WO2022176074A1 - Fraud suffering prevention system, fraud suffering prevention method, enum/dns server, and program - Google Patents

Fraud suffering prevention system, fraud suffering prevention method, enum/dns server, and program Download PDF

Info

Publication number
WO2022176074A1
WO2022176074A1 PCT/JP2021/005978 JP2021005978W WO2022176074A1 WO 2022176074 A1 WO2022176074 A1 WO 2022176074A1 JP 2021005978 W JP2021005978 W JP 2021005978W WO 2022176074 A1 WO2022176074 A1 WO 2022176074A1
Authority
WO
WIPO (PCT)
Prior art keywords
fraud
number information
protected
enum
call
Prior art date
Application number
PCT/JP2021/005978
Other languages
French (fr)
Japanese (ja)
Inventor
政憲 秋本
宏 清水
Original Assignee
日本電信電話株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電信電話株式会社 filed Critical 日本電信電話株式会社
Priority to PCT/JP2021/005978 priority Critical patent/WO2022176074A1/en
Priority to JP2023500193A priority patent/JPWO2022176074A1/ja
Publication of WO2022176074A1 publication Critical patent/WO2022176074A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • H04M3/42Systems providing special services or facilities to subscribers

Definitions

  • the present invention relates to a fraud damage prevention system, a fraud damage prevention method, an ENUM/DNS server, and a program that prevent fraud damage using telephones.
  • Non-Patent Document 1 In view of the fact that many fraud cases using telephones, such as the "It's me” fraud, have occurred, there is a technique in which the called party issues an announcement to warn against fraud before answering the telephone, or regulates the call (for example, see Non-Patent Document 1).
  • an incoming call rejection list 101 is registered in advance in the incoming call destination device 50 located on the incoming call side. Then, in the destination device 50, the call information (originator number) of the signal received from the call processing server 20a is collated with the call rejection list 101, and the matched call is restricted or the guidance device 30a calls attention. to run.
  • the destination device 50 is, for example, an IP (Internet Protocol) telephone (receiving terminal 5) provided in each home, a PBX (Private Branch eXchange) (not shown), or the like.
  • Non-Patent Document 2 a technology that records the content of calls, transfers the audio file to a special fraud countermeasure server, determines whether or not the call is a special fraud by AI (Artificial Intelligence) analysis, and notifies an alarm to call attention.
  • AI Artificial Intelligence
  • Non-Patent Document 1 when the guidance device is used to call attention, the user of the telephone service having the destination device 50 needs to prepare a special anti-fraud guidance device.
  • the call rejection list 101 can be created by the user or by a service provider and updated. Anti-fraud measures may be less effective.
  • Non-Patent Document 2 it is necessary to record the content of the call once and then analyze it with AI. Therefore, since it is necessary to have a conversation with the malicious person of the special fraud once, it is a burden for the user, and there is a problem in terms of immediacy because it is assumed that the call is completed. Furthermore, there is a possibility that the first call may lead to damage to the user.
  • An object of the present invention is to perform effective fraud damage prevention processing before starting.
  • a fraud damage prevention system includes a call processing server that connects a call originating device and a destination device, and an ENUM/ and a DNS server, wherein when the call processing server receives a connection request from the call originating device, the originating number of the originating device and the destination number of the called device are attached.
  • a security level determination request unit that transmits a security level determination request to the ENUM/DNS server; and a security level determination result regarding the connection request from the ENUM/DNS server, and a predetermined fraud damage according to the security level.
  • a fraud prevention processing unit that executes prevention processing
  • the ENUM/DNS server is a fraud number information registering a fraud number indicating a number subject to fraud countermeasures, and a target to be protected from fraud damage.
  • Number information for updating the fraudulent number information and the protected number information stored in the storage unit by acquiring the protected number information in which the protected number indicating the user's number is registered from the external database at predetermined time intervals.
  • the connection pattern of the connection request is determined by determining whether or not the destination number is registered in the fraudulent number information or the protected number information, and fraud damage occurs according to the determined connection pattern.
  • a caution level determination unit that determines a caution level that evaluates that the fraud damage prevention processing of a higher level is required as the possibility is higher.
  • the network side closer to the originating device (originating terminal) rather than the called party performs effective fraud prevention processing before the call starts. can be executed.
  • FIG. 3 is a diagram showing a data configuration example of protected number information according to the present embodiment
  • FIG. 4 is a diagram showing an example of alert levels associated with connection patterns of callers and callees
  • 3 is a functional block diagram showing a configuration example of a call processing server according to this embodiment
  • FIG. It is a figure explaining the example of the caution level countermeasure information which concerns on this embodiment.
  • FIG. 2 is a hardware configuration diagram showing an example of a computer that implements functions of an ENUM/DNS server and a call processing server according to the present embodiment;
  • FIG. 1 is a diagram for explaining a conventional system for preventing fraud on the receiving side;
  • FIG. 1 is a diagram for explaining a conventional system for preventing fraud on the receiving side;
  • this embodiment a mode for carrying out the present invention (hereinafter referred to as "this embodiment") will be described. First, the outline of the present invention will be explained.
  • the fraud damage prevention system has functions for preventing fraud damage by telephone (such as a function to regulate calls and a function to play guidance using a guidance device). It is characterized in that it is provided on the network side without More specifically, in addition to information on the blacklist that is the target of fraud countermeasures (hereinafter referred to as "fraudulent number information"), information on the user number list that is the target of fraud protection (hereinafter referred to as " Protected Number Information”) is provided by an ENUM (E.164 Number Mapping)/DNS (Domain Name System) server.
  • ENUM E.164 Number Mapping
  • DNS Domain Name System
  • a call processing server and an ENUM/DNS server perform connection destination information resolution processing and perform call connection between a calling terminal and a called terminal, and this ENUM/DNS system is utilized.
  • the ENUM/DNS server that receives an inquiry from the call processing server refers to the fraud number information and the protected number information based on both the caller number and the destination number. to determine the alert level.
  • the call processing server obtains information on the alert level determined by the ENUM/DNS server, and according to the alert level, restricts calls as preset fraud prevention processing (predetermined fraud prevention processing). (call disconnection) and delivery of guidance by the guidance device.
  • the ENUM/DNS server uses the ENUM/DNS protocol from an external database ("number database 700" described later) of an administrative agency or the like that stores the latest fraud number information and protected number information. Obtain and update the fraud number information and the protected number information at intervals (for example, in real time or at regular intervals).
  • the fraud damage prevention system prevents fraud damage more effectively than the conventional technology before the call starts on the network side closer to the originating device (originating terminal) rather than on the receiving side. Processing can be performed.
  • Non-Patent Document 3 (“TTC Standard JJ-90.31 Carrier ENUM Interconnection Common Interface” Version 4.0, August 29, 2018, General Incorporated Association Information and Communication Technology Committee) I'm familiar with A fraud damage prevention system of the present invention using this ENUM/DNS server will be described below.
  • FIG. 1 is a diagram showing the overall configuration of a fraud damage prevention system 1000 according to this embodiment.
  • the ENUM/DNS server 10 has fraud number information 110 and protected number information 120 . Then, using the interface between the ENUM/DNS server 10 already provided in the call processing server 20 as a conventional technique, the call processing server 20 generates the calling number and destination number for the call for which the connection request is received. to the ENUM/DNS server 10.
  • the ENUM/DNS server 10 determines whether the caller number is registered in the fraudulent number information 110 and whether the destination number is registered in the protected number information 120. to decide. In other words, the warning level is determined by judging whether the calling party is the number of the malicious person of the special fraud or the receiving party is the number of the protected party.
  • the ENUM/DNS server 10 determines whether the caller number is registered in the protected number information 120 and whether the destination number is registered in the fraudulent number information 110. determine the level. In other words, the warning level is determined by judging whether the caller is the number of the person to be protected or the caller is the number of the malicious person of the special fraud.
  • the ENUM/DNS server 10 determines the pattern of the combination of the source number and the destination number ("connection pattern" to be described later), and the call from the fraud number to the protected number and calls from protected numbers to fraudulent numbers. Based on this vigilance level, the call processing server 20 executes fraud damage prevention processing (call control (call disconnection) and guidance delivery) before starting a call.
  • fraud damage prevention processing call control (call disconnection) and guidance delivery
  • FIG. 2 is a functional block diagram showing a configuration example of the ENUM/DNS server 10 according to this embodiment.
  • the ENUM/DNS server 10 has a conventional function of returning connection destination information (routing information) of the destination number in response to an inquiry from the call processing server 20 . Furthermore, the ENUM/DNS server 10 acquires information on the originating number and the destination number from the call processing server 20 . Then, the ENUM/DNS server 10 determines whether the caller number is registered in the fraudulent number information 110 or the protected number information 120, and whether the destination number is registered in the fraudulent number information 110 or the protected number information 120. It determines whether or not it is safe, and determines the alert level. The ENUM/DNS server 10 returns information on the determined security level to the call processing server 20 .
  • This ENUM/DNS server 10 comprises an input/output unit 11 , a control unit 12 and a storage unit 13 .
  • the input/output unit 11 inputs and outputs information to and from other devices.
  • the input/output unit 11 transmits and receives information to and from the call processing server 20 and the number database 700 (FIG. 1).
  • the input/output unit 11 includes a communication interface for transmitting and receiving information via a communication line, and an input/output interface for inputting and outputting information between an input device such as a keyboard (not shown) and an output device such as a monitor. Configured.
  • the storage unit 13 is configured by a hard disk, flash memory, RAM (Random Access Memory), or the like.
  • the storage unit 13 stores fraudulent number information 110, protected number information 120, and a connection destination information table 130.
  • the fraud number information 110 is information in which numbers (fraud numbers) targeted for fraud countermeasures are registered as a so-called blacklist.
  • the protected number information 120 is information registered as a number list of users to be protected from fraud damage.
  • the connection destination information table 130 stores connection destination information (routing information) in association with each destination number (telephone number of the destination terminal 5).
  • the storage unit 13 also temporarily stores a program for executing each function unit of the control unit 12 and information necessary for processing of the control unit 12 .
  • the control unit 12 controls the overall processing executed by the ENUM/DNS server 10, and includes a number information update unit 121, an alert level determination unit 122, and a connection destination information search unit 123.
  • Number information update unit 121 acquires fraud number information 110 and protected number information 120 at predetermined time intervals from number database 700 ( FIG. 1 ) provided outside fraud damage prevention system 1000 , and stores storage unit 13 .
  • the number database 700 is assumed to be an external database owned by an organization capable of collecting the latest special fraud damage information nationwide, for example, in an administrative agency (National police Agency, Consumer Affairs Agency, Ministry of Internal Affairs and Communications, etc.).
  • the fraud number information 110 stored in the number database 700 is updated based on the latest special fraud damage.
  • the protected number information 120 is registered by a user who is a victim of special fraud by applying to an administrative agency or the like. By doing so, it is possible to collect information on protected numbers without depending on the service provider company or communication carrier.
  • the protected number information 120 includes user (protected) numbers registered to prevent damage from special fraud, such as "03-5555-5555" and "0422-77-7777". It is registered like "06-6666-6666".
  • the fraud number information 110 may include fraud numbers and fraud types.
  • numbers used for specific special frauds that have actually occurred are registered, so the types of special frauds can also be registered at that time.
  • the fraud type "It's me fraud” is registered in association with the fraud number "03-1111-1111". , a plurality of fraud types may be registered.
  • the protected number information 120 may register the protected number and the type of fraud.
  • the registration of the type of fraud suffered in the past is accepted, and the information is recorded.
  • the fraud type information may be left blank. For example, if the user has not yet been victimized by a special fraud, but has registered to prevent being victimized by a special fraud in the future, the field will be blank.
  • the number information update unit 121 acquires the fraud number information 110 and the protected number information 120 from the number database 700 (Fig. 1) using the ENUM/DNS protocol.
  • the ENUM standard shown in Non-Patent Document 3 has specifications for storing and synchronizing data in real time using a real-time DB.
  • the ENUM/DNS server 10 by adopting an information updating method using the ENUM/DNS protocol, the fraudulent number information 110 and the protected number information 120 can be updated in real time from the number database 700. is the most suitable example.
  • the number information updating unit 121 may acquire the fraudulent number information 110 and the protected number information 120 from the number database 700 at predetermined time intervals such as regular intervals.
  • the alert level determination unit 122 receives from the call processing server 20 an alert level determination request to which the caller number and destination number are attached. Then, caution level determination unit 122 first determines whether or not the caller number is registered in fraud number information 110 or protected number information 120 . The vigilance level determination unit 122 also determines whether or not the destination number is registered in the fraudulent number information 110 or the protected number information 120 .
  • the caution level determination unit 122 determines the caution level as shown in FIG. 5 according to the connection pattern based on the determination result of the caller number and the destination number. It should be noted that here, an example will be described in which there are five alert levels as a whole, and the higher the number, the higher the alert level. This warning level is for evaluating that the higher the possibility of fraud damage, the higher the level of fraud damage prevention processing required.
  • connection pattern ⁇ b> the caller number is not registered in the fraudulent number information 110, and the destination number is registered in the protected number information 120. This is the case of a call to This connection pattern ⁇ b> is assumed to be alert level "2".
  • connection pattern ⁇ c> the caller number is registered in the fraudulent number information 110 and the destination number is not registered in the protected number information 120. This is the case of the call of This connection pattern ⁇ c> is assumed to be alert level "3".
  • connection pattern ⁇ d> In the connection pattern ⁇ d>, the caller number is registered in the fraud number information 110, and the destination number is also registered in the protected number information 120. This is the case of "Call”. This connection pattern ⁇ d> is assumed to be alert level "4".
  • connection pattern ⁇ d> the vigilance level determination unit 122
  • detailed caution level determination may be performed as in the following connection patterns ⁇ d-1>, ⁇ d-2>, and ⁇ d-3>.
  • the fraud type of the fraudulent number of the originating terminal and the fraud type of the protected number of the destination terminal are different.
  • ⁇ Connection pattern ⁇ d-1> In the case of "a call from a person with malicious intent who commits fraud to a protected person who is a victim of fictitious billing fraud", the warning level is set to "4-1".
  • ⁇ Connection pattern ⁇ d-2> In the case of "a call from a malicious person who commits fraud to a protected person who is a victim of tax refund fraud", the alert level is set to "4-1”.
  • alert level “4-1” calls made by malicious persons involved in “it's me” fraud
  • alert level “4-2” calls made by malicious persons involved in refund fraud
  • alert levels shall apply to calls originating from a person to be protected.
  • ⁇ Connection pattern ⁇ e> If the caller number is registered in the protected number information 120 and the destination number is not registered in the fraudulent number information 110, that is, in the case of "a call from a protected person to a non-malicious person of special fraud" be. This connection pattern ⁇ e> is assumed to be alert level "1".
  • the alert level is set to "1".
  • the warning level is set to "1”.
  • “Call from malicious party of special fraud to malicious party of other special fraud” can be set arbitrarily, but since the possibility of general users being victimized by special fraud is low, the alert level may be set to "1". .
  • connection pattern ⁇ f> In the connection pattern ⁇ f>, the caller number is registered in the protected number information 120, and the destination number is also registered in the fraud number information 110. This is the case of "Call".
  • This connection pattern ⁇ f> is assumed to be alert level "5". Even if the type of fraud is registered in the fraud number information 110 and the protected number information 120, if the call is from a protected party to a malicious party of a special fraud, the fraud type linked to the fraud number Also, regardless of the type of fraud damage suffered by the person to be protected, the possibility of new damage is high, so the caution level is set to "5".
  • the alert level determination unit 122 thus determines the alert level according to the connection pattern based on the determination result of the caller number and the destination number. Alert level determination unit 122 then returns information on the determined alert level to call processing server 20 .
  • connection destination information search unit 123 receives an inquiry about the connection destination information (routing information) of the called party number (telephone number of the called terminal 5 (FIG. 1)) from the call processing server 20,
  • the information table 130 is referenced to extract connection destination information (routing information) corresponding to the destination number and return it to the call processing server 20 .
  • the ENUM/DNS server 10 acquires the latest fraudulent number information 110 and protected number information 120, and can determine the alert level based on the connection pattern of the calling number and the called number. .
  • FIG. 6 is a functional block diagram showing a configuration example of the call processing server 20 according to this embodiment.
  • the call processing server 20 receives a connection request (call) from each calling device (calling terminal 4) that it accommodates. Then, the call processing server 20 receives the alert level determination result by transmitting to the ENUM/DNS server 10 an alert level determination request to which the caller number and destination number of the caller device are attached.
  • the call processing server 20 controls the call (disconnects the call) and distributes guidance by the guidance device 30 before the call starts as special fraud countermeasures according to the received security level.
  • This call processing server 20 comprises an input/output unit 21 , a control unit 22 and a storage unit 23 .
  • the input/output unit 21 inputs and outputs information to and from other devices.
  • the input/output unit 21 transmits and receives information to and from each terminal (originating device (originating terminal 4), terminating terminal 5, etc.), ENUM/DNS server 10, and the like.
  • the input/output unit 21 includes a communication interface for transmitting and receiving information via a communication line, and an input/output interface for inputting and outputting information between an input device such as a keyboard (not shown) and an output device such as a monitor. Configured.
  • the storage unit 23 is configured by a hard disk, flash memory, RAM, or the like.
  • the storage unit 23 stores caution level countermeasure information 200 (details will be described later) indicating countermeasures against fraud according to each caution level.
  • the storage unit 23 also temporarily stores a program for executing each function of the control unit 22 and information necessary for processing of the control unit 22 .
  • the control unit 22 controls overall processing executed by the call processing server 20, and includes a warning level determination requesting unit 221, a fraud prevention processing unit 222, a connection destination information requesting unit 223, and a call connection processing unit 224. Configured.
  • the alert level determination requesting unit 221 receives a connection request (call) from the calling device (calling terminal 4) that it accommodates. Then, the alert level determination request unit 221 generates an alert level determination request to which the caller number and destination number of the caller device (calling terminal 4) are attached, and transmits the request to the ENUM/DNS server 10.
  • FIG. 1 A connection request (call) from the calling device (calling terminal 4) that it accommodates. Then, the alert level determination request unit 221 generates an alert level determination request to which the caller number and destination number of the caller device (calling terminal 4) are attached, and transmits the request to the ENUM/DNS server 10.
  • the fraud prevention processing unit 222 acquires security level information from the ENUM/DNS server 10 . Then, the fraud prevention processing unit 222 executes fraud prevention processing defined by the caution level countermeasure information 200 stored in the storage unit 23 .
  • FIG. 7 is a diagram illustrating an example of caution level countermeasure information 200 according to this embodiment.
  • the fraud prevention processing unit 222 executes fraud prevention processing such as call restriction (call disconnection) and guidance distribution by the guidance device 30 in association with each security level.
  • Alert level "1" is for cases where the caller number is not registered in the fraudulent number information 110 and the destination number is not registered in the protected number information 120, or when the caller number is not registered in the protected number information 120. However, the destination number is not registered in the fraudulent number information 110, for example. In this case, the fraud prevention processing unit 222 does not perform fraud prevention countermeasure processing. Therefore, the fraud prevention processing unit 222 outputs that fact to the connection destination information requesting unit 223 to continue processing for normal call connection.
  • Alert level "2" is for "calls from non-malicious persons of special fraud to protected persons".
  • the fraud prevention processing unit 222 distributes guidance such as "Please be careful with the other party of the call” to the destination terminal via the guidance device 30 .
  • Alert level "3" is for "calls from malicious persons of special fraud to persons other than protected persons".
  • the fraud prevention processing unit 222 may deliver guidance such as "there is a possibility of a call from a special fraud group" to the destination terminal via the guidance device 30, for example.
  • the user of the destination terminal is not registered as a person protected by the special anti-fraud measures, it is possible to set the anti-fraud countermeasures such as distributing the guidance not to be performed.
  • Alert level "4" covers “calls from malicious persons in special frauds to protected persons".
  • the fraud prevention processing unit 222 delivers guidance such as "There is a possibility of a call from a special fraud group” to the destination terminal via the guidance device 30. Further, the fraud prevention processing unit 222 distributes guidance such as "This call is being recorded” to the malicious person of the special fraud of the originating terminal via the guidance device 30.
  • Alert level "4-1" targets "a call from a malicious person who commits an 'it's me' fraud to a protected person who suffers from a special fraud other than the 'it's me'fraud".
  • the fraud prevention processing unit 222 distributes guidance such as, for example, "There is a possibility of a call from a fraudulent group.” Further, the fraud prevention processing unit 222 distributes guidance such as "This call is being recorded” to the malicious person of the special fraud of the originating terminal via the guidance device 30.
  • Alert level "4-2" is for "calls from malicious persons involved in refund fraud to protected persons who are victims of special fraud other than refund fraud".
  • the fraud prevention processing unit 222 distributes guidance to the destination terminal via the guidance device 30, such as "There is a possibility of a call from a refund fraud group.” Further, the fraud prevention processing unit 222 distributes guidance such as "This call is being recorded” to the malicious person of the special fraud of the originating terminal via the guidance device 30.
  • FIG. In addition, in the case where the fraud type of the fraudulent number of the calling terminal and the fraud type of the protected number of the called terminal are different, the fraud prevention processing unit 222 Deliver guidance to both the Special Fraud STS.
  • Alert level "5" is, for example, "a call from a malicious person who is a fraud victim to a protected person who is a victim of "It's me” fraud. Cases with the same type of fraud are covered. In this case, the fraud prevention processing unit 222 discards (disconnects) the connection request (call) and rejects the incoming call because there is a high possibility of being victimized by special fraud. Another case with alert level "5" is the case of "Call from Protected Person to Special Fraud Service-to-Self". In this case as well, the fraud prevention processing unit 222 discards (disconnects) the connection request (call) because there is a high possibility of being victimized by special fraud, and disallows outgoing calls.
  • the special fraud countermeasures associated with this alert level may change the fraud prevention countermeasure processing for each protected number at the request of each protected person. For example, in the case of "a call from a malicious person of a special fraud to a protected person" with an alert level of "4", guidance is delivered to both the protected person of the called terminal and the malicious person of the special fraud of the originating terminal. Instead, the connection request (call) may be discarded (call disconnection), and the setting may be made such that the call cannot be made. Further, the content of the special fraud countermeasures associated with the alert level may be changed according to the setting of the telecommunications carrier or the like.
  • the connection destination information requesting unit 223 sends the connection destination information with the destination number. and send it to the ENUM/DNS server 10.
  • connection destination information (routing information) corresponding to the called party number from the ENUM/DNS server 10
  • the call processing server 20 as a fraud prevention countermeasure process according to the security level received from the ENUM/DNS server 10, restricts (discards) the call and provides guidance by the guidance device 30 before the call starts. delivery can be performed.
  • FIG. 8 is a sequence diagram showing the processing flow of the fraud damage prevention system 1000 according to this embodiment.
  • the number information updating unit 121 of the ENUM/DNS server 10 acquires the latest fraudulent number information 110 and protected number information 120 from the number database 700 held by an administrative agency or the like, and stores them in the storage unit 13 (step S1). .
  • the update of the fraud number information 110 and the protected number information 120 may be saved and synchronized in real time, for example, by an information update method using the ENUM/DNS protocol.
  • the call processing server 20 receives a connection request (call) from the calling terminal 4 to the called terminal 5 (step S2).
  • This connection request (call) is attached with the destination number of the receiving terminal 5 and the caller number of the calling terminal 4 .
  • the alert level determination requesting unit 221 of the call processing server 20 generates an alert level determination request to which the caller number of the calling terminal 4 and the destination number of the called terminal 5 are attached, and the ENUM/DNS server 10 (step S3).
  • the ENUM/DNS server 10 receives the alert level determination request to which the caller number and destination number are attached. Alert level determination unit 122 then determines whether the caller number is registered in fraud number information 110 or protected number information 120 . The vigilance level determination unit 122 also determines whether or not the destination number is registered in the fraudulent number information 110 or the protected number information 120 . Accordingly, the caution level determination unit 122 determines the connection pattern (see FIG. 5) based on the caller number and the destination number, and determines the caution level according to the connection pattern (step S4). Then, the alert level determination unit 122 sends back the determined alert level information to the call processing server 20 (step S5).
  • step S6 when the fraud prevention processing unit 222 of the call processing server 20 acquires information on the security level from the ENUM/DNS server 10, the special Anti-fraud measures are executed (step S6).
  • the fraud prevention processing unit 222 distributes guidance from the guidance device 30 to the receiving terminal 5 at the alert levels "2" and "3". and call attention to fraud damage.
  • the fraud prevention processing unit 222 causes the receiving terminal 5 to execute the process of distributing guidance from the guidance device 30, and also distributes guidance from the guidance device 30 to the calling terminal 4. to execute the process to be performed.
  • the actual timing at which guidance is delivered to the called terminal 5 and the calling terminal 4 by the guidance device 30 is determined by the connection destination information requesting unit 223 after receiving the connection destination information (routing information) corresponding to the destination number. Before connection.
  • the fraud prevention processing unit 222 performs call regulation processing (call disconnection) to cut off the communication between the malicious person who is the victim of special fraud and the person to be protected, and terminates the processing. finish. Note that the fraud prevention processing unit 222 does not take special fraud countermeasures when the alert level is "1" in the example of the alert level countermeasure information 200 showing five alert levels shown in FIG.
  • connection destination information requesting unit 223 of the call processing server 20 sets the alert level to "5", and except when the call restriction processing (call disconnection) is performed, the connection destination information with the destination number is sent.
  • An inquiry message is generated and transmitted to the ENUM/DNS server 10 (step S7: connection destination information inquiry).
  • connection destination information search unit 123 of the ENUM/DNS server 10 When the connection destination information search unit 123 of the ENUM/DNS server 10 receives the connection destination information inquiry, the connection destination information search unit 123 refers to the connection destination information table 130 and extracts the connection destination information (routing information) corresponding to the destination number. , to the call processing server 20 (step S8: connection destination information response).
  • connection processing server 20 receives connection destination information (routing information) corresponding to the destination number from the ENUM/DNS server 10
  • connection destination information routing information
  • the connection destination indicated in the destination information Call connection is made (step S9), and communication connection between the calling terminal 4 and the called terminal 5 is established.
  • the ENUM/DNS server 10 determines the combination pattern (connection pattern) of the source number and the destination number, and makes a call from the fraudulent number to the protected number, A vigilance level can be determined for both calls from protected numbers to fraudulent numbers. Based on this vigilance level, the call processing server 20 executes fraud damage prevention processing (call control (call disconnection) and guidance delivery) before starting a call. Therefore, according to the fraud damage prevention system 1000, when preventing fraud using a telephone, the network side, which is closer to the originating device (originating terminal) than the receiving side, before the call starts, effectively Fraud damage prevention processing can be executed.
  • FIG. 9 is a hardware configuration diagram showing an example of a computer 900 that implements the functions of the ENUM/DNS server 10 and the call processing server 20 according to this embodiment.
  • the computer 900 includes a CPU (Central Processing Unit) 901, a ROM (Read Only Memory) 902, a RAM 903, a HDD (Hard Disk Drive) 904, an input/output I/F (Interface) 905, a communication I/F 906 and a media I/F 907. have.
  • CPU Central Processing Unit
  • ROM Read Only Memory
  • RAM 903 Random Access Memory
  • HDD Hard Disk Drive
  • I/F Interface
  • the CPU 901 operates based on programs stored in the ROM 902 or HDD 904, and performs control by the control units 12 and 22 (FIGS. 2 and 6).
  • the ROM 902 stores a boot program executed by the CPU 901 when the computer 900 is started, a program related to the hardware of the computer 900, and the like.
  • the CPU 901 controls an input device 910 such as a mouse and keyboard, and an output device 911 such as a display and printer via an input/output I/F 905 .
  • the CPU 901 acquires data from the input device 910 and outputs the generated data to the output device 911 via the input/output I/F 905 .
  • a GPU Graphics Processing Unit
  • a GPU may be used together with the CPU 901 as a processor.
  • the HDD 904 stores programs executed by the CPU 901 and data used by the programs.
  • Communication I/F 906 receives data from other devices via a communication network (for example, NW (Network) 920) and outputs it to CPU 901, and transmits data generated by CPU 901 to other devices via the communication network. Send to device.
  • NW Network
  • the media I/F 907 reads programs or data stored in the recording medium 912 and outputs them to the CPU 901 via the RAM 903 .
  • the CPU 901 loads a program related to target processing from the recording medium 912 onto the RAM 903 via the media I/F 907, and executes the loaded program.
  • the recording medium 912 is an optical recording medium such as a DVD (Digital Versatile Disc) or a PD (Phase change rewritable Disk), a magneto-optical recording medium such as an MO (Magneto Optical disk), a magnetic recording medium, a semiconductor memory, or the like.
  • the CPU 901 of the computer 900 executes the program loaded on the RAM 903 to perform the ENUM/DNS server 10 and the call processing server. It implements the functions of the server 20 .
  • Data in the RAM 903 is stored in the HDD 904 .
  • the CPU 901 reads a program related to target processing from the recording medium 912 and executes it.
  • the CPU 901 may read a program related to target processing from another device via the communication network (NW 920).
  • a fraud damage prevention system includes a call processing server 20 that connects a calling device (calling terminal 4) and a called device (called terminal 5);
  • a fraud damage prevention system 1000 comprising an ENUM/DNS server 10 that performs connection destination information resolution processing, when the call processing server 20 receives a connection request from a calling device, the caller number of the calling device and a warning level determination request unit 221 that transmits a warning level determination request to the ENUM/DNS server 10 to which the destination number of the destination device is attached; a fraud prevention processing unit 222 that executes predetermined fraud damage prevention processing according to the alert level, and the ENUM/DNS server 10 registers fraud number information 110 indicating a fraud countermeasure target number.
  • the caller number is updated to the fraud number information 110 or the protected number information.
  • the connection pattern of the connection request is discriminated by determining whether it is registered in the target number information 120 and whether the called party number is registered in the fraudulent number information 110 or the protected number information 120. and a warning level determination unit 122 for determining a warning level for evaluating that a higher level of fraud prevention processing is required as the possibility of fraud damage is higher according to the connection pattern.
  • the ENUM/DNS server 10 determines the connection pattern using the fraud number information 110 and the protected number information 120 obtained from the external database (number database 700), A security level is determined according to the determined connection pattern, and the call processing server 20 can execute fraud damage prevention processing for each security level. Therefore, fraud damage prevention processing can be executed not on the receiving side but on the network side closer to the calling device (calling terminal 4). In addition, since the fraud damage prevention system 1000 executes fraud damage prevention processing before the start of a call, there is no burden on the user. In addition, by determining the connection pattern, the ENUM/DNS server 10 can also execute fraud damage prevention processing for a call from a person to be protected to a malicious party of a special fraud. Therefore, it is possible to prevent fraud damage more effectively than in the prior art.
  • the alert level determination unit 122 of the ENUM/DNS server 10 has the caller number registered in the protected number information 120 and the destination number registered in the fraud number information 110. In this case, the alert level of the connection request is determined to be the alert level of disconnecting the call as fraud damage prevention processing.
  • the call is regulated (call disconnection) before the call starts, and protection is provided. Damage to the target can be prevented.
  • the fraud number information 110 registers a fraud type indicating the type of special fraud in association with the fraud number
  • the protected number information 120 registers a fraud number associated with the protected number.
  • the type of fraud is registered in the ENUM/DNS server 10, and the warning level determination unit 122 of the ENUM/DNS server 10 determines that the caller number is registered in the fraud number information 110 and the destination number is registered in the protected number information 120.
  • the alert level of the connection request is set to the alert level at which the call is disconnected as fraud damage prevention processing. It is characterized by determining.
  • the fraud type related to the special fraud is registered in association with the fraud number, and in the protected number information 120, the fraud type of the special fraud that the protected person suffered is registered.
  • the alert level determination unit 122 of the ENUM/DNS server 10 issues the connection request. Call can be disconnected. Therefore, for example, like "a call from a malicious person to a victim of an 'It's me' fraud" type of special fraud (e.g., it's me fraud) is the same, and the combination of calls with a high possibility of being victimized is restricted. (Call disconnection) can be performed to prevent damage in advance.
  • the number information updating unit 121 of the ENUM/DNS server 10 exchanges the fraud number information 110 and the protected number with the external database (number database 700) using the ENUM/DNS protocol. It is characterized in that the information 120 is acquired in real time and the fraud number information 110 and the protected number information 120 stored in the storage unit 13 are updated.
  • the ENUM/DNS server 10 can acquire fraud number information 110 and protected number information 120 in real time from an external database (number database 700) using the ENUM/DNS protocol. Therefore, it is possible to prevent fraud damage more effectively by using the latest information.
  • the call processing server 20 is provided with a guidance device 30, and the fraud prevention processing unit 222 of the call processing server 20 performs a predetermined fraud prevention process to prevent fraud damage. At least one of delivering guidance from the guidance device 30 to the destination device, delivering guidance for preventing fraud damage from the guidance device 30 to the originating device, and disconnecting the connection request call.
  • the call processing server 20 distributes guidance from the guidance device 30 provided on the network side to the receiving device (the receiving terminal 5) and the calling device (the calling terminal 4), and disconnects the call for the connection request. you can go Note that the call processing server 20 prevents damage by distributing, for example, guidance calling attention to special fraud to the receiving device. In addition, the call processing server 20 distributes guidance such as recording the call to the originating device, thereby prompting the malicious party of the special fraud to voluntarily disconnect the call. to reduce the distribution and prevent damage.
  • the ENUM/DNS server is the ENUM/DNS server 10 connected to the call processing server 20, and the ENUM/DNS server 10 is a fraudulent fraud number registering a fraud countermeasure target number. It is connected to an external database that stores number information 110 and protected number information 120 in which a protected number indicating the number of a user to be protected from fraud damage is registered. A number information updating unit 121 that acquires fraudulent number information 110 and protected number information 120 and updates the fraudulent number information 110 and protected number information 120 stored in the storage unit 13, and a call processing server 20 that accepts a connection request.
  • a warning level determination request to which the caller number and the called party number are attached, and determines whether the caller number is registered in the fraud number information 110 or the protected number information 120, and whether the called party number is the fraud number information. 110 or the protected number information 120 to determine the connection pattern of the connection request. and a caution level determination unit 122 that determines a caution level that is evaluated to require level fraud damage prevention processing.
  • the connection pattern is determined using the fraudulent number information 110 and the protected number information 120 obtained from the external database (number database 700), and according to the determined connection pattern Determine alert level. Therefore, by transmitting the alert level information to the call processing server 20, the call processing server 20 can execute fraud damage prevention processing according to the alert level. Therefore, fraud damage prevention processing can be executed not on the receiving side but on the network side closer to the calling device (calling terminal 4).
  • the ENUM/DNS server 10 causes the call processing server 20 to perform fraud damage prevention processing before the start of a call, there is no burden on the user. do not have.
  • the ENUM/DNS server 10 can also execute fraud damage prevention processing for a call from a person to be protected to a malicious party of a special fraud. Therefore, it is possible to prevent fraud damage more effectively than in the prior art.

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

This fraud suffering prevention system (1000) comprises a call processing server (20) and an ENUM/DNS server (10). The call processing server (20) comprises: a warning level determination requesting unit that transmits call source numbers and call destination numbers to the ENUM/DNS server (10); and a fraud preventing unit that executes a predetermined fraud suffering prevention process according to a warning level. The ENUM/DNS server (10) comprises: a number information updating unit that acquires fraud number information and protection target number information from an external database (a number database 700); and a warning level determining unit that identifies the connection pattern of a connection request by use of the call source numbers and the call destination numbers and determines a warning level in accordance with the identified connection pattern.

Description

詐欺被害防止システム、詐欺被害防止方法、ENUM/DNSサーバ、および、プログラムFraud damage prevention system, fraud damage prevention method, ENUM/DNS server, and program
 本発明は、電話を利用した詐欺被害を防止する、詐欺被害防止システム、詐欺被害防止方法、ENUM/DNSサーバ、および、プログラムに関する。 The present invention relates to a fraud damage prevention system, a fraud damage prevention method, an ENUM/DNS server, and a program that prevent fraud damage using telephones.
 近年、振り込め詐欺(特殊詐欺)の被害が広がってきており、特に電話を利用するオレオレ詐欺は、特殊詐欺の手口の半分近くを占めている。オレオレ詐欺とは、親族(息子や孫など)を装って電話をかけ、「急に金が必要になった」などの口実で金銭を騙し取ろうとする詐欺の手口のことである。オレオレ詐欺を含めた特殊詐欺(架空請求詐欺、融資保証金詐欺、還付金等詐欺など)の被害の数は高水準で留まっており、令和1年度には1万6千件を超えている。 In recent years, the damage caused by remittance fraud (special fraud) has spread, and in particular, it's "It's me" fraud that uses telephones, which accounts for nearly half of the methods of special fraud. "It's me" fraud is a method of defrauding someone by pretending to be a relative (son, grandson, etc.) and defrauding them of money on the pretext of "I suddenly need money." The number of victims of special frauds (fictitious billing frauds, loan security deposit frauds, refund frauds, etc.), including "It's me" frauds, remains at a high level, exceeding 16,000 in FY2019.
 このオレオレ詐欺などの電話を利用した詐欺事件が多数発生していることに鑑み、着信側において電話に出る前に詐欺に対する注意喚起のアナウンスを行ったり、呼の規制を行ったりする技術がある(例えば、非特許文献1参照)。 In view of the fact that many fraud cases using telephones, such as the "It's me" fraud, have occurred, there is a technique in which the called party issues an announcement to warn against fraud before answering the telephone, or regulates the call ( For example, see Non-Patent Document 1).
 例えば、図10に示すように、着信側に位置する着信先装置50において、着信拒否リスト101を予め登録しておく。そして、着信先装置50において、呼処理サーバ20aから受信した信号の呼情報(発信元番号)を着信拒否リスト101により照合し、マッチングした呼に対して規制を行ったり、ガイダンス装置30aによる注意喚起を実行したりする。なお、ここで着信先装置50は、例えば、各家庭に備えられるIP(Internet Protocol)電話(着端末5)や図示を省略したPBX(Private Branch eXchange)等である。 For example, as shown in FIG. 10, an incoming call rejection list 101 is registered in advance in the incoming call destination device 50 located on the incoming call side. Then, in the destination device 50, the call information (originator number) of the signal received from the call processing server 20a is collated with the call rejection list 101, and the matched call is restricted or the guidance device 30a calls attention. to run. Here, the destination device 50 is, for example, an IP (Internet Protocol) telephone (receiving terminal 5) provided in each home, a PBX (Private Branch eXchange) (not shown), or the like.
 また、通話内容を録音し、音声ファイルを特殊詐欺対策サーバへ転送してAI(Artificial Intelligence:人工知能)解析により特殊詐欺の通話か否かを判定し、注意喚起するアラームを通知する技術が開発されている(非特許文献2参照)。 In addition, we have developed a technology that records the content of calls, transfers the audio file to a special fraud countermeasure server, determines whether or not the call is a special fraud by AI (Artificial Intelligence) analysis, and notifies an alarm to call attention. (See Non-Patent Document 2).
 しかしながら、従来技術により電話を利用した詐欺を防止する際には、次のような課題がある。
 非特許文献1に記載の技術のように、ガイダンス装置による注意喚起を実行する場合には、着信先装置50を有する電話サービスのユーザ側が特殊詐欺対策用のガイダンス装置を用意する必要がある。また、着信拒否リスト101は、ユーザ自身が作成したり、サービス提供会社が作成したりして更新することができるが、行政機関が有するような最新の情報ではないため、情報が陳腐化し、特殊詐欺対策の効果が落ちる可能性がある。 However, there are the following problems when using the conventional technology to prevent fraud using telephones.
As in the technique described in Non-Patent Document 1, when the guidance device is used to call attention, the user of the telephone service having the destination device 50 needs to prepare a special anti-fraud guidance device. The call rejection list 101 can be created by the user or by a service provider and updated. Anti-fraud measures may be less effective.
 また、非特許文献2に記載の技術では、通話内容を一旦録音した上でAI解析する必要がある。よって、特殊詐欺の悪意者と一度は会話する必要があるため、ユーザにとっては負担になるとともに、通話を完了することが前提であるため即時性という面で問題がある。さらに、1度目の通話によりユーザの被害までつながってしまう可能性もある。 Also, with the technology described in Non-Patent Document 2, it is necessary to record the content of the call once and then analyze it with AI. Therefore, since it is necessary to have a conversation with the malicious person of the special fraud once, it is a burden for the user, and there is a problem in terms of immediacy because it is assumed that the call is completed. Furthermore, there is a possibility that the first call may lead to damage to the user.
 このような点に鑑みて本発明がなされたのであり、本発明は、電話を利用した詐欺を防止する際に、着信側ではなく、より発信元装置(発端末)に近いネットワーク側において、通話開始前に、効果的な詐欺被害の防止処理を実行することを課題とする。 The present invention has been made in view of these points. An object of the present invention is to perform effective fraud damage prevention processing before starting.
 本発明に係る詐欺被害防止システムは、発信元装置と着信先装置とを呼接続する呼処理サーバと、前記呼処理サーバに接続され、前記着信先装置の接続先情報の解決処理を行うENUM/DNSサーバとを備える詐欺被害防止システムであって、前記呼処理サーバが、前記発信元装置から接続要求を受け付けると、当該発信元装置の発信元番号および前記着信先装置の着信先番号を付した警戒レベル判定要求を前記ENUM/DNSサーバに送信する警戒レベル判定要求部と、前記ENUM/DNSサーバから、前記接続要求に関する警戒レベルの判定結果を受信し、前記警戒レベルに応じた所定の詐欺被害防止処理を実行する詐欺防止処理部と、を備え、前記ENUM/DNSサーバが、詐欺対策の対象となる番号を示す詐欺番号が登録される詐欺番号情報、および、詐欺被害から保護する対象となるユーザの番号を示す保護対象番号が登録される保護対象番号情報を、外部データベースから所定の時間間隔で取得し、記憶部に記憶された前記詐欺番号情報および前記保護対象番号情報を更新する番号情報更新部と、前記警戒レベル判定要求に付された前記発信元番号および前記着信先番号を用いて、前記発信元番号が前記詐欺番号情報または前記保護対象番号情報に登録されているか否か、前記着信先番号が前記詐欺番号情報または前記保護対象番号情報に登録されているか否かを判定することにより、前記接続要求の接続パターンを判別し、判別した接続パターンに応じて、詐欺被害が発生する可能性が高い程、より高いレベルの前記詐欺被害防止処理が必要と評価する警戒レベルを決定する警戒レベル判定部と、を備えることを特徴とする。 A fraud damage prevention system according to the present invention includes a call processing server that connects a call originating device and a destination device, and an ENUM/ and a DNS server, wherein when the call processing server receives a connection request from the call originating device, the originating number of the originating device and the destination number of the called device are attached. a security level determination request unit that transmits a security level determination request to the ENUM/DNS server; and a security level determination result regarding the connection request from the ENUM/DNS server, and a predetermined fraud damage according to the security level. a fraud prevention processing unit that executes prevention processing, wherein the ENUM/DNS server is a fraud number information registering a fraud number indicating a number subject to fraud countermeasures, and a target to be protected from fraud damage. Number information for updating the fraudulent number information and the protected number information stored in the storage unit by acquiring the protected number information in which the protected number indicating the user's number is registered from the external database at predetermined time intervals. Using the update unit and the caller number and destination number attached to the alert level determination request, whether or not the caller number is registered in the fraudulent number information or the protected number information; The connection pattern of the connection request is determined by determining whether or not the destination number is registered in the fraudulent number information or the protected number information, and fraud damage occurs according to the determined connection pattern. and a caution level determination unit that determines a caution level that evaluates that the fraud damage prevention processing of a higher level is required as the possibility is higher.
 本発明によれば、電話を利用した詐欺を防止する際に、着信側ではなく、より発信元装置(発端末)に近いネットワーク側において、通話開始前に、効果的な詐欺被害の防止処理を実行することができる。 According to the present invention, when preventing fraud using a telephone, the network side closer to the originating device (originating terminal) rather than the called party performs effective fraud prevention processing before the call starts. can be executed.
本実施形態に係る詐欺被害防止システムの全体構成を示す図である。BRIEF DESCRIPTION OF THE DRAWINGS It is a figure which shows the whole structure of the fraud damage prevention system which concerns on this embodiment. 本実施形態に係るENUM/DNSサーバの構成例を示す機能ブロック図である。It is a functional block diagram showing a configuration example of an ENUM/DNS server according to the present embodiment. 本実施形態に係る詐欺番号情報のデータ構成例を示す図である。It is a figure which shows the data structural example of the fraud number information which concerns on this embodiment. 本実施形態に係る保護対象番号情報のデータ構成例を示す図である。3 is a diagram showing a data configuration example of protected number information according to the present embodiment; FIG. 発信元と着信先の接続パターンに対応付けた警戒レベルの一例を示す図である。FIG. 4 is a diagram showing an example of alert levels associated with connection patterns of callers and callees; 本実施形態に係る呼処理サーバの構成例を示す機能ブロック図である。3 is a functional block diagram showing a configuration example of a call processing server according to this embodiment; FIG. 本実施形態に係る警戒レベル対策情報の例を説明する図である。It is a figure explaining the example of the caution level countermeasure information which concerns on this embodiment. 本実施形態に係る詐欺被害防止システムの処理の流れを示すシーケンス図である。It is a sequence diagram which shows the flow of processing of the fraud damage prevention system which concerns on this embodiment. 本実施形態に係るENUM/DNSサーバおよび呼処理サーバの機能を実現するコンピュータの一例を示すハードウェア構成図である。2 is a hardware configuration diagram showing an example of a computer that implements functions of an ENUM/DNS server and a call processing server according to the present embodiment; FIG. 従来の着信側で詐欺を防止するシステムを説明するための図である。1 is a diagram for explaining a conventional system for preventing fraud on the receiving side; FIG.
 次に、本発明を実施するための形態(以下、「本実施形態」と称する。)について説明する。まず、本発明の概要を説明する。 Next, a mode for carrying out the present invention (hereinafter referred to as "this embodiment") will be described. First, the outline of the present invention will be explained.
<概要>
 本実施形態に係る詐欺被害防止システム(後記する図1参照)は、電話による詐欺被害を防止するための機能(呼を規制する機能や、ガイダンス装置によりガイダンスを流す機能など)を、着信側ではなくネットワーク側に備えることを特徴とする。
 より具体的には、詐欺対策の対象となるブラックリストの情報(以下、「詐欺番号情報」と称する。)に加えて、詐欺被害から保護する対象となるユーザの番号リストの情報(以下、「保護対象番号情報」と称する。)を、ENUM(E.164 Number Mapping)/DNS(Domain Name System)サーバが備える。従来、呼処理サーバとENUM/DNSサーバとにおいて、接続先情報の解決処理を行い、発端末と着端末の呼接続を行っており、このENUM/DNSシステムを活用する。本実施形態に係る詐欺被害防止システムでは、呼処理サーバからの問合せを受けたENUM/DNSサーバが、発信元番号と着信先番号との両方に基づき、詐欺番号情報および保護対象番号情報を参照して、警戒レベルの判定を行う。呼処理サーバは、ENUM/DNSサーバが判定した警戒レベルの情報を取得し、その警戒レベルに応じて、予め設定される詐欺被害の防止処理(所定の詐欺被害の防止処理)として、呼の規制(呼切断)や、ガイダンス装置によるガイダンスの配信を実行する。 <Overview>
The fraud damage prevention system according to the present embodiment (see FIG. 1 described later) has functions for preventing fraud damage by telephone (such as a function to regulate calls and a function to play guidance using a guidance device). It is characterized in that it is provided on the network side without
More specifically, in addition to information on the blacklist that is the target of fraud countermeasures (hereinafter referred to as "fraudulent number information"), information on the user number list that is the target of fraud protection (hereinafter referred to as " Protected Number Information”) is provided by an ENUM (E.164 Number Mapping)/DNS (Domain Name System) server. Conventionally, a call processing server and an ENUM/DNS server perform connection destination information resolution processing and perform call connection between a calling terminal and a called terminal, and this ENUM/DNS system is utilized. In the fraud damage prevention system according to the present embodiment, the ENUM/DNS server that receives an inquiry from the call processing server refers to the fraud number information and the protected number information based on both the caller number and the destination number. to determine the alert level. The call processing server obtains information on the alert level determined by the ENUM/DNS server, and according to the alert level, restricts calls as preset fraud prevention processing (predetermined fraud prevention processing). (call disconnection) and delivery of guidance by the guidance device.
 また、ENUM/DNSサーバは、最新の詐欺番号情報や保護対象番号情報が記憶される行政機関等の外部データベース(後記する「番号データベース700」)から、ENUM/DNSプロトコルを用いて、所定の時間間隔(例えば、リアルタイムや一定周期など)でその詐欺番号情報および保護対象番号情報を取得して更新する。
 これにより、本実施形態に係る詐欺被害防止システムは、着信側ではなく、より発信元装置(発端末)に近いネットワーク側において、通話開始前に、従来技術と比べて効果的な詐欺被害の防止処理を実行することができる。
 なお、ENUM/DNSサーバについては、非特許文献3(「TTC標準 JJ-90.31 キャリアENUMの相互接続 共通インタフェース」第4.0版、2018年8月29日、一般社団法人情報通信技術委員会)に詳しい。
 以下、このENUM/DNSサーバを利用した、本発明の詐欺被害防止システムについて説明する。 In addition, the ENUM/DNS server uses the ENUM/DNS protocol from an external database ("number database 700" described later) of an administrative agency or the like that stores the latest fraud number information and protected number information. Obtain and update the fraud number information and the protected number information at intervals (for example, in real time or at regular intervals).
As a result, the fraud damage prevention system according to the present embodiment prevents fraud damage more effectively than the conventional technology before the call starts on the network side closer to the originating device (originating terminal) rather than on the receiving side. Processing can be performed.
Regarding the ENUM/DNS server, Non-Patent Document 3 (“TTC Standard JJ-90.31 Carrier ENUM Interconnection Common Interface” Version 4.0, August 29, 2018, General Incorporated Association Information and Communication Technology Committee) I'm familiar with
A fraud damage prevention system of the present invention using this ENUM/DNS server will be described below.
<本実施形態>
 図1は、本実施形態に係る詐欺被害防止システム1000の全体構成を示す図である。
 本実施形態に係る詐欺被害防止システム1000は、図1に示すように、発信元装置(発端末4)を収容する呼処理サーバ20と、その呼処理サーバ20に接続されるENUM/DNSサーバ10とを含んで構成される。 <This embodiment>
FIG. 1 is a diagram showing the overall configuration of a fraud damage prevention system 1000 according to this embodiment.
A fraud damage prevention system 1000 according to the present embodiment, as shown in FIG. and
 本実施形態に係る詐欺被害防止システム1000では、ENUM/DNSサーバ10が、詐欺番号情報110および保護対象番号情報120を備える。そして、従来技術として呼処理サーバ20がすでに備えているENUM/DNSサーバ10との間のインタフェースを利用して、呼処理サーバ20が、接続要求を受けた呼についての発信元番号および着信先番号をENUM/DNSサーバ10に送信する。
 ENUM/DNSサーバ10は、当該発信元番号が詐欺番号情報110に登録されているか否か、また、着信先番号が保護対象番号情報120に登録されているか否かを判定することにより、警戒レベルを決定する。つまり、発信側が特殊詐欺の悪意者の番号であるか、着信側が保護対象者の番号であるかを判定して警戒レベルを決定する。
 さらに、ENUM/DNSサーバ10は、当該発信元番号が保護対象番号情報120に登録されているか否か、また、着信先番号が詐欺番号情報110登録されているか否かを判定することにより、警戒レベルを決定する。つまり、発信側が保護対象者の番号であるか、着信側が特殊詐欺の悪意者の番号であるかを判定して警戒レベルを決定する。 In the fraud damage prevention system 1000 according to this embodiment, the ENUM/DNS server 10 has fraud number information 110 and protected number information 120 . Then, using the interface between the ENUM/DNS server 10 already provided in the call processing server 20 as a conventional technique, the call processing server 20 generates the calling number and destination number for the call for which the connection request is received. to the ENUM/DNS server 10.
The ENUM/DNS server 10 determines whether the caller number is registered in the fraudulent number information 110 and whether the destination number is registered in the protected number information 120. to decide. In other words, the warning level is determined by judging whether the calling party is the number of the malicious person of the special fraud or the receiving party is the number of the protected party.
Furthermore, the ENUM/DNS server 10 determines whether the caller number is registered in the protected number information 120 and whether the destination number is registered in the fraudulent number information 110. determine the level. In other words, the warning level is determined by judging whether the caller is the number of the person to be protected or the caller is the number of the malicious person of the special fraud.
 このように、詐欺被害防止システム1000は、ENUM/DNSサーバ10が、発信元番号と着信先番号の組み合わせのパターン(後記する「接続パターン」)を判定し、詐欺番号から保護対象番号への発信と、保護対象番号から詐欺番号への発信の両方について、警戒レベルを判定する。この警戒レベルに基づき、呼処理サーバ20は、通話開始前に、詐欺被害の防止処理(呼の規制(呼切断)や、ガイダンスの配信)を実行する。
 この詐欺被害防止システム1000を構成するENUM/DNSサーバ10と呼処理サーバ20について、以下具体的に説明する。 In this way, in the fraud damage prevention system 1000, the ENUM/DNS server 10 determines the pattern of the combination of the source number and the destination number ("connection pattern" to be described later), and the call from the fraud number to the protected number and calls from protected numbers to fraudulent numbers. Based on this vigilance level, the call processing server 20 executes fraud damage prevention processing (call control (call disconnection) and guidance delivery) before starting a call.
The ENUM/DNS server 10 and the call processing server 20 that constitute the fraud damage prevention system 1000 will be specifically described below.
≪ENUM/DNSサーバ≫
 図2は、本実施形態に係るENUM/DNSサーバ10の構成例を示す機能ブロック図である。
 ENUM/DNSサーバ10は、従来の機能である、呼処理サーバ20からの問合せに応じて、着信先番号の接続先情報(ルーティング情報)を返信する機能を備える。さらに、ENUM/DNSサーバ10は、呼処理サーバ20から発信元番号および着信先番号の情報を取得する。そして、ENUM/DNSサーバ10は、発信元番号が、詐欺番号情報110または保護対象番号情報120に登録されているか否か、着信先番号が、詐欺番号情報110または保護対象番号情報120に登録されているか否かを判定して、警戒レベルを決定する。ENUM/DNSサーバ10は、決定した警戒レベルの情報を呼処理サーバ20に返信する。
 このENUM/DNSサーバ10は、入出力部11と、制御部12と、記憶部13とを備える。 ≪ENUM/DNS Server≫
FIG. 2 is a functional block diagram showing a configuration example of the ENUM/DNS server 10 according to this embodiment.
The ENUM/DNS server 10 has a conventional function of returning connection destination information (routing information) of the destination number in response to an inquiry from the call processing server 20 . Furthermore, the ENUM/DNS server 10 acquires information on the originating number and the destination number from the call processing server 20 . Then, the ENUM/DNS server 10 determines whether the caller number is registered in the fraudulent number information 110 or the protected number information 120, and whether the destination number is registered in the fraudulent number information 110 or the protected number information 120. It determines whether or not it is safe, and determines the alert level. The ENUM/DNS server 10 returns information on the determined security level to the call processing server 20 .
This ENUM/DNS server 10 comprises an input/output unit 11 , a control unit 12 and a storage unit 13 .
 入出力部11は、他の装置等との間の情報について入出力を行う。例えば、入出力部11は、呼処理サーバ20や番号データベース700(図1)との間で情報の送受信を行う。この入出力部11は、通信回線を介して情報の送受信を行う通信インタフェースと、不図示のキーボード等の入力装置やモニタ等の出力装置との間で情報の入出力を行う入出力インタフェースとから構成される。 The input/output unit 11 inputs and outputs information to and from other devices. For example, the input/output unit 11 transmits and receives information to and from the call processing server 20 and the number database 700 (FIG. 1). The input/output unit 11 includes a communication interface for transmitting and receiving information via a communication line, and an input/output interface for inputting and outputting information between an input device such as a keyboard (not shown) and an output device such as a monitor. Configured.
 記憶部13は、ハードディスクやフラッシュメモリ、RAM(Random Access Memory)等により構成される。
 この記憶部13には、詐欺番号情報110、保護対象番号情報120および接続先情報テーブル130が格納される。
 詐欺番号情報110は、詐欺対策の対象となる番号(詐欺番号)がいわゆるブラックリストとして登録されている情報である。
 保護対象番号情報120は、詐欺被害から保護する対象となるユーザの番号リストとして登録されている情報である。
 接続先情報テーブル130には、着信先番号(着端末5の電話番号)それぞれに対応付けて、接続先情報(ルーティング情報)が記憶される。
 この記憶部13には、さらに、制御部12の各機能部を実行させるためのプログラムや、制御部12の処理に必要な情報が一時的に記憶される。 The storage unit 13 is configured by a hard disk, flash memory, RAM (Random Access Memory), or the like.
The storage unit 13 stores fraudulent number information 110, protected number information 120, and a connection destination information table 130. FIG.
The fraud number information 110 is information in which numbers (fraud numbers) targeted for fraud countermeasures are registered as a so-called blacklist.
The protected number information 120 is information registered as a number list of users to be protected from fraud damage.
The connection destination information table 130 stores connection destination information (routing information) in association with each destination number (telephone number of the destination terminal 5).
The storage unit 13 also temporarily stores a program for executing each function unit of the control unit 12 and information necessary for processing of the control unit 12 .
 制御部12は、ENUM/DNSサーバ10が実行する処理の全般を司り、番号情報更新部121と、警戒レベル判定部122と、接続先情報検索部123とを含んで構成される。 The control unit 12 controls the overall processing executed by the ENUM/DNS server 10, and includes a number information update unit 121, an alert level determination unit 122, and a connection destination information search unit 123.
 番号情報更新部121は、本詐欺被害防止システム1000の外部に設けられた番号データベース700(図1)から、所定の時間間隔で詐欺番号情報110および保護対象番号情報120を取得し、記憶部13に記憶する。
 番号データベース700は、例えば行政機関(警察庁、消費者庁、総務省など)において、最新の特殊詐欺被害の情報を全国的に収集可能な機関が保有する外部データベースを想定する。番号データベース700に記憶される詐欺番号情報110は、最新の特殊詐欺被害に基づき詐欺番号が更新される。また、保護対象番号情報120は、特殊詐欺の被害者であるユーザが、行政機関等へ申し込むことにより登録されることを想定する。このようにすることにより、サービス提供会社や通信事業者に依存することなく、保護対象番号の情報を収集することができる。 Number information update unit 121 acquires fraud number information 110 and protected number information 120 at predetermined time intervals from number database 700 ( FIG. 1 ) provided outside fraud damage prevention system 1000 , and stores storage unit 13 . memorize to
The number database 700 is assumed to be an external database owned by an organization capable of collecting the latest special fraud damage information nationwide, for example, in an administrative agency (National Police Agency, Consumer Affairs Agency, Ministry of Internal Affairs and Communications, etc.). The fraud number information 110 stored in the number database 700 is updated based on the latest special fraud damage. Also, it is assumed that the protected number information 120 is registered by a user who is a victim of special fraud by applying to an administrative agency or the like. By doing so, it is possible to collect information on protected numbers without depending on the service provider company or communication carrier.
 詐欺番号情報110は、図1に示すように、特殊詐欺に用いられた番号(詐欺番号)が、例えば、「03-1111-1111」「0422-44-4444」「06-3333-3333」のように登録される。
 保護対象番号情報120は、図1に示すように、特殊詐欺の被害を防止するために登録したユーザ(保護対象)の番号が、例えば、「03-5555-5555」「0422-77-7777」「06-6666-6666」のように登録される。 Fraud number information 110, as shown in FIG. registered as
As shown in FIG. 1, the protected number information 120 includes user (protected) numbers registered to prevent damage from special fraud, such as "03-5555-5555" and "0422-77-7777". It is registered like "06-6666-6666".
 また、この詐欺番号情報110は、図3に示すように、詐欺番号と、詐欺種類とが登録されていてもよい。行政機関等においては、実際に起こった具体的な特殊詐欺に用いられた番号が登録されるため、その際に特殊詐欺の種類も併せて登録することができる。
 なお、図3においては、例えば、詐欺番号「03-1111-1111」に対応付けて詐欺種類「オレオレ詐欺」が登録されているが、その詐欺番号が複数の詐欺種類で使用されている場合には、複数の詐欺種類が登録されてもよい。 Further, as shown in FIG. 3, the fraud number information 110 may include fraud numbers and fraud types. In administrative agencies, etc., numbers used for specific special frauds that have actually occurred are registered, so the types of special frauds can also be registered at that time.
In FIG. 3, for example, the fraud type "It's me fraud" is registered in association with the fraud number "03-1111-1111". , a plurality of fraud types may be registered.
 また、保護対象番号情報120は、図4に示すように、保護対象番号と、詐欺種類とが登録されてもよい。ユーザによる保護対象番号の登録申請において、過去に被害にあった詐欺種類の登録を受け付け、その情報を記録する。その際、詐欺種類の情報は空欄でもよい。例えば、まだ特殊詐欺の被害にはあっていないが、将来的に特殊詐欺被害にあうことを防止するためにユーザが登録した場合等には、空欄となる。 In addition, as shown in FIG. 4, the protected number information 120 may register the protected number and the type of fraud. In the application for registration of a protected number by a user, the registration of the type of fraud suffered in the past is accepted, and the information is recorded. At that time, the fraud type information may be left blank. For example, if the user has not yet been victimized by a special fraud, but has registered to prevent being victimized by a special fraud in the future, the field will be blank.
 番号情報更新部121は、番号データベース700(図1)から、詐欺番号情報110および保護対象番号情報120を、ENUM/DNSプロトコルを用いて取得する。非特許文献3で示したENUMの標準規格では、リアルタイムDBにより、データをリアルタイムに保存・同期する仕様となっている。本実施形態に係るENUM/DNSサーバ10においても、ENUM/DNSプロトコルを用いた情報更新方式を採用することにより、番号データベース700から、詐欺番号情報110および保護対象番号情報120をリアルタイムに更新することが最も好適な例である。ただし、番号情報更新部121は、番号データベース700から、詐欺番号情報110および保護対象番号情報120を、一定の周期などの所定の時間間隔で取得するようにしてもよい。 The number information update unit 121 acquires the fraud number information 110 and the protected number information 120 from the number database 700 (Fig. 1) using the ENUM/DNS protocol. The ENUM standard shown in Non-Patent Document 3 has specifications for storing and synchronizing data in real time using a real-time DB. Also in the ENUM/DNS server 10 according to the present embodiment, by adopting an information updating method using the ENUM/DNS protocol, the fraudulent number information 110 and the protected number information 120 can be updated in real time from the number database 700. is the most suitable example. However, the number information updating unit 121 may acquire the fraudulent number information 110 and the protected number information 120 from the number database 700 at predetermined time intervals such as regular intervals.
 図2に戻り、警戒レベル判定部122は、呼処理サーバ20から、発信元番号および着信先番号が付された警戒レベル判定要求を受信する。そして、警戒レベル判定部122は、まず、発信元番号が、詐欺番号情報110または保護対象番号情報120に登録されているか否かを判定する。また、警戒レベル判定部122は、着信先番号が、詐欺番号情報110または保護対象番号情報120に登録されているか否かを判定する。 Returning to FIG. 2, the alert level determination unit 122 receives from the call processing server 20 an alert level determination request to which the caller number and destination number are attached. Then, caution level determination unit 122 first determines whether or not the caller number is registered in fraud number information 110 or protected number information 120 . The vigilance level determination unit 122 also determines whether or not the destination number is registered in the fraudulent number information 110 or the protected number information 120 .
 そして、警戒レベル判定部122は、発信元番号と着信先番号の判定結果に基づく接続パターンに応じて、図5に示すように、警戒レベルを決定する。
 なお、ここでは、警戒レベルを全体として5段階とし、数字が大きいほど警戒レベルが高くなる例として説明する。この警戒レベルは、詐欺被害が発生する可能性が高い程、より高いレベルの詐欺被害防止処理が必要と評価するためのものである。 Then, the caution level determination unit 122 determines the caution level as shown in FIG. 5 according to the connection pattern based on the determination result of the caller number and the destination number.
It should be noted that here, an example will be described in which there are five alert levels as a whole, and the higher the number, the higher the alert level. This warning level is for evaluating that the higher the possibility of fraud damage, the higher the level of fraud damage prevention processing required.
・接続パターン<a>
 発信元番号が詐欺番号情報110に登録されておらず、着信先番号も保護対象番号情報120に登録されていない場合、警戒レベル「1」とする。 ・Connection pattern <a>
If the caller number is not registered in the fraudulent number information 110 and the destination number is not registered in the protected number information 120, the warning level is "1".
・接続パターン<b>
 接続パターン<b>は、発信元番号が詐欺番号情報110に登録されておらず、着信先番号が保護対象番号情報120に登録されている、つまり、「特殊詐欺の悪意者以外から保護対象者への呼」の場合である。この接続パターン<b>を、警戒レベル「2」とする。 ・Connection pattern <b>
In connection pattern <b>, the caller number is not registered in the fraudulent number information 110, and the destination number is registered in the protected number information 120. This is the case of a call to This connection pattern <b> is assumed to be alert level "2".
・接続パターン<c>
 接続パターン<c>は、発信元番号が詐欺番号情報110に登録されており、着信先番号が保護対象番号情報120に登録されていない、つまり、「特殊詐欺の悪意者から保護対象者以外への呼」の場合である。この接続パターン<c>を、警戒レベル「3」とする。 ・Connection pattern <c>
In connection pattern <c>, the caller number is registered in the fraudulent number information 110 and the destination number is not registered in the protected number information 120. This is the case of the call of This connection pattern <c> is assumed to be alert level "3".
・接続パターン<d>
 接続パターン<d>は、発信元番号が詐欺番号情報110に登録されており、着信先番号も保護対象番号情報120に登録されている、つまり、「特殊詐欺の悪意者から保護対象者への呼」の場合である。この接続パターン<d>を、警戒レベル「4」とする。 ・Connection pattern <d>
In the connection pattern <d>, the caller number is registered in the fraud number information 110, and the destination number is also registered in the protected number information 120. This is the case of "Call". This connection pattern <d> is assumed to be alert level "4".
 さらに、警戒レベル判定部122は、接続パターン<d>の場合に、詐欺番号情報110および保護対象番号情報120において、図3および図4で示すような詐欺種類が登録されているときには、その詐欺種類を参照し、例えば、以下の接続パターン<d-1>,<d-2>,<d-3>のように、詳細な警戒レベル判定を行ってもよい。ここでは発信元端末の詐欺番号の詐欺種類と、着信先端末の保護対象番号の詐欺種類とが異なるケースが対象となる。 3 and 4 are registered in the fraud number information 110 and the protected number information 120 in the case of the connection pattern <d>, the vigilance level determination unit 122 By referring to the type, for example, detailed caution level determination may be performed as in the following connection patterns <d-1>, <d-2>, and <d-3>. In this case, the fraud type of the fraudulent number of the originating terminal and the fraud type of the protected number of the destination terminal are different.
・接続パターン<d-1>
 「オレオレ詐欺の悪意者から架空請求詐欺被害の保護対象者への呼」の場合、警戒レベル「4-1」とする。
・接続パターン<d-2>
 「オレオレ詐欺の悪意者から還付金詐欺被害の保護対象者への呼」の場合、警戒レベル「4-1」とする。
・接続パターン<d-3>
 「還付金詐欺の悪意者からオレオレ詐欺被害の保護対象者への呼」の場合、警戒レベル「4-2」とする。 ・Connection pattern <d-1>
In the case of "a call from a person with malicious intent who commits fraud to a protected person who is a victim of fictitious billing fraud", the warning level is set to "4-1".
・Connection pattern <d-2>
In the case of "a call from a malicious person who commits fraud to a protected person who is a victim of tax refund fraud", the alert level is set to "4-1".
・Connection pattern <d-3>
In the case of "a call from a malicious person involved in refund fraud to a protected person who is a victim of mere fraud," the alert level is set to "4-2."
 なお、警戒レベル「4-1」(オレオレ詐欺の悪意者が発信する呼)と警戒レベル「4-2」(還付金詐欺の悪意者が発信する呼)とは、警戒レベルとしては「4」で同一であるが、悪意者の詐欺種類を識別する情報を枝番として付している。他の詐欺種類の悪意者が発信する呼について同様に枝番を付す。 It should be noted that alert level "4-1" (calls made by malicious persons involved in "it's me" fraud) and alert level "4-2" (calls made by malicious persons involved in refund fraud) are "4" as an alert level. , but with information identifying the fraud type of the Service-to-Self as a branch number. Other fraud types of malicious-to-Self-originated calls are similarly branched.
・接続パターン<d-4>
 「オレオレ詐欺の悪意者からオレオレ詐欺被害の保護対象者への呼」の場合、警戒レベル「5」とする。
 なお、図示は省略するが、「架空請求詐欺の悪意者から架空請求被害の保護対象者への呼」、「還付金詐欺の悪意者から還付金詐欺被害の保護対象者への呼」等も同様に、警戒レベル「5」とする。
 これは、発信元端末の詐欺番号の詐欺種類と、着信先端末の保護対象番号の詐欺種類とが同一の場合、特殊詐欺被害にあう可能性が高い組み合わせとなるため、警戒レベルを最も高くするものである。この警戒レベル「5」は、後記する図7で示すように、詐欺被害防止処理として呼切断を行うレベルを意味する。 ・Connection pattern <d-4>
In the case of "a call from a malicious person who is a fraud victim to a protected person who is a fraud victim", the alert level is set to "5".
Although illustration is omitted, there are also "calls from malicious persons involved in fictitious billing fraud to protected persons who suffered from fictitious billing" and "calls from malicious persons involved in refund fraud to protected persons affected by refund fraud". Similarly, the caution level is set to "5".
If the fraud type of the fraudulent number of the originating terminal and the fraud type of the protected number of the destination terminal are the same, it is a combination with a high possibility of suffering from special fraud, so the alert level is set to the highest. It is. This caution level "5" means a level at which a call is disconnected as a fraud damage prevention process, as shown in FIG. 7, which will be described later.
 また、保護対象者が発信元となる呼については、以下の警戒レベルとする。
・接続パターン<e>
 発信元番号が保護対象番号情報120に登録されており、着信先番号が詐欺番号情報110に登録されていない場合、つまり、「保護対象者から特殊詐欺の悪意者以外への呼」の場合である。この接続パターン<e>を、警戒レベル「1」とする。 In addition, the following alert levels shall apply to calls originating from a person to be protected.
・Connection pattern <e>
If the caller number is registered in the protected number information 120 and the destination number is not registered in the fraudulent number information 110, that is, in the case of "a call from a protected person to a non-malicious person of special fraud" be. This connection pattern <e> is assumed to be alert level "1".
 なお、発信元番号が保護対象番号情報120に登録されておらず、着信先番号が詐欺番号情報110に登録されていない場合、つまり、「保護対象者以外から特殊詐欺の悪意者以外への呼」の場合も、警戒レベル「1」する。また、「保護対象者から保護対象者への呼」についても特殊詐欺被害にあう可能性が低いため、警戒レベル「1」とする。「特殊詐欺の悪意者から他の特殊詐欺の悪意者への呼」については、任意に設定可能だが、一般のユーザが特殊詐欺被害にあう可能性が低いため、警戒レベル「1」としてもよい。 If the caller number is not registered in the protected number information 120 and the destination number is not registered in the fraudulent number information 110, that is, if "a call from a person other than a protected person , the alert level is set to "1". In addition, since the possibility of special fraud damage is low for "a call from a person to be protected to a person to be protected", the warning level is set to "1". "Call from malicious party of special fraud to malicious party of other special fraud" can be set arbitrarily, but since the possibility of general users being victimized by special fraud is low, the alert level may be set to "1". .
・接続パターン<f>
 接続パターン<f>は、発信元番号が保護対象番号情報120に登録されており、着信先番号も詐欺番号情報110に登録されている、つまり、「保護対象者から特殊詐欺の悪意者への呼」の場合である。この接続パターン<f>を、警戒レベル「5」とする。
 なお、詐欺番号情報110および保護対象番号情報120において詐欺種類が登録されている場合であっても、保護対象者から特殊詐欺の悪意者への通話である場合は、詐欺番号に紐づく詐欺種類や、保護対象者の被った詐欺被害の種類にかかわらず、新たな被害の可能性が高いため警戒レベル「5」とする。 ・Connection pattern <f>
In the connection pattern <f>, the caller number is registered in the protected number information 120, and the destination number is also registered in the fraud number information 110. This is the case of "Call". This connection pattern <f> is assumed to be alert level "5".
Even if the type of fraud is registered in the fraud number information 110 and the protected number information 120, if the call is from a protected party to a malicious party of a special fraud, the fraud type linked to the fraud number Also, regardless of the type of fraud damage suffered by the person to be protected, the possibility of new damage is high, so the caution level is set to "5".
 警戒レベル判定部122は、このように、発信元番号と着信先番号の判定結果に基づく接続パターンに応じて、警戒レベルを決定する。そして、警戒レベル判定部122は、決定した警戒レベルの情報を、呼処理サーバ20に返信する。 The alert level determination unit 122 thus determines the alert level according to the connection pattern based on the determination result of the caller number and the destination number. Alert level determination unit 122 then returns information on the determined alert level to call processing server 20 .
 図2に戻り、接続先情報検索部123は、呼処理サーバ20から、着信先番号(着端末5(図1)の電話番号)の接続先情報(ルーティング情報)に関する問合せを受信すると、接続先情報テーブル130を参照し、その着信先番号に対応する接続先情報(ルーティング情報)を抽出して、呼処理サーバ20に返信する。 Returning to FIG. 2, when the connection destination information search unit 123 receives an inquiry about the connection destination information (routing information) of the called party number (telephone number of the called terminal 5 (FIG. 1)) from the call processing server 20, The information table 130 is referenced to extract connection destination information (routing information) corresponding to the destination number and return it to the call processing server 20 .
 このように、ENUM/DNSサーバ10は、最新の詐欺番号情報110および保護対象番号情報120を取得した上で、発信元番号と着信先番号の接続パターンに基づき、警戒レベルを決定することができる。 In this way, the ENUM/DNS server 10 acquires the latest fraudulent number information 110 and protected number information 120, and can determine the alert level based on the connection pattern of the calling number and the called number. .
≪呼処理サーバ≫
 図6は、本実施形態に係る呼処理サーバ20の構成例を示す機能ブロック図である。
 この呼処理サーバ20は、自身が収容する各発信元装置(発端末4)からの接続要求(呼)を受信する。そして、呼処理サーバ20は、その発信元装置の発信元番号および着信先番号を付した警戒レベル判定要求をENUM/DNSサーバ10に送信することにより、警戒レベルの判定結果を受信する。呼処理サーバ20は、受信した警戒レベルに応じた特殊詐欺対策として、通話開始前に、呼の規制(呼切断)や、ガイダンス装置30によるガイダンスの配信を実行する。
 この呼処理サーバ20は、入出力部21と、制御部22と、記憶部23とを備える。 ≪Call Processing Server≫
FIG. 6 is a functional block diagram showing a configuration example of the call processing server 20 according to this embodiment.
The call processing server 20 receives a connection request (call) from each calling device (calling terminal 4) that it accommodates. Then, the call processing server 20 receives the alert level determination result by transmitting to the ENUM/DNS server 10 an alert level determination request to which the caller number and destination number of the caller device are attached. The call processing server 20 controls the call (disconnects the call) and distributes guidance by the guidance device 30 before the call starts as special fraud countermeasures according to the received security level.
This call processing server 20 comprises an input/output unit 21 , a control unit 22 and a storage unit 23 .
 入出力部21は、他の装置等との間の情報について入出力を行う。例えば、入出力部21は、各端末(発信元装置(発端末4)、着端末5等)やENUM/DNSサーバ10等との間で情報の送受信を行う。この入出力部21は、通信回線を介して情報の送受信を行う通信インタフェースと、不図示のキーボード等の入力装置やモニタ等の出力装置との間で情報の入出力を行う入出力インタフェースとから構成される。 The input/output unit 21 inputs and outputs information to and from other devices. For example, the input/output unit 21 transmits and receives information to and from each terminal (originating device (originating terminal 4), terminating terminal 5, etc.), ENUM/DNS server 10, and the like. The input/output unit 21 includes a communication interface for transmitting and receiving information via a communication line, and an input/output interface for inputting and outputting information between an input device such as a keyboard (not shown) and an output device such as a monitor. Configured.
 記憶部23は、ハードディスクやフラッシュメモリ、RAM等により構成される。
 この記憶部23には、各警戒レベルに応じた詐欺被害対策を示す警戒レベル対策情報200(詳細は後記)が格納される。
 また、この記憶部23には、制御部22の各機能を実行させるためのプログラムや、制御部22の処理に必要な情報が一時的に記憶される。 The storage unit 23 is configured by a hard disk, flash memory, RAM, or the like.
The storage unit 23 stores caution level countermeasure information 200 (details will be described later) indicating countermeasures against fraud according to each caution level.
The storage unit 23 also temporarily stores a program for executing each function of the control unit 22 and information necessary for processing of the control unit 22 .
 制御部22は、呼処理サーバ20が実行する処理の全般を司り、警戒レベル判定要求部221と、詐欺防止処理部222と、接続先情報要求部223と、呼接続処理部224とを含んで構成される。 The control unit 22 controls overall processing executed by the call processing server 20, and includes a warning level determination requesting unit 221, a fraud prevention processing unit 222, a connection destination information requesting unit 223, and a call connection processing unit 224. Configured.
 警戒レベル判定要求部221は、自身が収容する発信元装置(発端末4)から接続要求(呼)を受信する。そして、警戒レベル判定要求部221は、その発信元装置(発端末4)の発信元番号および着信先番号を付した警戒レベル判定要求を生成し、ENUM/DNSサーバ10に送信する。 The alert level determination requesting unit 221 receives a connection request (call) from the calling device (calling terminal 4) that it accommodates. Then, the alert level determination request unit 221 generates an alert level determination request to which the caller number and destination number of the caller device (calling terminal 4) are attached, and transmits the request to the ENUM/DNS server 10. FIG.
 詐欺防止処理部222は、ENUM/DNSサーバ10から警戒レベルの情報を取得する。そして、詐欺防止処理部222は、記憶部23に記憶した警戒レベル対策情報200で規定された詐欺防止処理を実行する。 The fraud prevention processing unit 222 acquires security level information from the ENUM/DNS server 10 . Then, the fraud prevention processing unit 222 executes fraud prevention processing defined by the caution level countermeasure information 200 stored in the storage unit 23 .
 図7は、本実施形態に係る警戒レベル対策情報200の例を説明する図である。
 詐欺防止処理部222は、各警戒レベルに対応付けて、呼の規制(呼切断)や、ガイダンス装置30によるガイダンスの配信等の詐欺防止処理を実行する。 FIG. 7 is a diagram illustrating an example of caution level countermeasure information 200 according to this embodiment.
The fraud prevention processing unit 222 executes fraud prevention processing such as call restriction (call disconnection) and guidance distribution by the guidance device 30 in association with each security level.
・警戒レベル「1」
 警戒レベル「1」は、発信元番号が詐欺番号情報110に登録されておらず、着信先番号も保護対象番号情報120に登録されていないケースや、発信元番号が保護対象番号情報120に登録されているが、着信先番号が詐欺番号情報110に登録されていないケース等である。この場合、詐欺防止処理部222は、詐欺防止対策処理は行わない。
 よって、詐欺防止処理部222は、その旨を接続先情報要求部223に出力して、通常の呼接続への処理を続行させる。 ・ Alert level "1"
Alert level "1" is for cases where the caller number is not registered in the fraudulent number information 110 and the destination number is not registered in the protected number information 120, or when the caller number is not registered in the protected number information 120. However, the destination number is not registered in the fraudulent number information 110, for example. In this case, the fraud prevention processing unit 222 does not perform fraud prevention countermeasure processing.
Therefore, the fraud prevention processing unit 222 outputs that fact to the connection destination information requesting unit 223 to continue processing for normal call connection.
・警戒レベル「2」
 警戒レベル「2」は、「特殊詐欺の悪意者以外から保護対象者への呼」が対象となる。この場合、詐欺防止処理部222は、ガイダンス装置30を介して、着信先端末に対し、例えば「電話の相手に注意してください。」等のガイダンスを配信する。 ・ Alert level "2"
Alert level "2" is for "calls from non-malicious persons of special fraud to protected persons". In this case, the fraud prevention processing unit 222 distributes guidance such as "Please be careful with the other party of the call" to the destination terminal via the guidance device 30 .
・警戒レベル「3」
 警戒レベル「3」は、「特殊詐欺の悪意者から保護対象者以外への呼」が対象となる。この場合、詐欺防止処理部222は、ガイダンス装置30を介して、着信先端末に対し、例えば「特殊詐欺グループからの電話の可能性があります。」等のガイダンスを配信してもよい。ただし、着信先端末のユーザは、特殊詐欺対策の保護対象者として登録していないため、ガイダンスの配信等の詐欺防止対策処理を行わない設定とすることもできる。 ・ Alert level "3"
Alert level "3" is for "calls from malicious persons of special fraud to persons other than protected persons". In this case, the fraud prevention processing unit 222 may deliver guidance such as "there is a possibility of a call from a special fraud group" to the destination terminal via the guidance device 30, for example. However, since the user of the destination terminal is not registered as a person protected by the special anti-fraud measures, it is possible to set the anti-fraud countermeasures such as distributing the guidance not to be performed.
・警戒レベル「4」
 警戒レベル「4」は、「特殊詐欺の悪意者から保護対象者への呼」が対象となる。この場合、詐欺防止処理部222は、ガイダンス装置30を介して、着信先端末に対し、例えば「特殊詐欺グループからの電話の可能性があります。」等のガイダンスを配信する。さらに、詐欺防止処理部222は、ガイダンス装置30を介して、発信元端末の特殊詐欺の悪意者に対し、「この通話は録音されております。」等のガイダンスを配信する。 ・ Alert level "4"
Alert level "4" covers "calls from malicious persons in special frauds to protected persons". In this case, the fraud prevention processing unit 222 delivers guidance such as "There is a possibility of a call from a special fraud group" to the destination terminal via the guidance device 30. Further, the fraud prevention processing unit 222 distributes guidance such as "This call is being recorded" to the malicious person of the special fraud of the originating terminal via the guidance device 30. FIG.
・警戒レベル「4-1」
 警戒レベル「4-1」は、「オレオレ詐欺の悪意者から、オレオレ詐欺以外の特殊詐欺被害の保護対象者への呼」が対象となる。この場合、詐欺防止処理部222は、ガイダンス装置30を介して、着信先端末に対し、例えば「オレオレ詐欺グループからの電話の可能性があります。」等のガイダンスを配信する。さらに、詐欺防止処理部222は、ガイダンス装置30を介して、発信元端末の特殊詐欺の悪意者に対し、「この通話は録音されております。」等のガイダンスを配信する。 ・Warning level "4-1"
Alert level "4-1" targets "a call from a malicious person who commits an 'it's me' fraud to a protected person who suffers from a special fraud other than the 'it's me'fraud". In this case, the fraud prevention processing unit 222 distributes guidance such as, for example, "There is a possibility of a call from a fraudulent group." Further, the fraud prevention processing unit 222 distributes guidance such as "This call is being recorded" to the malicious person of the special fraud of the originating terminal via the guidance device 30. FIG.
・警戒レベル「4-2」
 警戒レベル「4-2」は、「還付金詐欺の悪意者から、還付金詐欺以外の特殊詐欺被害の保護対象者への呼」が対象となる。この場合、詐欺防止処理部222は、ガイダンス装置30を介して、着信先端末に対し、例えば「還付金詐欺グループからの電話の可能性があります。」等のガイダンスを配信する。さらに、詐欺防止処理部222は、ガイダンス装置30を介して、発信元端末の特殊詐欺の悪意者に対し、「この通話は録音されております。」等のガイダンスを配信する。
 その他、発信元端末の詐欺番号の詐欺種類と、着信先端末の保護対象番号の詐欺種類とが異なるケースの場合、詐欺防止処理部222は、着信先端末の保護対象者と、発信者端末の特殊詐欺の悪意者の両方にガイダンスを配信する。 ・ Alert level "4-2"
Alert level "4-2" is for "calls from malicious persons involved in refund fraud to protected persons who are victims of special fraud other than refund fraud". In this case, the fraud prevention processing unit 222 distributes guidance to the destination terminal via the guidance device 30, such as "There is a possibility of a call from a refund fraud group." Further, the fraud prevention processing unit 222 distributes guidance such as "This call is being recorded" to the malicious person of the special fraud of the originating terminal via the guidance device 30. FIG.
In addition, in the case where the fraud type of the fraudulent number of the calling terminal and the fraud type of the protected number of the called terminal are different, the fraud prevention processing unit 222 Deliver guidance to both the Special Fraud STS.
・警戒レベル「5」
 警戒レベル「5」は、例えば、「オレオレ詐欺の悪意者からオレオレ詐欺被害の保護対象者への呼」のように、発信元端末の詐欺番号の詐欺種類と、着信先端末の保護対象番号の詐欺種類とが同一のケースが対象となる。この場合は、詐欺防止処理部222は、特殊詐欺被害にあう可能性が高いため、その接続要求(呼)を破棄(呼切断)し、着信拒否とする。
 警戒レベル「5」の他のケースは、「保護対象者から特殊詐欺の悪意者への呼」の場合である。この場合も、詐欺防止処理部222は、特殊詐欺被害にあう可能性が高いため、その接続要求(呼)を破棄(呼切断)し、発信不可とする。 ・ Alert level "5"
Alert level "5" is, for example, "a call from a malicious person who is a fraud victim to a protected person who is a victim of "It's me" fraud. Cases with the same type of fraud are covered. In this case, the fraud prevention processing unit 222 discards (disconnects) the connection request (call) and rejects the incoming call because there is a high possibility of being victimized by special fraud.
Another case with alert level "5" is the case of "Call from Protected Person to Special Fraud Service-to-Self". In this case as well, the fraud prevention processing unit 222 discards (disconnects) the connection request (call) because there is a high possibility of being victimized by special fraud, and disallows outgoing calls.
 なお、この警戒レベルに対応付けた特殊詐欺対策は、各保護対象者からの要求により、保護対象番号ごとに、詐欺防止対策処理を変更してもよい。例えば、警戒レベル「4」の「特殊詐欺の悪意者から保護対象者への呼」の場合において、着信先端末の保護対象者と、発信者端末の特殊詐欺の悪意者の両方にガイダンスを配信するのではなく、接続要求(呼)を破棄(呼切断)し、発信不可とする設定にしてもよい。また、通信事業者等の設定により、警戒レベルに対応付けた特殊詐欺対策の内容を変更してもよい。 In addition, the special fraud countermeasures associated with this alert level may change the fraud prevention countermeasure processing for each protected number at the request of each protected person. For example, in the case of "a call from a malicious person of a special fraud to a protected person" with an alert level of "4", guidance is delivered to both the protected person of the called terminal and the malicious person of the special fraud of the originating terminal. Instead, the connection request (call) may be discarded (call disconnection), and the setting may be made such that the call cannot be made. Further, the content of the special fraud countermeasures associated with the alert level may be changed according to the setting of the telecommunications carrier or the like.
 図6に戻り、接続先情報要求部223は、詐欺防止処理部222の詐欺防止処理が、その接続要求(呼)の破棄(呼切断)以外の場合に、着信先番号を付した接続先情報の問合せメッセージを生成し、ENUM/DNSサーバ10に送信する。 Returning to FIG. 6, when the fraud prevention processing of the fraud prevention processing unit 222 is other than abandonment (call disconnection) of the connection request (call), the connection destination information requesting unit 223 sends the connection destination information with the destination number. and send it to the ENUM/DNS server 10.
 呼接続処理部224は、ENUM/DNSサーバ10から、着信先番号に対応する接続先情報(ルーティング情報)を受信すると、その着信先情報で示される接続先に対し、呼接続を行う。 When the call connection processing unit 224 receives connection destination information (routing information) corresponding to the called party number from the ENUM/DNS server 10, it makes a call connection to the connection destination indicated by the called party information.
 このようにすることにより、呼処理サーバ20は、ENUM/DNSサーバ10から受信した警戒レベルに応じた詐欺防止対策処理として、通話開始前に、呼の規制(破棄)や、ガイダンス装置30によるガイダンスの配信を実行することができる。 By doing so, the call processing server 20, as a fraud prevention countermeasure process according to the security level received from the ENUM/DNS server 10, restricts (discards) the call and provides guidance by the guidance device 30 before the call starts. delivery can be performed.
≪詐欺被害防止システムの処理≫
 次に、詐欺被害防止システム1000が実行する処理を説明する。
 図8は、本実施形態に係る詐欺被害防止システム1000の処理の流れを示すシーケンス図である。 ≪Processing of Fraud Damage Prevention System≫
Next, processing executed by the fraud damage prevention system 1000 will be described.
FIG. 8 is a sequence diagram showing the processing flow of the fraud damage prevention system 1000 according to this embodiment.
 ENUM/DNSサーバ10の番号情報更新部121は、行政機関等が保有する番号データベース700から、最新の詐欺番号情報110および保護対象番号情報120を取得し、記憶部13に記憶する(ステップS1)。
 この詐欺番号情報110および保護対象番号情報120の更新は、例えば、ENUM/DNSプロトコルを用いた情報更新方式により、リアルタイムに保存・同期するようにしてもよい。 The number information updating unit 121 of the ENUM/DNS server 10 acquires the latest fraudulent number information 110 and protected number information 120 from the number database 700 held by an administrative agency or the like, and stores them in the storage unit 13 (step S1). .
The update of the fraud number information 110 and the protected number information 120 may be saved and synchronized in real time, for example, by an information update method using the ENUM/DNS protocol.
 次に、呼処理サーバ20は、発端末4から着端末5に対する接続要求(呼)を受信する(ステップS2)。この接続要求(呼)には、着端末5の着信先番号とともに、発端末4の発信元番号が付されている。 Next, the call processing server 20 receives a connection request (call) from the calling terminal 4 to the called terminal 5 (step S2). This connection request (call) is attached with the destination number of the receiving terminal 5 and the caller number of the calling terminal 4 .
 続いて、呼処理サーバ20の警戒レベル判定要求部221は、その発端末4の発信元番号と、着端末5の着信先番号とを付した警戒レベル判定要求を生成し、ENUM/DNSサーバ10に送信する(ステップS3)。 Subsequently, the alert level determination requesting unit 221 of the call processing server 20 generates an alert level determination request to which the caller number of the calling terminal 4 and the destination number of the called terminal 5 are attached, and the ENUM/DNS server 10 (step S3).
 ENUM/DNSサーバ10(警戒レベル判定部122)は、発信元番号および着信先番号が付された警戒レベル判定要求を受信する。そして、警戒レベル判定部122は、発信元番号が、詐欺番号情報110または保護対象番号情報120に登録されているか否かを判定する。また、警戒レベル判定部122は、着信先番号が、詐欺番号情報110または保護対象番号情報120に登録されているか否かを判定する。これにより、警戒レベル判定部122は、発信元番号および着信先番号に基づく接続パターン(図5参照)を判別し、その接続パターンに応じた警戒レベルを決定する(ステップS4)。
 そして、警戒レベル判定部122は、決定した警戒レベルの情報を、呼処理サーバ20に返信する(ステップS5)。 The ENUM/DNS server 10 (alert level determination unit 122) receives the alert level determination request to which the caller number and destination number are attached. Alert level determination unit 122 then determines whether the caller number is registered in fraud number information 110 or protected number information 120 . The vigilance level determination unit 122 also determines whether or not the destination number is registered in the fraudulent number information 110 or the protected number information 120 . Accordingly, the caution level determination unit 122 determines the connection pattern (see FIG. 5) based on the caller number and the destination number, and determines the caution level according to the connection pattern (step S4).
Then, the alert level determination unit 122 sends back the determined alert level information to the call processing server 20 (step S5).
 続いて、呼処理サーバ20の詐欺防止処理部222は、ENUM/DNSサーバ10から警戒レベルの情報を取得すると、記憶部23に記憶した警戒レベル対策情報200(図7参照)で規定された特殊詐欺対策を実行する(ステップS6)。 Subsequently, when the fraud prevention processing unit 222 of the call processing server 20 acquires information on the security level from the ENUM/DNS server 10, the special Anti-fraud measures are executed (step S6).
 なお、図7において示した警戒レベルが5段階で示す例では、警戒レベル「2」「3」では、詐欺防止処理部222は、着端末5に対して、ガイダンス装置30によるガイダンスを配信する処理を実行させ、詐欺被害への注意喚起を促す。警戒レベル「4」では、詐欺防止処理部222は、着端末5に対して、ガイダンス装置30によるガイダンスを配信する処理を実行させるとともに、発端末4に対しても、ガイダンス装置30によるガイダンスを配信する処理を実行させる。なお、ガイダンス装置30により着端末5および発端末4にガイダンスを配信する実際のタイミングは、接続先情報要求部223により、着信先番号に対応する接続先情報(ルーティング情報)を受信した後、呼接続の前である。
 また、警戒レベル「5」では、詐欺防止処理部222は、呼の規制処理(呼切断)をすることにより、特殊詐欺被害の悪意者と保護対象者との間の通話を遮断し、処理を終了する。
 なお、詐欺防止処理部222は、図7で示した警戒レベルを5段階で示す警戒レベル対策情報200の例において、警戒レベル「1」の場合は、特殊詐欺対策を行わない。 Note that in the example shown in FIG. 7 where the alert level is five stages, the fraud prevention processing unit 222 distributes guidance from the guidance device 30 to the receiving terminal 5 at the alert levels "2" and "3". and call attention to fraud damage. At alert level "4", the fraud prevention processing unit 222 causes the receiving terminal 5 to execute the process of distributing guidance from the guidance device 30, and also distributes guidance from the guidance device 30 to the calling terminal 4. to execute the process to be performed. Note that the actual timing at which guidance is delivered to the called terminal 5 and the calling terminal 4 by the guidance device 30 is determined by the connection destination information requesting unit 223 after receiving the connection destination information (routing information) corresponding to the destination number. Before connection.
At alert level "5", the fraud prevention processing unit 222 performs call regulation processing (call disconnection) to cut off the communication between the malicious person who is the victim of special fraud and the person to be protected, and terminates the processing. finish.
Note that the fraud prevention processing unit 222 does not take special fraud countermeasures when the alert level is "1" in the example of the alert level countermeasure information 200 showing five alert levels shown in FIG.
 続いて、呼処理サーバ20の接続先情報要求部223は、警戒レベル「5」であり、呼の規制処理(呼切断)を行った場合を除いて、着信先番号を付した接続先情報の問合せメッセージを生成し、ENUM/DNSサーバ10に送信する(ステップS7:接続先情報問合せ)。 Subsequently, the connection destination information requesting unit 223 of the call processing server 20 sets the alert level to "5", and except when the call restriction processing (call disconnection) is performed, the connection destination information with the destination number is sent. An inquiry message is generated and transmitted to the ENUM/DNS server 10 (step S7: connection destination information inquiry).
 ENUM/DNSサーバ10の接続先情報検索部123は、接続先情報の問合せを受信すると、接続先情報テーブル130を参照し、その着信先番号に対応する接続先情報(ルーティング情報)を抽出して、呼処理サーバ20に返信する(ステップS8:接続先情報応答)。 When the connection destination information search unit 123 of the ENUM/DNS server 10 receives the connection destination information inquiry, the connection destination information search unit 123 refers to the connection destination information table 130 and extracts the connection destination information (routing information) corresponding to the destination number. , to the call processing server 20 (step S8: connection destination information response).
 次に、呼処理サーバ20(呼接続処理部224)は、ENUM/DNSサーバ10から、着信先番号に対応する接続先情報(ルーティング情報)を受信すると、その着信先情報に示される接続先に対し呼接続し(ステップS9)、発端末4と着端末5との通信接続を行う。 Next, when the call processing server 20 (call connection processing unit 224) receives connection destination information (routing information) corresponding to the destination number from the ENUM/DNS server 10, the connection destination indicated in the destination information Call connection is made (step S9), and communication connection between the calling terminal 4 and the called terminal 5 is established.
 このようにすることで、詐欺被害防止システム1000は、ENUM/DNSサーバ10が、発信元番号と着信先番号の組み合わせパターン(接続パターン)を判定し、詐欺番号から保護対象番号への発信と、保護対象番号から詐欺番号への発信の両方について、警戒レベルを判定することができる。この警戒レベルに基づき、呼処理サーバ20は、通話開始前に、詐欺被害の防止処理(呼の規制(呼切断)や、ガイダンスの配信)を実行する。
 よって、本詐欺被害防止システム1000によれば、電話を利用した詐欺を防止する際に、着信側ではなく、より発信元装置(発端末)に近いネットワーク側において、通話開始前に、効果的な詐欺被害の防止処理を実行することができる。 By doing so, in the fraud damage prevention system 1000, the ENUM/DNS server 10 determines the combination pattern (connection pattern) of the source number and the destination number, and makes a call from the fraudulent number to the protected number, A vigilance level can be determined for both calls from protected numbers to fraudulent numbers. Based on this vigilance level, the call processing server 20 executes fraud damage prevention processing (call control (call disconnection) and guidance delivery) before starting a call.
Therefore, according to the fraud damage prevention system 1000, when preventing fraud using a telephone, the network side, which is closer to the originating device (originating terminal) than the receiving side, before the call starts, effectively Fraud damage prevention processing can be executed.
<ハードウェア構成>
 本実施形態に係るENUM/DNSサーバ10および呼処理サーバ20は、例えば図9に示すような構成のコンピュータ900によって実現される。
 図9は、本実施形態に係るENUM/DNSサーバ10および呼処理サーバ20の機能を実現するコンピュータ900の一例を示すハードウェア構成図である。コンピュータ900は、CPU(Central Processing Unit)901、ROM(Read Only Memory)902、RAM903、HDD(Hard Disk Drive)904、入出力I/F(Interface)905、通信I/F906およびメディアI/F907を有する。 <Hardware configuration>
The ENUM/DNS server 10 and the call processing server 20 according to this embodiment are implemented by a computer 900 configured as shown in FIG. 9, for example.
FIG. 9 is a hardware configuration diagram showing an example of a computer 900 that implements the functions of the ENUM/DNS server 10 and the call processing server 20 according to this embodiment. The computer 900 includes a CPU (Central Processing Unit) 901, a ROM (Read Only Memory) 902, a RAM 903, a HDD (Hard Disk Drive) 904, an input/output I/F (Interface) 905, a communication I/F 906 and a media I/F 907. have.
 CPU901は、ROM902またはHDD904に記憶されたプログラムに基づき作動し、制御部12,22(図2,図6)による制御を行う。ROM902は、コンピュータ900の起動時にCPU901により実行されるブートプログラムや、コンピュータ900のハードウェアに係るプログラム等を記憶する。 The CPU 901 operates based on programs stored in the ROM 902 or HDD 904, and performs control by the control units 12 and 22 (FIGS. 2 and 6). The ROM 902 stores a boot program executed by the CPU 901 when the computer 900 is started, a program related to the hardware of the computer 900, and the like.
 CPU901は、入出力I/F905を介して、マウスやキーボード等の入力装置910、および、ディスプレイやプリンタ等の出力装置911を制御する。CPU901は、入出力I/F905を介して、入力装置910からデータを取得するともに、生成したデータを出力装置911へ出力する。なお、プロセッサとしてCPU901とともに、GPU(Graphics Processing Unit)等を用いても良い。 The CPU 901 controls an input device 910 such as a mouse and keyboard, and an output device 911 such as a display and printer via an input/output I/F 905 . The CPU 901 acquires data from the input device 910 and outputs the generated data to the output device 911 via the input/output I/F 905 . A GPU (Graphics Processing Unit) or the like may be used together with the CPU 901 as a processor.
 HDD904は、CPU901により実行されるプログラムおよび当該プログラムによって使用されるデータ等を記憶する。通信I/F906は、通信網(例えば、NW(Network)920)を介して他の装置からデータを受信してCPU901へ出力し、また、CPU901が生成したデータを、通信網を介して他の装置へ送信する。 The HDD 904 stores programs executed by the CPU 901 and data used by the programs. Communication I/F 906 receives data from other devices via a communication network (for example, NW (Network) 920) and outputs it to CPU 901, and transmits data generated by CPU 901 to other devices via the communication network. Send to device.
 メディアI/F907は、記録媒体912に格納されたプログラムまたはデータを読み取り、RAM903を介してCPU901へ出力する。CPU901は、目的の処理に係るプログラムを、メディアI/F907を介して記録媒体912からRAM903上にロードし、ロードしたプログラムを実行する。記録媒体912は、DVD(Digital Versatile Disc)、PD(Phase change rewritable Disk)等の光学記録媒体、MO(Magneto Optical disk)等の光磁気記録媒体、磁気記録媒体、半導体メモリ等である。 The media I/F 907 reads programs or data stored in the recording medium 912 and outputs them to the CPU 901 via the RAM 903 . The CPU 901 loads a program related to target processing from the recording medium 912 onto the RAM 903 via the media I/F 907, and executes the loaded program. The recording medium 912 is an optical recording medium such as a DVD (Digital Versatile Disc) or a PD (Phase change rewritable Disk), a magneto-optical recording medium such as an MO (Magneto Optical disk), a magnetic recording medium, a semiconductor memory, or the like.
 例えば、コンピュータ900が本発明のENUM/DNSサーバ10、呼処理サーバ20として機能する場合、コンピュータ900のCPU901は、RAM903上にロードされたプログラムを実行することにより、ENUM/DNSサーバ10、呼処理サーバ20の機能を実現する。また、HDD904には、RAM903内のデータが記憶される。CPU901は、目的の処理に係るプログラムを記録媒体912から読み取って実行する。この他、CPU901は、他の装置から通信網(NW920)を介して目的の処理に係るプログラムを読み込んでもよい。 For example, when the computer 900 functions as the ENUM/DNS server 10 and the call processing server 20 of the present invention, the CPU 901 of the computer 900 executes the program loaded on the RAM 903 to perform the ENUM/DNS server 10 and the call processing server. It implements the functions of the server 20 . Data in the RAM 903 is stored in the HDD 904 . The CPU 901 reads a program related to target processing from the recording medium 912 and executes it. In addition, the CPU 901 may read a program related to target processing from another device via the communication network (NW 920).
<効果>
 以下、本発明に係る詐欺被害防止システム等の効果について説明する。
 本発明に係る詐欺被害防止システムは、発信元装置(発端末4)と着信先装置(着端末5)とを呼接続する呼処理サーバ20と、呼処理サーバ20に接続され、着信先装置の接続先情報の解決処理を行うENUM/DNSサーバ10とを備える詐欺被害防止システム1000であって、呼処理サーバ20が、発信元装置から接続要求を受け付けると、当該発信元装置の発信元番号および着信先装置の着信先番号を付した警戒レベル判定要求をENUM/DNSサーバ10に送信する警戒レベル判定要求部221と、ENUM/DNSサーバ10から、接続要求に関する警戒レベルの判定結果を受信し、警戒レベルに応じた所定の詐欺被害防止処理を実行する詐欺防止処理部222と、を備え、ENUM/DNSサーバ10が、詐欺対策の対象となる番号を示す詐欺番号が登録される詐欺番号情報110、および、詐欺被害から保護する対象となるユーザの番号を示す保護対象番号が登録される保護対象番号情報120を、外部データベース(番号データベース700)から所定の時間間隔で取得し、記憶部13に記憶された詐欺番号情報および保護対象番号情報を更新する番号情報更新部121と、警戒レベル判定要求に付された発信元番号および着信先番号を用いて、発信元番号が詐欺番号情報110または保護対象番号情報120に登録されているか否か、着信先番号が詐欺番号情報110または保護対象番号情報120に登録されているか否かを判定することにより、接続要求の接続パターンを判別し、判別した接続パターンに応じて、詐欺被害が発生する可能性が高い程、より高いレベルの詐欺被害防止処理が必要と評価する警戒レベルを決定する警戒レベル判定部122と、を備えることを特徴とする。 <effect>
Effects of the fraud damage prevention system and the like according to the present invention will be described below.
A fraud damage prevention system according to the present invention includes a call processing server 20 that connects a calling device (calling terminal 4) and a called device (called terminal 5); In a fraud damage prevention system 1000 comprising an ENUM/DNS server 10 that performs connection destination information resolution processing, when the call processing server 20 receives a connection request from a calling device, the caller number of the calling device and a warning level determination request unit 221 that transmits a warning level determination request to the ENUM/DNS server 10 to which the destination number of the destination device is attached; a fraud prevention processing unit 222 that executes predetermined fraud damage prevention processing according to the alert level, and the ENUM/DNS server 10 registers fraud number information 110 indicating a fraud countermeasure target number. , and protected number information 120 in which a protected number indicating the number of a user to be protected from fraud damage is registered is obtained from an external database (number database 700) at predetermined time intervals, and stored in the storage unit 13. Using the number information updating unit 121 for updating the stored fraud number information and protected number information, and the caller number and destination number attached to the alert level determination request, the caller number is updated to the fraud number information 110 or the protected number information. The connection pattern of the connection request is discriminated by determining whether it is registered in the target number information 120 and whether the called party number is registered in the fraudulent number information 110 or the protected number information 120. and a warning level determination unit 122 for determining a warning level for evaluating that a higher level of fraud prevention processing is required as the possibility of fraud damage is higher according to the connection pattern.
 このように、詐欺被害防止システム1000によれば、ENUM/DNSサーバ10が、外部データベース(番号データベース700)から取得した、詐欺番号情報110および保護対象番号情報120を用いて接続パターンを判定し、判定した接続パターンに応じて警戒レベルを決定し、呼処理サーバ20において、警戒レベルごとの詐欺被害防止処理を実行することができる。
 よって、着信側ではなく、より発信元装置(発端末4)に近いネットワーク側において、詐欺被害防止処理を実行することができる。また、詐欺被害防止システム1000では、通話開始前に詐欺被害防止処理を実行するため、ユーザに負担がなく、さらに通話の完了が前提ではないため即時性の面での問題もない。また、ENUM/DNSサーバ10が、接続パターンを判定することにより、保護対象者から特殊詐欺の悪意者への呼に対しても詐欺被害防止処理を実行することができる。よって、従来技術に比べ、より効果的な詐欺被害の防止処理が可能となる。 Thus, according to the fraud damage prevention system 1000, the ENUM/DNS server 10 determines the connection pattern using the fraud number information 110 and the protected number information 120 obtained from the external database (number database 700), A security level is determined according to the determined connection pattern, and the call processing server 20 can execute fraud damage prevention processing for each security level.
Therefore, fraud damage prevention processing can be executed not on the receiving side but on the network side closer to the calling device (calling terminal 4). In addition, since the fraud damage prevention system 1000 executes fraud damage prevention processing before the start of a call, there is no burden on the user. In addition, by determining the connection pattern, the ENUM/DNS server 10 can also execute fraud damage prevention processing for a call from a person to be protected to a malicious party of a special fraud. Therefore, it is possible to prevent fraud damage more effectively than in the prior art.
 また、詐欺被害防止システム1000において、ENUM/DNSサーバ10の警戒レベル判定部122は、発信元番号が保護対象番号情報120に登録されており、着信先番号が詐欺番号情報110に登録されている場合に、接続要求の警戒レベルを、詐欺被害防止処理として呼切断を行うレベルの警戒レベルに決定することを特徴とする。 In addition, in the fraud damage prevention system 1000, the alert level determination unit 122 of the ENUM/DNS server 10 has the caller number registered in the protected number information 120 and the destination number registered in the fraud number information 110. In this case, the alert level of the connection request is determined to be the alert level of disconnecting the call as fraud damage prevention processing.
 このようにすることで、特殊詐欺の被害を被る可能性が非常に高い「保護対象者から特殊詐欺の悪意者への呼」について、通話開始前に呼の規制(呼切断)を行い、保護対象者の被害を防止することができる。 By doing this, for "a call from a protected person to a malicious party of a special fraud", which has a very high possibility of being victimized by a special fraud, the call is regulated (call disconnection) before the call starts, and protection is provided. Damage to the target can be prevented.
 また、詐欺被害防止システム1000において、詐欺番号情報110には、詐欺番号に対応付けて特殊詐欺の種類を示す詐欺種類が登録されており、保護対象番号情報120には、保護対象番号に対応付けて詐欺種類が登録されており、ENUM/DNSサーバ10の警戒レベル判定部122は、発信元番号が詐欺番号情報110に登録されており、着信先番号が保護対象番号情報120に登録されている場合で、詐欺番号に付された詐欺種類と、保護対象番号に付された詐欺種類とが一致するときに、接続要求の警戒レベルを、詐欺被害防止処理として呼切断を行うレベルの警戒レベルに決定することを特徴とする。 Further, in the fraud damage prevention system 1000, the fraud number information 110 registers a fraud type indicating the type of special fraud in association with the fraud number, and the protected number information 120 registers a fraud number associated with the protected number. The type of fraud is registered in the ENUM/DNS server 10, and the warning level determination unit 122 of the ENUM/DNS server 10 determines that the caller number is registered in the fraud number information 110 and the destination number is registered in the protected number information 120. case, when the type of fraud attached to the fraudulent number matches the type of fraud attached to the protected number, the alert level of the connection request is set to the alert level at which the call is disconnected as fraud damage prevention processing. It is characterized by determining.
 このように、詐欺番号情報110において、詐欺番号に対応付けてその特殊詐欺に関する詐欺種類を登録しておき、保護対象番号情報120において、保護対象者が被害にあった特殊詐欺の詐欺種類を登録しておく。これにより、ENUM/DNSサーバ10の警戒レベル判定部122は、発信元番号である詐欺番号の詐欺種類と、着信先番号である保護対象番号の詐欺種類とが一致する場合に、その接続要求を呼切断することができる。よって、例えば、「オレオレ詐欺の悪意者からオレオレ詐欺の被害者への呼」のように、特殊詐欺(例えば、オレオレ詐欺)の種類が同じで、被害にあう可能性の高い組合せの呼の規制(呼切断)を行い、被害を事前に防止することができる。 In this way, in the fraud number information 110, the fraud type related to the special fraud is registered in association with the fraud number, and in the protected number information 120, the fraud type of the special fraud that the protected person suffered is registered. Keep As a result, when the fraud type of the fraudulent number, which is the source number, matches the fraud type of the protected number, which is the destination number, the alert level determination unit 122 of the ENUM/DNS server 10 issues the connection request. Call can be disconnected. Therefore, for example, like "a call from a malicious person to a victim of an 'It's me' fraud" type of special fraud (e.g., it's me fraud) is the same, and the combination of calls with a high possibility of being victimized is restricted. (Call disconnection) can be performed to prevent damage in advance.
 また、詐欺被害防止システム1000において、ENUM/DNSサーバ10の番号情報更新部121は、外部データベース(番号データベース700)との間で、ENUM/DNSプロトコルを用いて、詐欺番号情報110および保護対象番号情報120をリアルタイムに取得し、記憶部13に記憶された詐欺番号情報110および保護対象番号情報120を更新することを特徴とする。 Further, in the fraud damage prevention system 1000, the number information updating unit 121 of the ENUM/DNS server 10 exchanges the fraud number information 110 and the protected number with the external database (number database 700) using the ENUM/DNS protocol. It is characterized in that the information 120 is acquired in real time and the fraud number information 110 and the protected number information 120 stored in the storage unit 13 are updated.
 このように、ENUM/DNSサーバ10は、外部データベース(番号データベース700)との間で、ENUM/DNSプロトコルを用いて、詐欺番号情報110および保護対象番号情報120をリアルタイムに取得することができる。よって、最新の情報を用いて、より効果的に詐欺被害を防止することが可能となる。 In this way, the ENUM/DNS server 10 can acquire fraud number information 110 and protected number information 120 in real time from an external database (number database 700) using the ENUM/DNS protocol. Therefore, it is possible to prevent fraud damage more effectively by using the latest information.
 また、詐欺被害防止システム1000において、呼処理サーバ20は、ガイダンス装置30を備えており、呼処理サーバ20の詐欺防止処理部222が、所定の詐欺被害防止処理として、詐欺被害を防止するためのガイダンスをガイダンス装置30から着信先装置に配信すること、詐欺被害を防止するためのガイダンスをガイダンス装置30から発信元装置に配信すること、接続要求の呼切断、の少なくともいずれかを実行することを特徴とする。 In addition, in the fraud damage prevention system 1000, the call processing server 20 is provided with a guidance device 30, and the fraud prevention processing unit 222 of the call processing server 20 performs a predetermined fraud prevention process to prevent fraud damage. At least one of delivering guidance from the guidance device 30 to the destination device, delivering guidance for preventing fraud damage from the guidance device 30 to the originating device, and disconnecting the connection request call. Characterized by
 これにより、呼処理サーバ20は、ネットワーク側に設けられたガイダンス装置30から、着信先装置(着端末5)や発信元装置(発端末4)にガイダンスを配信したり、接続要求の呼切断を行ったりすることができる。なお、呼処理サーバ20は、着信先装置には、例えば、特殊詐欺について注意喚起するガイダンスを配信することにより被害を防止する。また、呼処理サーバ20は、発信元装置には、例えば、通話を録音する等のガイダンスを配信することにより、特殊詐欺の悪意者に自発的に呼切断することを促し、ネットワークに悪意の呼が流通するのを減少させ、被害を防止する。 As a result, the call processing server 20 distributes guidance from the guidance device 30 provided on the network side to the receiving device (the receiving terminal 5) and the calling device (the calling terminal 4), and disconnects the call for the connection request. you can go Note that the call processing server 20 prevents damage by distributing, for example, guidance calling attention to special fraud to the receiving device. In addition, the call processing server 20 distributes guidance such as recording the call to the originating device, thereby prompting the malicious party of the special fraud to voluntarily disconnect the call. to reduce the distribution and prevent damage.
 本発明に係るENUM/DNSサーバは、呼処理サーバ20に接続されるENUM/DNSサーバ10であって、ENUM/DNSサーバ10が、詐欺対策の対象となる番号を示す詐欺番号が登録される詐欺番号情報110、および、詐欺被害から保護する対象となるユーザの番号を示す保護対象番号が登録される保護対象番号情報120を記憶する外部データベースと接続されており、外部データベースから所定の時間間隔で詐欺番号情報110および保護対象番号情報120を取得し、記憶部13に記憶された詐欺番号情報110および保護対象番号情報120を更新する番号情報更新部121と、接続要求を受け付けた呼処理サーバ20から、発信元番号および着信先番号が付された警戒レベル判定要求を受信し、発信元番号が詐欺番号情報110または保護対象番号情報120に登録されているか否か、着信先番号が詐欺番号情報110または保護対象番号情報120に登録されているか否かを判定することにより、接続要求の接続パターンを判別し、判別した接続パターンに応じて、詐欺被害が発生する可能性が高い程、より高いレベルの詐欺被害防止処理が必要と評価する警戒レベルを決定する警戒レベル判定部122と、を備えることを特徴とする。 The ENUM/DNS server according to the present invention is the ENUM/DNS server 10 connected to the call processing server 20, and the ENUM/DNS server 10 is a fraudulent fraud number registering a fraud countermeasure target number. It is connected to an external database that stores number information 110 and protected number information 120 in which a protected number indicating the number of a user to be protected from fraud damage is registered. A number information updating unit 121 that acquires fraudulent number information 110 and protected number information 120 and updates the fraudulent number information 110 and protected number information 120 stored in the storage unit 13, and a call processing server 20 that accepts a connection request. receives a warning level determination request to which the caller number and the called party number are attached, and determines whether the caller number is registered in the fraud number information 110 or the protected number information 120, and whether the called party number is the fraud number information. 110 or the protected number information 120 to determine the connection pattern of the connection request. and a caution level determination unit 122 that determines a caution level that is evaluated to require level fraud damage prevention processing.
 このように、ENUM/DNSサーバ10によれば、外部データベース(番号データベース700)から取得した、詐欺番号情報110および保護対象番号情報120を用いて接続パターンを判定し、判定した接続パターンに応じて警戒レベルを決定する。よって、この警戒レベルの情報を呼処理サーバ20に送信することにより、呼処理サーバ20において、警戒レベルに応じた詐欺被害防止処理を実行させることができる。
 よって、着信側ではなく、より発信元装置(発端末4)に近いネットワーク側において、詐欺被害防止処理を実行することができる。また、ENUM/DNSサーバ10は、通話開始前に呼処理サーバ20に詐欺被害防止処理を実行させるため、ユーザに負担がなく、さらに通話の完了が前提ではないため即時性の面での問題もない。また、ENUM/DNSサーバ10が、接続パターンを判定することにより、保護対象者から特殊詐欺の悪意者への呼に対しても詐欺被害防止処理を実行することができる。よって、従来技術に比べ、より効果的な詐欺被害の防止処理が可能となる。 Thus, according to the ENUM/DNS server 10, the connection pattern is determined using the fraudulent number information 110 and the protected number information 120 obtained from the external database (number database 700), and according to the determined connection pattern Determine alert level. Therefore, by transmitting the alert level information to the call processing server 20, the call processing server 20 can execute fraud damage prevention processing according to the alert level.
Therefore, fraud damage prevention processing can be executed not on the receiving side but on the network side closer to the calling device (calling terminal 4). In addition, since the ENUM/DNS server 10 causes the call processing server 20 to perform fraud damage prevention processing before the start of a call, there is no burden on the user. do not have. In addition, by determining the connection pattern, the ENUM/DNS server 10 can also execute fraud damage prevention processing for a call from a person to be protected to a malicious party of a special fraud. Therefore, it is possible to prevent fraud damage more effectively than in the prior art.
 なお、本発明は、以上説明した実施形態に限定されるものではなく、多くの変形が本発明の技術的思想内で当分野において通常の知識を有する者により可能である。 It should be noted that the present invention is not limited to the embodiments described above, and many modifications are possible within the technical concept of the present invention by those who have ordinary knowledge in this field.
 4   発端末
 5   着端末
 10  ENUM/DNSサーバ
 11,21 入出力部
 12,22 制御部
 13,23 記憶部
 20  呼処理サーバ
 30  ガイダンス装置
 110 詐欺番号情報
 120 保護対象番号情報
 121 番号情報更新部
 122 警戒レベル判定部
 123 接続先情報検索部
 130 接続先情報テーブル
 200 警戒レベル対策情報
 221 警戒レベル判定要求部
 222 詐欺防止処理部
 223 接続先情報要求部
 224 呼接続処理部
 700 番号データベース(外部データベース)
 1000 詐欺被害防止システム 4 calling terminal 5 called terminal 10 ENUM/ DNS server 11, 21 input/ output unit 12, 22 control unit 13, 23 storage unit 20 call processing server 30 guidance device 110 fraud number information 120 protected number information 121 number information update unit 122 vigilance Level determination unit 123 Connection destination information search unit 130 Connection destination information table 200 Security level countermeasure information 221 Security level determination request unit 222 Fraud prevention processing unit 223 Connection destination information request unit 224 Call connection processing unit 700 Number database (external database)
1000 Fraud damage prevention system

Claims (8)

  1.  発信元装置と着信先装置とを呼接続する呼処理サーバと、前記呼処理サーバに接続され、前記着信先装置の接続先情報の解決処理を行うENUM/DNSサーバとを備える詐欺被害防止システムであって、
     前記呼処理サーバは、
     前記発信元装置から接続要求を受け付けると、当該発信元装置の発信元番号および前記着信先装置の着信先番号を付した警戒レベル判定要求を前記ENUM/DNSサーバに送信する警戒レベル判定要求部と、
     前記ENUM/DNSサーバから、前記接続要求に関する警戒レベルの判定結果を受信し、前記警戒レベルに応じた所定の詐欺被害防止処理を実行する詐欺防止処理部と、を備え、
     前記ENUM/DNSサーバは、
     詐欺対策の対象となる番号を示す詐欺番号が登録される詐欺番号情報、および、詐欺被害から保護する対象となるユーザの番号を示す保護対象番号が登録される保護対象番号情報を、外部データベースから所定の時間間隔で取得し、記憶部に記憶された前記詐欺番号情報および前記保護対象番号情報を更新する番号情報更新部と、
     前記警戒レベル判定要求に付された前記発信元番号および前記着信先番号を用いて、前記発信元番号が前記詐欺番号情報または前記保護対象番号情報に登録されているか否か、前記着信先番号が前記詐欺番号情報または前記保護対象番号情報に登録されているか否かを判定することにより、前記接続要求の接続パターンを判別し、判別した接続パターンに応じて、詐欺被害が発生する可能性が高い程、より高いレベルの前記詐欺被害防止処理が必要と評価する警戒レベルを決定する警戒レベル判定部と、
     を備えることを特徴とする詐欺被害防止システム。     A fraud damage prevention system comprising: a call processing server that connects a calling device and a destination device; There is
    The call processing server
    an alert level determination requesting unit that, upon receiving a connection request from the originating device, transmits to the ENUM/DNS server an alert level determination request attached with the originating number of the originating device and the destination number of the destination device; ,
    a fraud prevention processing unit that receives, from the ENUM/DNS server, a warning level determination result regarding the connection request and executes a predetermined fraud damage prevention process according to the warning level;
    The ENUM/DNS server,
    Fraud number information, in which fraud numbers are registered as fraud countermeasures, and protected number information, in which protected numbers are registered as user numbers to be protected against fraud, are retrieved from an external database. a number information update unit that acquires at predetermined time intervals and updates the fraud number information and the protected number information stored in a storage unit;
    Using the caller number and the called party number attached to the alert level determination request, whether or not the caller number is registered in the fraudulent number information or the protected number information is determined. The connection pattern of the connection request is determined by determining whether or not it is registered in the fraudulent number information or the protected number information, and there is a high possibility that fraud damage will occur according to the determined connection pattern. a warning level determination unit that determines a warning level that evaluates that a higher level of fraud damage prevention processing is necessary as the degree is higher;
    A fraud damage prevention system comprising:
  2.  前記ENUM/DNSサーバの前記警戒レベル判定部は、前記発信元番号が前記保護対象番号情報に登録されており、前記着信先番号が前記詐欺番号情報に登録されている場合に、前記接続要求の前記警戒レベルを、前記詐欺被害防止処理として呼切断を行うレベルの警戒レベルに決定すること
     を特徴とする請求項1に記載の詐欺被害防止システム。     The alert level determination unit of the ENUM/DNS server determines whether the connection request is issued when the caller number is registered in the protected number information and the destination number is registered in the fraudulent number information. 2. The fraud damage prevention system according to claim 1, wherein the alert level is set to a level at which a call is disconnected as the fraud damage prevention processing.
  3.  前記詐欺番号情報には、前記詐欺番号に対応付けて特殊詐欺の種類を示す詐欺種類が登録されており、前記保護対象番号情報には、前記保護対象番号に対応付けて前記詐欺種類が登録されており、
     前記ENUM/DNSサーバの前記警戒レベル判定部は、前記発信元番号が前記詐欺番号情報に登録されており、前記着信先番号が前記保護対象番号情報に登録されている場合で、前記詐欺番号に付された詐欺種類と、前記保護対象番号に付された詐欺種類とが一致するときに、前記接続要求の前記警戒レベルを、前記詐欺被害防止処理として呼切断を行うレベルの警戒レベルに決定すること
     を特徴とする請求項1に記載の詐欺被害防止システム。     In the fraud number information, a fraud type indicating a type of special fraud is registered in association with the fraud number, and in the protected number information, the fraud type is registered in association with the protected number. and
    When the caller number is registered in the fraud number information and the destination number is registered in the protected number information, the alert level determination unit of the ENUM/DNS server When the affixed fraud type matches the fraud type affixed to the protected number, the alert level of the connection request is determined as a level of alert level for disconnecting the call as the fraud damage prevention processing. The fraud damage prevention system according to claim 1, characterized by:
  4.  前記ENUM/DNSサーバの前記番号情報更新部は、前記外部データベースとの間で、ENUM/DNSプロトコルを用いて、前記詐欺番号情報および前記保護対象番号情報をリアルタイムに取得し、前記記憶部に記憶された前記詐欺番号情報および前記保護対象番号情報を更新すること
     を特徴とする請求項1乃至請求項3のいずれか一項に記載の詐欺被害防止システム。     The number information updating unit of the ENUM/DNS server acquires the fraudulent number information and the protected number information in real time from the external database using the ENUM/DNS protocol, and stores the information in the storage unit. The fraud damage prevention system according to any one of claims 1 to 3, wherein the fraud number information and the protected number information that have been received are updated.
  5.  前記呼処理サーバは、ガイダンス装置を備えており、
     前記呼処理サーバの前記詐欺防止処理部は、前記所定の詐欺被害防止処理として、詐欺被害を防止するためのガイダンスを前記ガイダンス装置から前記着信先装置に配信すること、詐欺被害を防止するためのガイダンスを前記ガイダンス装置から前記発信元装置に配信すること、前記接続要求の呼切断、の少なくともいずれかを実行すること
     を特徴とする請求項1乃至請求項4のいずれか一項に記載の詐欺被害防止システム。     The call processing server includes a guidance device,
    The fraud prevention processing unit of the call processing server, as the predetermined fraud prevention processing, distributes guidance for preventing fraud damage from the guidance device to the destination device; The fraud according to any one of claims 1 to 4, wherein at least one of delivering guidance from the guidance device to the originating device and disconnecting the connection request is performed. Damage prevention system.
  6.  発信元装置と着信先装置とを呼接続する呼処理サーバと、前記呼処理サーバに接続され、前記着信先装置の接続先情報の解決処理を行うENUM/DNSサーバとを備える詐欺被害防止システムの詐欺被害防止方法であって、
     前記呼処理サーバは、
     前記発信元装置から接続要求を受け付けると、当該発信元装置の発信元番号および前記着信先装置の着信先番号を付した警戒レベル判定要求を前記ENUM/DNSサーバに送信するステップと、
     前記ENUM/DNSサーバから、前記接続要求に関する警戒レベルの判定結果を受信し、前記警戒レベルに応じた所定の詐欺被害防止処理を行うステップと、を実行し、
     前記ENUM/DNSサーバは、
     詐欺対策の対象となる番号を示す詐欺番号が登録される詐欺番号情報、および、詐欺被害から保護する対象となるユーザの番号を示す保護対象番号が登録される保護対象番号情報を、外部データベースから所定の時間間隔で取得し、記憶部に記憶された前記詐欺番号情報および前記保護対象番号情報を更新するステップと、
     前記警戒レベル判定要求に付された前記発信元番号および前記着信先番号を用いて、前記発信元番号が前記詐欺番号情報または前記保護対象番号情報に登録されているか否か、前記着信先番号が前記詐欺番号情報または前記保護対象番号情報に登録されているか否かを判定することにより、前記接続要求の接続パターンを判別し、判別した接続パターンに応じて、詐欺被害が発生する可能性が高い程、より高いレベルの前記詐欺被害防止処理が必要と評価する警戒レベルを決定するステップと、を実行すること
     を特徴とする詐欺被害防止方法。     A fraud damage prevention system comprising: a call processing server that connects a call originating device and a destination device; A fraud damage prevention method,
    The call processing server
    receiving a connection request from the originating device, transmitting to the ENUM/DNS server an alert level determination request to which the originating number of the originating device and the destination number of the destination device are attached;
    a step of receiving, from the ENUM/DNS server, a warning level determination result regarding the connection request, and performing a predetermined fraud damage prevention process according to the warning level;
    The ENUM/DNS server,
    Fraud number information, in which fraud numbers are registered as fraud countermeasures, and protected number information, in which protected numbers are registered as user numbers to be protected against fraud, are retrieved from an external database. updating the fraudulent number information and the protected number information acquired at predetermined time intervals and stored in a storage unit;
    Using the caller number and the called party number attached to the alert level determination request, whether or not the caller number is registered in the fraudulent number information or the protected number information is determined. The connection pattern of the connection request is determined by determining whether or not it is registered in the fraudulent number information or the protected number information, and there is a high possibility that fraud damage will occur according to the determined connection pattern. A fraud damage prevention method characterized by: determining a vigilance level that evaluates that a higher level of fraud damage prevention processing is necessary than the above.
  7.  呼処理サーバに接続されるENUM/DNSサーバであって、
     前記ENUM/DNSサーバは、
     詐欺対策の対象となる番号を示す詐欺番号が登録される詐欺番号情報、および、詐欺被害から保護する対象となるユーザの番号を示す保護対象番号が登録される保護対象番号情報を記憶する外部データベースと接続されており、
     前記外部データベースから所定の時間間隔で前記詐欺番号情報および前記保護対象番号情報を取得し、記憶部に記憶された前記詐欺番号情報および前記保護対象番号情報を更新する番号情報更新部と、
     接続要求を受け付けた前記呼処理サーバから、発信元番号および着信先番号が付された警戒レベル判定要求を受信し、前記発信元番号が前記詐欺番号情報または前記保護対象番号情報に登録されているか否か、前記着信先番号が前記詐欺番号情報または前記保護対象番号情報に登録されているか否かを判定することにより、前記接続要求の接続パターンを判別し、判別した接続パターンに応じて、詐欺被害が発生する可能性が高い程、より高いレベルの詐欺被害防止処理が必要と評価する警戒レベルを決定する警戒レベル判定部と、
     を備えることを特徴とするENUM/DNSサーバ。     An ENUM/DNS server connected to a call processing server,
    The ENUM/DNS server,
    An external database that stores fraud number information in which fraud numbers indicating numbers to be targeted for fraud countermeasures are registered, and protected number information in which protected numbers indicating user numbers to be protected against fraud damage are registered. is connected with
    a number information updating unit that acquires the fraud number information and the protected number information from the external database at predetermined time intervals and updates the fraud number information and the protected number information stored in a storage unit;
    From the call processing server that accepted the connection request, whether a warning level determination request with a caller number and a called party number is received, and whether the caller number is registered in the fraudulent number information or the protected number information The connection pattern of the connection request is discriminated by determining whether the destination number is registered in the fraud number information or the protected number information. a vigilance level determination unit that determines a vigilance level that evaluates that a higher level of fraud damage prevention processing is required as the possibility of damage occurring increases;
    An ENUM/DNS server comprising:
  8.  コンピュータを、請求項7に記載のENUM/DNSサーバとして機能させるためのプログラム。 A program for causing a computer to function as the ENUM/DNS server according to claim 7.
PCT/JP2021/005978 2021-02-17 2021-02-17 Fraud suffering prevention system, fraud suffering prevention method, enum/dns server, and program WO2022176074A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/JP2021/005978 WO2022176074A1 (en) 2021-02-17 2021-02-17 Fraud suffering prevention system, fraud suffering prevention method, enum/dns server, and program
JP2023500193A JPWO2022176074A1 (en) 2021-02-17 2021-02-17

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2021/005978 WO2022176074A1 (en) 2021-02-17 2021-02-17 Fraud suffering prevention system, fraud suffering prevention method, enum/dns server, and program

Publications (1)

Publication Number Publication Date
WO2022176074A1 true WO2022176074A1 (en) 2022-08-25

Family

ID=82930351

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2021/005978 WO2022176074A1 (en) 2021-02-17 2021-02-17 Fraud suffering prevention system, fraud suffering prevention method, enum/dns server, and program

Country Status (2)

Country Link
JP (1) JPWO2022176074A1 (en)
WO (1) WO2022176074A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006033586A (en) * 2004-07-20 2006-02-02 Matsushita Electric Ind Co Ltd Ip phone system, ip phone and speech method
JP2010004268A (en) * 2008-06-19 2010-01-07 Oki Electric Ind Co Ltd Switching system, terminating-side telephone communication terminal, telephone system, relay switching device, and terminating-side switching device
JP2015015530A (en) * 2013-07-03 2015-01-22 トビラシステムズ株式会社 Call arrival management device, call arrival management system, and program
JP2016103800A (en) * 2014-11-28 2016-06-02 Necネッツエスアイ株式会社 Troublesome telephone repulsion system
US20200053205A1 (en) * 2018-08-10 2020-02-13 T-Mobile Usa, Inc. Scam call back protection

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006033586A (en) * 2004-07-20 2006-02-02 Matsushita Electric Ind Co Ltd Ip phone system, ip phone and speech method
JP2010004268A (en) * 2008-06-19 2010-01-07 Oki Electric Ind Co Ltd Switching system, terminating-side telephone communication terminal, telephone system, relay switching device, and terminating-side switching device
JP2015015530A (en) * 2013-07-03 2015-01-22 トビラシステムズ株式会社 Call arrival management device, call arrival management system, and program
JP2016103800A (en) * 2014-11-28 2016-06-02 Necネッツエスアイ株式会社 Troublesome telephone repulsion system
US20200053205A1 (en) * 2018-08-10 2020-02-13 T-Mobile Usa, Inc. Scam call back protection

Also Published As

Publication number Publication date
JPWO2022176074A1 (en) 2022-08-25

Similar Documents

Publication Publication Date Title
US8385524B2 (en) System and method for control of communications connections and notifications
US6768792B2 (en) Identifying call parties to a call to an incoming calling party
US7149296B2 (en) Providing account usage fraud protection
US8050394B2 (en) System and method for control of communications connections and notifications
JP3938237B2 (en) Internet telephone caller ID notification device
US8634528B2 (en) System and method for control of communications connections and notifications
US20030108162A1 (en) Managing caller profiles across multiple hold queues according to authenticated caller identifiers
US20070237319A1 (en) Intermediary Device Based Callee Identification
JP2001501402A (en) Unsubscribe from subscriber control call list
US20090097630A1 (en) Automatic Complaint Registration for Violations of Telephonic Communication Regulations with Call Rejection
US7130405B2 (en) Identifying a call made or received on behalf of another
US8249232B2 (en) System and method for control of communications connections
US8732190B2 (en) Network calling privacy with recording
US8577009B2 (en) Automatic complaint registration for violations of telephonic communication regulations
WO2022176074A1 (en) Fraud suffering prevention system, fraud suffering prevention method, enum/dns server, and program
US20120039456A1 (en) Methods and apparatuses related to a telephone call completion service
US20230008581A1 (en) Fraud damage prevention system, fraud damage prevention method, call processing server, enum / dns server, and program
US8848692B2 (en) Method and arrangement for providing VoIP communication
JP2011249995A (en) Logical number utilization method and application server
MX2008004156A (en) Blocking calls to destinations which are registered in a do-not-call database
AU2012200599A1 (en) &#34;Automatic complaint registration for violations of telephonic communication regulations with call rejection&#34;

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21926513

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2023500193

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21926513

Country of ref document: EP

Kind code of ref document: A1