Verification of a telephone call initiation message
The method enhances STIR/SHAKEN procedures by verifying call initiation messages against reference data, effectively preventing identity spoofing attacks by ensuring only authorized entities use the indicated phone numbers, thereby improving call security.
Patent Information
- Authority / Receiving Office
- FR · FR
- Patent Type
- Applications
- Current Assignee / Owner
- ORANGE SA
- Filing Date
- 2024-12-09
- Publication Date
- 2026-06-12
AI Technical Summary
Existing identity spoofing attacks in telephone calls, particularly from call centers, are not effectively prevented by current STIR/SHAKEN procedures, which lack robust verification mechanisms, leading to vulnerabilities in organizations using their phone numbers.
A method for verifying telephone call initiation messages by comparing current data from the call with reference data stored in a database, including terminal and network identifiers, to ensure the calling entity is authorized to use the indicated phone number, enhancing the STIR/SHAKEN procedures with additional verification steps.
This approach effectively identifies and prevents identity theft by ensuring only legitimate entities can use authorized phone numbers, improving security for called entities by validating terminal and network identifiers.
Smart Images

Figure 00000000_0000_ABST
Abstract
Description
Title of the invention: Verification of a telephone call initiation message. Field of the invention
[0001] The field of the invention is that of securing telephone calls, in particular to prevent identity theft attacks, also called "spoofing" in English. Previous art
[0002] An identity spoofing attack in the context of a telephone call is implemented by a calling terminal of a calling entity that spoofs the identity of a person or organization trusted by the called entity, in order to obtain sensitive information from the called entity.
[0003] The term "calling entity" refers to the person or organization that makes the telephone call, that is, the one that is likely to carry out an identity spoofing attack. The term "called entity" similarly refers to the person or organization that receives the telephone call.
[0004] As an example of an identity spoofing attack, the calling entity presents itself as the bank of the called entity in order to obtain bank account information from the called entity.
[0005] To carry out such an attack, a malicious calling entity replaces its own telephone number (the one it possesses and for which it is legitimate) with a trusted telephone number belonging to the person or organization whose identity it is impersonating, in a source field indicating a calling number, the source field being called "from" in English. The legitimate telephone number is the one assigned by a telecommunications operator to the calling entity, for example, when obtaining a Subscriber Identification Module, or SIM, integrated into the calling terminal.
[0006] Thus, upon receiving the telephone call, the called terminal of the called entity displays the trusted telephone number indicated in the source field, i.e., the telephone number of the impersonated person or organization. The called terminal may even display a name stored in a directory of the called terminal associated with the trusted telephone number of the impersonated person or organization. The called entity therefore has a priori trust in the calling entity, which appears legitimate, allowing the calling entity to take advantage of such a situation to obtain sensitive information.
[0007] Such an identity spoofing attack can target so-called entities which are individual customers or companies.
[0008] In order to prevent such attacks, a set of procedures called STIR / SHAKEN, for "Secure Telephoned Identity Revisited" and "Signature-based Handling of Asserted information using toKENs", was introduced.
[0009] The STIR procedure is applicable to telephone calls using Voice over IP (VoIP) technology and proposes issuing attestations to calling entities by integrating the attestation into SIP initiation messages when initiating a telephone call to a called entity. The SHAKEN procedure aims to extend the protection provided by STIR to telephone calls other than VoIP calls, for example, via the public switched telephone network (PSTN), based on SS7 (Signaling System No. 7) initiation messages, rather than SIP initiation messages.
[0010] As part of the STIR procedures, the initial operator of an initial network from which the telephone call is issued (the one through which the calling entity initiates the telephone call), consults the calling telephone number indicated in the source field "From" of a SIP initiation message, and a source address (a network identifier of the calling entity's calling terminal, for example a source IP address) of the telephone call, and issues an attestation in the form of a header of the SIP initiation message.
[0011] The final operator of the final network through which the initiation message is delivered to the called entity verifies the attestation added to the SIP initiation message before delivering the telephone call to the called entity.
[0012] The certificate may also indicate a level of certification from among the following levels: - a full attestation level, or "A", indicating that the originating operator knows the calling entity associated with the source address and its right to use the telephone number; - a partial attestation level, or "B" indicating that the initial operator knows the calling entity associated with the source address, but without verifying its right to use the telephone number; - A gateway attestation level, or "C," indicates that the originating operator confirms initiating the phone call, but without knowing the calling entity associated with the source address or its right to use the phone number. Therefore, Level B and C certificates offer no guarantee that the calling entity is legitimately entitled to use the calling phone number indicated in the first field of the initiation message. Furthermore, some network operators may issue Level A certificates without fully implementing all the procedures. Prerequisites to ensure that the calling entity corresponding to a source address actually has the telephone number indicated in the attestation. In some cases, the original operator may even be involved in an identity spoofing attack, and may therefore issue a Level A certificate to the calling entity upon receipt of the call initiation message, the calling entity being malicious.
[0013] Furthermore, in the case of a call originating from an organization's call center, the call center makes a telephone call using the organization's telephone number, even though the call center does not possess its own telephone number. In such a scenario, only a Level B or C attestation can be issued for a voice call originating from the call center, making the organization vulnerable to identity spoofing attacks. Many organizations, such as banks and other institutions, use such call centers, and STIR / SHAKEN procedures are particularly unsuitable for preventing identity spoofing attacks in this context.
[0014] There is therefore a need to prevent identity theft attacks in the context of telephone calls, whatever the use case, in particular when a telephone call is made from a call centre. Object and summary of the invention
[0015] One of the aims of the invention is to remedy at least one of the drawbacks of the aforementioned prior art by proposing a new technique for verifying a telephone call initiation message. This makes it possible to identify and prevent telephone calls from callers impersonating the legitimate owner of a telephone number, even when an organization allows a call center to use its telephone number.
[0016] To this end, an object of the present invention relates to a method for processing a telephone call initiation message comprising the following steps: - obtaining current data extracted from an initiation message, the current data comprising a current telephone number and further comprising a current terminal network identifier and / or a current initial network identifier; - obtaining reference data comprising a reference telephone number, and further comprising a reference terminal network identifier and / or a reference initial network identifier; - determination of a verification result by comparison between current data and reference data.
[0017] The current terminal network identifier can be information enabling the identification of a calling terminal in a network and the current initial network identifier can be information enabling the identification of an initial network receiving the initiation message from the calling terminal.
[0018] Thus, the invention provides access to reference data that links a reference telephone number, for example, an organization's telephone number, with a terminal network identifier of a terminal authorized to use such a reference telephone number, and / or with an originating network identifier from which the reference telephone number can be used. The use of reference data makes it possible to verify, when a telephone call is initiated, whether the calling terminal associated with the terminal network identifier is authorized to use the current telephone number, because it corresponds to the reference network identifier indicated in the reference data, and / or whether the current telephone number is indeed being used by a calling terminal from an originating network corresponding to the one indicated in the reference data.
[0019] According to one embodiment, the reference data can be obtained by querying a reference database storing reference data associations, each reference data association associating a reference telephone number with a reference terminal network identifier and / or with a reference initial network identifier.
[0020] Thus, a reference database can centralize reference data associations, which allows verification of initiation messages from several calling terminals, by the same verification server associated with the reference database.
[0021] In addition, querying the reference database may include: - transmitting a request including the current telephone number to the reference database; - a receipt of reference data associated with the reference telephone number corresponding to the current telephone number.
[0022] Thus, the reference data can be indexed by the reference telephone numbers, which facilitates the search for the reference data in the reference database.
[0023] According to one embodiment, current data can be obtained by receiving a verification request from a telephone application server, the verification request including current data extracted from the initiation message, the method further including the transmission of the verification result to the telephone application server.
[0024] Thus, the telephone application server can block initiation messages for which the check is negative. Indeed, such a negative check indicates that the calling terminal is not authorized to use the current telephone number and / or that the initiation message originates from an initial network that is not authorized to initiate a phone call with the current phone number, as no reference data association corresponds to such authorization.
[0025] In addition, the telephone application server can be associated with an end network capable of communicating with a called terminal identified in the initiation message, and the telephone application server can transmit the initiation message to the called terminal, if the received verification result is positive.
[0026] Thus, the telephone application server can ensure the protection of the called terminals served by the end network against identity theft of a legitimate owner of the current telephone number. Verification can therefore be implemented before transferring the initiation message to the called terminal.
[0027] In addition, the reference data obtained may further include a reference owner identifier, the reference owner identifier may be transmitted to the telephone application server with the verification result, and the telephone application server may add the reference owner identifier to the initiation message.
[0028] Thus, in the event of a positive verification, the initiation message transmitted to the called terminal can be enriched with the identifier of the owner of the current telephone number, which allows the calling entity, when it legitimately uses the current telephone number, to be identified as the owner of the current telephone number.
[0029] In addition, the process may include the following steps: - reception by the telephone application server of the initiation message from the initial network; - extraction by the telephone application server of current data from the initiation message into predefined fields of the initiation message.
[0030] Thus, the extraction of current data is facilitated for the telephone application server.
[0031] In addition, the telephone application server can extract the current telephone number from a source field modifiable by the calling terminal and can extract the current terminal network identifier and / or the current initial network identifier from a field defined by a network server.
[0032] Thus, it is permissible to ensure legitimate use of the current telephone number, which can be modified by the calling terminal, by controlling field data which cannot be modified by the calling terminal, because they are filled in by a server of the initial network (or of an intermediate network between the initial and final networks).
[0033] In addition or alternatively, the method may further include, upon receipt of the initiation message by the telephone application server, a verification of an attestation included in the initiation message, and the telephone application server can extract current data only if the attestation verification is positive.
[0034] Thus, the verification of the initiation message may include a prior attestation verification step, in accordance with the STIR / SHAKEN procedure for example, which improves the reliability associated with the verification.
[0035] According to one embodiment, the method may further include receiving, by the reference database, reference data from a recording terminal associated with an owner of the reference telephone number, and storing said received reference data in the reference database.
[0036] Thus, the owner of the reference telephone number can declare the reference data on the basis of which initiation messages must be verified, when they include the reference telephone number of the recorded reference data.
[0037] The invention also relates to a computer program comprising instructions for implementing the method of processing a telephone call initiation message according to the invention, according to particular embodiments described above, when said program is executed by a processor.
[0038] Such instructions can be stored permanently in a non-transient memory medium of the verification server implementing the method for processing a telephone call initiation message according to the invention.
[0039] This program may use any programming language, and be in the form of source code, object code, or intermediate code between source code and object code, such as in a partially compiled form, or in any other desirable form.
[0040] The invention also relates to a recording medium or information medium readable by a computer, and comprising instructions for a computer program as mentioned above.
[0041] The recording medium can be any entity or device capable of storing the program. For example, the medium can include a storage means, such as a ROM, for example a CD ROM or a microelectronic circuit ROM, or a magnetic recording means, for example a mobile medium, a hard disk drive or an SSD.
[0042] On the other hand, the recording medium can be a transmissible medium such as an electrical or optical signal, which can be transmitted via an electrical or optical cable, by radio or by other means, so that the computer program The program it contains is executable remotely. In particular, the program according to the invention can be downloaded onto a network, for example, an Internet-type network.
[0043] Alternatively, the recording medium may be an integrated circuit in which the program is incorporated, the circuit being adapted to execute or to be used in the execution of the aforementioned resource management process.
[0044] According to a material aspect, the invention relates to a verification server comprising a processor configured to: - obtain, through a first interface of the verification server, current data extracted from a telephone call initiation message, the current data including a current telephone number and also including a current terminal network identifier and / or a current initial network identifier; - obtain, via a second interface of the verification server, reference data including a reference telephone number, and also including a reference terminal network identifier and / or a reference initial network identifier; - determine a verification result by comparison between current data and reference data.
[0045] According to another material aspect, the invention relates to a system comprising a verification server according to the invention, a telephone application server, and a reference database. The telephone application server is configured to transmit a verification request to the verification server, the verification request comprising the current data. The verification server is capable of querying the reference database to obtain the reference data, and the verification server is further capable of transmitting the verification result to the telephone application server. Brief description of the drawings
[0046] Other features and advantages will become apparent upon reading particular embodiments of the invention, given by way of illustrative and non-limiting examples, and the accompanying drawings, among which:
[0047] Figure 1 represents an architecture in which the process for processing a message initiating a telephone call is implemented, according to a particular embodiment of the invention.
[0048] [Fig.2] represents the steps of a preliminary phase of a process for processing a message initiating a telephone call, as implemented in the architecture of [Fig.1]; The [Fig.3] represents the steps of a common phase of a process for processing a message initiating a telecommunications session, as implemented in the architecture of the [Fig.1];
[0049] Fig. 4 represents a structure of a server for verifying a message initiating a telephone call, according to an embodiment of the invention.
[0050] Detailed description of an embodiment of the invention
[0051] Fig. 1 represents an architecture, or system, in which is implemented a method for processing a message initiating a telephone call between a calling terminal 101, or source, and a called terminal 102, or recipient, according to an embodiment of the invention.
[0052] The calling terminal 101 can be associated with a calling entity 111, which can be an individual or an organization. For example, the calling entity 111 can be a call center of an organization, in an example described in detail below.
[0053] The terminal called 102 is associated with an entity called 112, which can also be an individual or an organization.
[0054] The calling terminal 101 is capable of communicating, for example by radio, with an initial access network 121, which may be an LTE (Long Term Evolution) or 5G network, or their variants or evolutions. Wireless broadband communication standards, such as LTE, 5G, or others, intended for mobile devices and data terminals, are well known and are not further described herein.
[0055] In what follows, it is considered, for illustrative purposes, that the telecommunications session that the calling entity 111 seeks to establish with the called entity 112 is a VoLTE (Voice over LTE) type voice call. In this context, the initiation of the telecommunications session includes the transmission of an initiation message according to the SIP (Session Initiation Protocol).
[0056] However, no restriction is attached to the telephone call according to the invention, which can be supported by any technology enabling the establishment of a telephone call between the calling terminal 101 and the called terminal 102. For example, the initiation message can alternatively be an SS7 type initiation message.
[0057] The initial network 121 is managed by an initial operator associated with a network server 161, which is responsible for receiving and routing communication session initiation messages, for example, SIP initiation messages. Thus, when the calling entity 111 wishes to initiate a telecommunications session with the called entity 112, the calling terminal 101 transmits an initiation message to the network server 161, which is able to determine the destination network to which to route the message The initiation network is a final network 122 described below. For example, for an initial LTE network 121, the network server 161 can be a telephone application server of the initial network 121 (distinct from the telephone application server 162 described below) or a session router.
[0058] The terms "initial" and "final" indicate only the position of the networks within the specific context of a call initiated from the calling terminal 101 to the called terminal 112, and the initial and final networks therefore depend on the calling and called terminals. In particular, in a reverse situation, not described below, in which terminal 102 initiates a telephone call to terminal 101, network 121 is the final network while network 122 is the initial network.
[0059] The initial network 121 may, in certain embodiments, include an authentication server 131 capable of issuing an attestation based on an initiation message from the calling terminal 101, according to the STIR / SHAKEN procedure. The initiation message is then transmitted from the network server 161 to the authentication server 131 for insertion of the attestation into the initiation message. Once the attestation has been inserted into the initiation message, for example in a header of the initiation message, the initiation message may be returned to the network server 161 for transmission to the final network 122 with which the called terminal 102 is capable of communicating. Alternatively, no attestation is issued to the calling terminal 101, and the initiation message is transmitted to the destination network 122 without attestation. In this alternative, the initial network 121 may not include an authentication server 131.
[0060] In the example described, the final network 122 can also be an LTE, 5G mobile telephony network or their variants or evolutions.
[0061] The initial network 121 and the final network 122 can be connected by an IMS core network 120, for "IP Multimedia Subsystem" in English, whose architecture is well known and is not described further in this description.
[0062] The final network 122 is managed by an end operator and comprises, according to the invention, a telephone application server 162, also called a TAS in English for "Telephony Application Server", and a verification server 132. According to some embodiments not described below, the verification server 132 can be integrated into the telephone application server 162. Alternatively, as shown in [Fig. 1], the verification server 132 is separate from the telephone application server 162.
[0063] During the transmission of the initiation message to the final network 122, the network server 161 is able to address the initiation message to the telephone application server 162. The telephone application server 162 is thus able to receive initiation messages in the final network 122, for transmission to the terminal called 102.
[0064] According to the invention, the architecture according to the invention further comprises a reference database 140 which the verification server 132 is able to access.
[0065] A recording terminal 150 associated with the calling entity 111 is able to access the reference database 140 during the preliminary phase described below with reference to [Fig. 2]. For this purpose, the reference database 140 can be interfaced by a third-party service provider server 170, with which the recording terminal 150 is able to communicate, for example via an application or a web browser.
[0066] The recording terminal 150 can be any terminal associated with the calling entity 111, for example the calling terminal.
[0067] The recording terminal 150 could, for example, be a server of the organization (a bank, for example) to which the calling entity 111 is attached. For example, the calling entity 111 could be one of the organization's call centers.
[0068] The following describes an embodiment in which the organization associated with the recording terminal 150 authorizes the use of the telephone number it owns (the reference telephone number) to a calling terminal of a call center.
[0069] Figure 2 illustrates a preliminary phase of a method for processing an initiation message of a telecommunications session according to embodiments of the invention.
[0070] At a step 201, the recording terminal 150 of the organization associated with the calling entity 111 prepares a reference data registration request, which includes reference data. The reference data includes: - a reference telephone number, which is a telephone number of the organization or person associated with the recording terminal 150. This is the telephone number that is authorized to be used by the calling terminal 101 during the current phase described below, allowing it to be entered in a source or "from" field of a communication session initiation message, such as a SIP message; and
[0071] - a reference terminal network identifier and / or an initial network identifier reference.
[0072] In some embodiments, the reference data may further include a reference owner identifier, which may be a name or other designation (e.g., company name) of the organization or person represented by the recording terminal 150 and who owns the reference telephone number.
[0073] A terminal network identifier is information that uniquely identifies a terminal in a telecommunications network.
[0074] An initial network identifier is information that uniquely identifies a network or the associated network operator, globally or locally.
[0075] The term "reference" here indicates that this refers to information declared beforehand by the organization or person associated with the recording terminal 150, and used during the current phase to validate or invalidate current data. Thus, it is the reference data that allows the verification server 132, accessing the reference database 140, to verify current data collected during the current phase in an initiation message as described below.
[0076] It should be noted that the telephone number indicated in the source field of the initiation message can be modified by a calling terminal. On the other hand, the terminal's network identifier cannot be modified by a calling terminal: it is an identifier that is assigned by a network server of an initial network (for calling terminal 101, it is network server 161 of initial network 121) or an identifier that is derived from an identifier assigned by a network server of the initial network.
[0077] The reference terminal network identifier thus identifies the terminal authorized to use the reference telephone number, thereby enabling the use of the reference telephone number by an entity possessing the authorized terminal. A current terminal network identifier used by a calling terminal using the reference telephone number can thus be compared, during a current phase, with the reference terminal network identifier to verify that the calling terminal is indeed authorized to use the current telephone number, even though it does not own it. This makes it possible to differentiate between an identity spoofing attack and the legitimate use of a telephone number by a call center that does not own it.
[0078] For example, the current terminal network identifier of calling terminal 101 may be indicated in a PAI field of a SIP initiation message, PAI meaning "P-Asserted Identity". Such a field is added by a P-CSCF device on the IMS 120 network upon receipt of a SIP initiation message, which replaces "P-Preferred Identity" information previously added by the network server 161 in a header of the SIP initiation message. The terminal network identifier or PAI network identifier may be in the form of a telephone Uniform Resource Indentant, URI. Such a telephone URI may include a prefix "tel:" followed by a telephone number including a "+" sign and a series of digits, for example:<tel : +123456789012> .
[0079] The terminal network identifier more generally covers any identifier assigned by the initial network, or by the IMS network in the described embodiment, to the calling terminal, and which cannot be modified by the calling terminal.
[0080] The initial network identifier may correspond to an identifier specified in a P-Access-Network-Info (PANI) header of a SIP initiation message, such an identifier being added by a network server, and not by the calling terminal. For example, in France, the PANI header may include a code called R1R2 issued by a regulatory authority and uniquely identifying a network, or the associated network operator. Generally, the initial network identifier covers any identifier that uniquely designates, at least within a given territory, a network or a network operator, and that is not configurable by a calling terminal in the initiation message.
[0081] At a step 202, the recording terminal 150 transmits the registration request including the reference data described above, to the third-party service provider server 170.
[0082] At a step 203, the third-party service provider server 170 can verify the reference data included in the registration request. Such a verification can, in particular, verify that the reference terminal network identifier has not been previously reported as associated with fraudulent calls. Other verification criteria can be applied to the reference data according to the invention, relating, for example, to the consistency between the reference telephone number and the reference owner identifier.
[0083] In the event of a positive verification, the third-party service provider server 170 transmits, at a step 204, the reference data to the reference database 140, for storage at a step 205. At step 205, the database stores the reference data in association, the association being able to be indexed by the reference telephone number.Thus, as will be described below, the reference database 140 can be queried on the basis of a current telephone number, and the reference database 140 compares the current telephone number to the reference telephone numbers of the associations it stores, and - if the current telephone number matches a stored reference telephone number, the reference database 140 returns the reference data associated with the corresponding reference telephone number, at least the reference terminal network identifier and / or the reference initial network identifier; . - if the current telephone number does not correspond to any stored reference telephone number, the reference database 140 issues a message including information indicating the absence of the current telephone number in the reference database 140.
[0084] At a step 206, the third-party service provider server 170 can validate the registration of the reference data with the registration terminal 150.
[0085] Figure 3 illustrates the steps of a common phase of a process for treating a initiation message for a telephone call, according to embodiments of the invention.
[0086] During the current phase, the calling entity 111 seeks to initiate a telephone call with the called entity 112.
[0087] In order to initiate the telephone call, the calling terminal 101 prepares an initiation message, the initiation message including information indicating a current telephone number, which is configurable by the calling entity 111. In the case of a SIP type initiation message, the initiation message includes a "from" source field indicating a current telephone number.
[0088] The adjective "current" qualifies the data which are specific to the current phase, as opposed to the reference data which are stored in the reference database 140 and which serve as a reference to validate or invalidate the current data of an initiation message.
[0089] In a legitimate use case of the current telephone number, the current telephone number is the number of the organization to which the calling entity 111 is attached, which may be a call center as previously described.
[0090] At a step 301, the calling terminal 101 transmits the initiation message prepared at step 300 to the network server 161 of the initial network 121.
[0091] At a step 302, upon receipt of the initiation message, the network server 161 enriches the initiation message before routing it to the final network 122. The network server 161 may in particular add the initial network identifier associated with the initial network 121, referred to as the current initial network identifier in what follows, as well as a current terminal network identifier that identifies the calling terminal 101 in the initial network 121 (for example the PPI identifier described previously).
[0092] At an optional step 303, the network server 161 can transmit the initiation message to the authentication server 131 for adding an attestation according to the STIR / SHAKEN procedure.
[0093] At step 304, upon receipt of the initiation message, the authentication server 132 can generate an attestation from information contained in the initiation message, in accordance with the STIR / SHAKEN procedure, and the initiation message is modified to incorporate the generated attestation. No restrictions are attached to the generated attestation level. In the described embodiment, the calling terminal 101 does not have the current telephone number, so the generated attestation level is level B or C as previously described.
[0094] At a step 305, the authentication server 131 returns the initiation message, including the attestation, to the network server 161.
[0095] At a step 306, following step 302, or following step 305 when the STIR / SHAKEN procedure is implemented, the network server 161 of the initial network 121 transmits the initiation message to the telephone application server 162 of the final network 122. It should be noted that the initiation message addressed to the telephone application server 162 of the final network corresponds to the initiation message enriched by the network server 161 of the initial network and possibly includes the attestation generated by the authentication server 131 according to the STIR / SHAKEN procedure.
[0096] During transmission to the telephone application server 162, the PPI identifier (information "P-Preferred Identity") serving as the current terminal network identifier can be replaced by the PAI identifier described above, by a P-CSCF server of the IMS network 120, and the PAI identifier is therefore the current terminal network identifier in what follows.
[0097] At step 307, upon receipt of the initiation message, the telephone application server 162 can verify the attestation included in the initiation message, when the initiation message includes such an attestation (in embodiments where the attestation is generated by the authentication server 131 as described above). The following steps are implemented only if the telephone application server 162 successfully verifies the attestation. A successful verification of the attestation means that the attestation is present in the initiation message, whether it is level A, B, or C (level B or C in particular in the described embodiment).
[0098] Indeed, in the event of a negative verification, the telephone application server 162 can send a rejection message back to the network server 161 of the initial network 121, which interrupts the initiation of the telephone call. A negative attestation verification means that the initiation message does not include an attestation or that the attestation present in the initiation message is invalid, for example because it is a fraudulent certificate not corresponding to the current telephone number.
[0099] At step 308, the telephone application server 162 can extract the following current data from the initiation message: - the current phone number of the source field; and - the current terminal network identifier and / or the current initial network identifier. At step 309, the telephone application server 162 can transmit a verification request to the verification server 132, the verification request including the extracted current data, namely the current telephone number, the current terminal network identifier and / or the current initial network identifier. At step 310 Optionally, the verification server 132 can verify that the current telephone number included in the verification request is included in a list stored in the verification server 132. The list stored in the verification server 132 can include all the telephone numbers that are part of the reference data stored in the reference database 140. Thus, the verification in step 310 avoids an unnecessary query of the reference database 140 (if the current telephone number does not match any reference telephone number stored in the reference database 140).
[0100] At a step 311, the verification server 132 (or the telephone application server 162 when the verification server is embedded in the telephone application server) queries the reference database 140 by transmitting a request including the current telephone number.
[0101] Upon receipt of the request, the reference database 140 compares the current telephone number to the reference telephone numbers, in order to detect a match at a step 312. If a match is found with a reference telephone number, the reference database 140 obtains the reference terminal network identifier and / or the reference initial network identifier associated with the corresponding reference telephone number.
[0102] At a step 313, the reference database 140 returns a response including the obtained reference data, namely the obtained reference terminal network identifier and / or the obtained initial reference network identifier, to the verification server 132.
[0103] If there is no match between the current telephone number and the reference telephone numbers, the reference database 140 can return a no-match message to the verification server 132 at step 313. Alternatively, the database may not respond, indicating no match.
[0104] Database 140 may be included in the verification server, in the telephone application server or elsewhere.
[0105] Upon receipt of the reference data, the verification server 132 checks, at a step 314, whether the current data corresponds to the reference data, by comparing the current data with the reference data. To this end, the verification server compares: - the current terminal network identifier along with the reference terminal network identifier; and / or - the current initial network identifier with the reference initial network identifier.
[0106] The verification is positive if each comparison (one or two verifications depending on the embodiment) is positive, that is, if the current data and the data The reference values are identical. If at least one comparison is negative, the verification of the current data is negative.
[0107] In other words, according to a first embodiment, the verification server implements only one of the verifications presented below.
[0108] In this first embodiment, the verification server can be configured to check if the current terminal network identifier matches the reference terminal network identifier.
[0109] According to a variant of this first embodiment, the verification server can be configured to check whether the current initial network identifier matches the reference initial network identifier.
[0110] According to a second embodiment, the verification server implements the two checks described below. In this case, the verification server can be configured to deliver a positive result if both checks are positive, and a negative result if at least one of the checks is negative. According to another variant, the verification server can be configured to deliver a positive result if at least one of the two checks is positive and a negative result if both checks are negative.
[0111] The verification server 132 thus obtains a verification result, positive or negative, at step 314.
[0112] At a step 315, the verification server 132 transmits the verification result to the telephone application server 162.
[0113] If a no-match message is received from database 140 at step 313, the verification server 132 can transmit the no-match message to the telephone application server 162 at step 315.
[0114] According to another embodiment, the telephone application server 162 integrates the verification server 132 and implements steps 310, 311 and 314 itself.
[0115] If the comparison result is positive, the telephone application server 162 transmits the initiation message to the terminal called 102 at a step 317.
[0116] According to some embodiments, before transmitting the initiation message in step 317, the telephone application server 162 can enrich the initiation message with an owner identifier associated with the current telephone number. The owner identifier can be the reference owner identifier stored in association with the reference telephone number corresponding to the current telephone number. For this purpose, the reference database 140 can integrate the reference owner identifier into the response returned in step 313. The owner identifier can be transmitted with the verification result to the telephone application server in step 315, which can thus enrich the initiation message in step 316.
[0117] If the comparison result is negative, the telephone application server 162 can transmit a rejection message to the network server 161, and the telephone call initiation is interrupted. In another embodiment, if the comparison result is negative, the telephone application server 162 does not transmit a message.
[0118] In the event of receiving a no-match message from database 140, from the verification server 132, or in the event of no response from database 140, the telephone application server 162 may transmit the initiation message to the called terminal 102, or may alternatively refuse the call initiation by sending a refusal message to the network server 161 of the initial network 121.
[0119] Following step 317 of transmitting the initiation message (in the event of a positive verification result), the called terminal 102 broadcasts an alert (e.g., rings or vibrates) at step 318, while displaying the current telephone number and, in some embodiments, the owner's identifier. If the called entity 112 validates the establishment of the telephone call, the telephone call is established between the calling terminal 101 and the called terminal 102 at step 319. If the called entity 112 refuses, the initiation of the telephone call is interrupted.
[0120] Fig. 4 represents a structure of the verification server 132, according to one embodiment of the invention.
[0121] The verification server 132 includes a processor 401 configured to communicate unidirectionally or bidirectionally, via one or more buses or via a direct wired connection, with a memory 402 such as Random Access Memory (RAM), Read Only Memory (ROM), or any other type of memory (Flash, EEPROM, etc.). Alternatively, the memory 402 comprises several memories of the aforementioned types.
[0122] The memory 402 includes at least one non-volatile memory in which the data used and / or resulting from the implementation of steps 309 to 311 and 313 to 315 described above are stored temporarily or permanently.
[0123] In particular, memory 402 can store, at least temporarily, the current data received in step 309 and the reference data received in step 315, so that this data can be compared. Furthermore, as described previously, memory 402 can store the list used during the implementation of step 310 described previously.
[0124] The processor 401 is capable of executing instructions, stored in memory 402, for the implementation of steps 310, 311, 314 and 315 described above.
[0125] The verification server 132 further includes a first interface 403 capable of communicating with the telephone application server 162, and a second interface 404 capable of communicating with the reference database 140.
Claims
Demands
1. A method for processing a telephone call initiation message comprising the following steps: - obtaining (309) current data extracted from said initiation message, the current data comprising a current telephone number and further comprising a current terminal network identifier and / or a current initial network identifier; - obtaining (313) reference data comprising a reference telephone number, and further comprising a reference terminal network identifier and / or a reference initial network identifier; - determining (314) a verification result by comparison between the current data and the reference data.
2. A method according to claim 1, wherein the reference data is obtained (313) by querying (311) a reference database (140) storing reference data associations, each reference data association associating a reference telephone number with a reference terminal network identifier and / or with a reference initial network identifier.
3. A method according to claim 2, wherein querying the reference database (140) comprises: - transmitting (311) a query including the current telephone number to the reference database; - receiving (313) the reference data associated with the reference telephone number corresponding to the current telephone number.
4. A method according to any one of the preceding claims, wherein the current data is obtained by receiving (309) a verification request from a telephone application server (162), the verification request comprising the current data extracted from the initiation message, the method further comprising transmitting (315) the verification result to the telephone application server.
5. A method according to claim 4, wherein the telephone application server (162) is associated with an end network (122) capable of communicating with a terminal called (102) identified in the initiation message, and in which the telephone application server transmits (317) the initiation message to the called terminal, if the received verification result is positive.
6. A method according to claim 5, wherein the reference data obtained further include a reference owner identifier, and wherein the reference owner identifier is transmitted (315) to the telephone application server (162) with the verification result and wherein the telephone application server adds the reference owner identifier to the initiation message.
7. A method according to any one of claims 4 to 6, comprising the following steps: - reception (306) by the telephone application server (162) of the initiation message from the initial network (121); - extraction (308) by the telephone application server of the current data of the initiation message into predefined fields of the initiation message.
8. A method according to claim 7, wherein the telephone application server (162) extracts the current telephone number from a source field modifiable by the calling terminal, wherein the telephone application server extracts the current terminal network identifier and / or the current initial network identifier from a field defined by a network server (161).
9. A method according to claim 7 or 8, further comprising, upon receipt (306) of the initiation message by the telephone application server (162), a verification (307) of an attestation included in the initiation message, and wherein the telephone application server extracts (308) the current data only if the attestation verification is positive.
10. A method according to claim 2 or 3, further comprising receiving (204) reference data from a recording terminal (150) associated with an owner of the reference telephone number by the reference database (140), and storing (205) said received reference data in the reference database.
11. A computer program comprising program code instructions for implementing the process of processing telephone call initiation message according to any one of claims 1 to 10, when executed by a processor (401).
12. Computer-readable information carrier, and containing instructions for a computer program according to claim 11.
13. Verification server (132) comprising a processor (401) configured to: - obtain, through a first interface (403) of the verification server, current data extracted from a telephone call initiation message, the current data comprising a current telephone number and further comprising a current terminal network identifier and / or an initial network identifier; - obtain, through a second interface (404) of the verification server, reference data comprising a reference telephone number, and further comprising a reference terminal network identifier and / or a reference initial network identifier; - determine a verification result by comparison between the current data and the reference data.
14. System comprising a verification server (132) according to claim 13, a telephone application server (162) and a reference database (140), wherein the telephone application server is configured to transmit a verification request to the verification server, the verification request comprising the current data, wherein the verification server is capable of querying the reference database to obtain the reference data, and wherein the verification server is further capable of transmitting the verification result to the telephone application server.