-10 2020-02-13 T-Mobile Usa, Inc. Scam call back protection

Also Published As

Publication number Publication date
JP7509309B2 (ja) 2024-07-02
JPWO2022176074A1 (fr) 2022-08-25

Similar Documents

Publication Publication Date Title
US8385524B2 (en) System and method for control of communications connections and notifications
US6768792B2 (en) Identifying call parties to a call to an incoming calling party
US7149296B2 (en) Providing account usage fraud protection
US8050394B2 (en) System and method for control of communications connections and notifications
JP3938237B2 (ja) インタネット電話発信者番号通知装置
US8634528B2 (en) System and method for control of communications connections and notifications
US20030108162A1 (en) Managing caller profiles across multiple hold queues according to authenticated caller identifiers
US20070237319A1 (en) Intermediary Device Based Callee Identification
JP2001501402A (ja) 加入者制御の呼リスト登録解除
US20090097630A1 (en) Automatic Complaint Registration for Violations of Telephonic Communication Regulations with Call Rejection
US7130405B2 (en) Identifying a call made or received on behalf of another
US8249232B2 (en) System and method for control of communications connections
US8577009B2 (en) Automatic complaint registration for violations of telephonic communication regulations
US8732190B2 (en) Network calling privacy with recording
WO2022176074A1 (fr) Système de prévention d'apparition de fraude, procédé de prévention d'apparition de fraude, serveur enum/dns et programme
US20230008581A1 (en) Fraud damage prevention system, fraud damage prevention method, call processing server, enum / dns server, and program
US8848692B2 (en) Method and arrangement for providing VoIP communication
JP2011249995A (ja) 論理番号利用方法、および、アプリケーションサーバ
MX2008004156A (en) Blocking calls to destinations which are registered in a do-not-call database
AU2012200599A1 (en) "Automatic complaint registration for violations of telephonic communication regulations with call rejection"

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21926513

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2023500193

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21926513

Country of ref document: EP

Kind code of ref document: A1