Systems and methods for phone number certification and verification
Abstract
Methods, systems, apparatuses, and computer-readable storage mediums are described for issuing digital certificates to phone numbers and verifying phone numbers based on the digital certificates. For instance, a client may request from a certificate authority a digital certificate to be associated with the client's phone number. The certificate authority issues a phone number challenge to the client to verify that the request did in fact come from the client. The certificate authority signs and issues the digital certificate to the client responsive to a successful challenge. The digital certificates are utilized to exchange messages between a caller and call recipient to determine whether a phone number provided via CLI is accurate or inaccurate. Embodiments described herein determine whether the phone number is accurate using a process referred herein as positive CLI verification and determines whether the phone number is inaccurate using a process referred herein as negative CLI verification.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method in a server for associating a digital certificate with a phone number associated with a client, comprising:
receiving a request from the client for a signed digital certificate, the request specifying the phone number associated with the client; determining a phone number verification process from a plurality of phone number verification processes based on the request; providing, to the client, a phone number verification request in accordance with the determined phone number verification process, the phone number verification request specifying a first verification code; responsive to receiving a second verification code, determining whether the second verification code matches the first verification code; and in response to determining that the second verification code matches the first verification code, providing the signed digital certificate to the client.
2 . The method of claim 1 , further comprising:
in response to determining that the second verification code does not match the first verification code or in response to determining that no second verification code is received, denying the request for the signed digital certificate.
3 . The method of claim 1 , further comprising:
in response to determining that the second verification code matches the first verification code:
generating and signing the digital certificate; and
providing the signed, digital certificate to a lookup service that enables the signed, digital certificate to be searchable and retrievable by a plurality of requesting entities.
4 . The method of claim 3 , wherein the signed, digital certificate comprises at least one of the phone number associated with the client or a uniform resource identifier associated with a relay server.
5 . The method of claim 1 , wherein the plurality of different phone number verification processes comprises a short message service (SMS)-based verification process, and wherein said providing the phone number verification request comprises:
providing, to the client, the phone number verification request as an SMS-based text message comprising the first verification code via a first communication channel; and receiving the second verification code via a second communication channel that is different than the first communication channel.
6 . The method of claim 1 , wherein the plurality of different phone number verification processes comprises an audio code-based verification process, and wherein said providing the phone number verification request comprises:
initiating, via a first communication channel, a telephonic communication session with the client; responsive to the telephonic communication session being accepted, providing the first verification code as an auditory code via the telephonic communication session; and receiving the second verification code via a second communication channel that is different than the first communication channel.
7 . The method of claim 6 , wherein the request further specifies the phone number verification process.
8 . A method implemented by a client associated with a call recipient, comprising:
extracting a phone number from an incoming phone call; querying a server for a pending message that is intended for the call recipient; responsive to receiving the pending message, determining whether the extracted phone number matches a phone number included in the message; in response to determining that the extracted phone number matches the phone number included in the message, causing a first notification to be outputted by the client specifying that the incoming phone call is from a legitimate caller; and responsive to receiving no message or in response to determining that the extracted phone number does not match the phone number included in the message, determining whether the incoming phone call is from an illegitimate caller.
9 . The method of claim 8 , wherein said determining whether the incoming phone call is from an illegitimate caller comprises:
providing a verification message to a relay server based on a uniform resource identifier specifying the relay server, the verification message inquiring whether the incoming phone call originated from the extracted phone number; responsive to receiving a response to the verification message specifying that the incoming phone call originated from the extracted phone number, causing the first notification to be outputted by the client; and responsive to receiving a response to the verification message specifying that the incoming phone call did not originate from the extracted phone number, causing a second notification to be outputted by the client specifying that the incoming phone call is from an illegitimate caller.
10 . The method of claim 9 , wherein the uniform resource identifier is included in a digital certificate associated with the extracted phone number.
11 . The method of claim 9 , wherein the verification message comprises a digital signature that authenticates the identity of the call recipient, and wherein the signed digital certificate comprises a phone number of the call recipient.
12 . The method of claim 11 , wherein the signed digital certificate further comprises a uniform resource identifier specifying a relay server that is associated with the call recipient.
13 . The method of claim 11 , wherein the response to the verification message is received from the relay server associated with the call recipient.
14 . The method of claim 9 , wherein at least one of the first notification or the second notification comprises at least one of:
a visual indicator outputted via a display screen associated with the client; or an audio indicator outputted via a speaker associated with the client.
15 . The method of claim 10 , wherein the digital certificate is retrieved from a lookup service that maintains a plurality of digital certificates and a plurality of uniform resource identifiers that are associated with a plurality of different phone numbers.
16 . A computing device, comprising:
at least one processor circuit; and at least one memory that stores program code configured to perform a method when executed by the at least one processor circuit, the method comprising:
extracting a phone number from an incoming phone call;
querying a server for a pending message that is intended for a call recipient associated with the computing device;
responsive to receiving the pending message, determining whether the extracted phone number matches a phone number included in the message;
in response to determining that the extracted phone number matches the phone number included in the message, causing a first notification to be outputted by the computing device specifying that the incoming phone call is from a legitimate caller; and
responsive to receiving no message or in response to determining that the extracted phone number does not match the phone number included in the message, determining whether the incoming phone call is from an illegitimate caller.
17 . The computing device of claim 16 , wherein said determining whether the incoming phone call is from an illegitimate caller comprises:
providing a verification message to a relay server based on a uniform resource identifier specifying the relay server, the verification message inquiring whether the incoming phone call originated from the extracted phone number; responsive to receiving a response to the verification message specifying that the incoming phone call originated from the extracted phone number, causing the first notification to be outputted by the computing device; and responsive to receiving a response to the verification message specifying that the incoming phone call did not originate from the extracted phone number, causing a second notification to be outputted by the computing device specifying that the incoming phone call is from an illegitimate caller.
18 . The computing device of claim 17 , wherein the uniform resource identifier is included in a digital certificate associated with the extracted phone number.
19 . The computing device of claim 17 , wherein the verification message comprises a digital signature that authenticates the identity of the call recipient, and wherein the signed digital certificate comprises a phone number of the call recipient.
20 . The computing device of claim 19 , wherein the signed digital certificate further comprises a uniform resource identifier specifying a relay server that is associated with the call recipient.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.