Search

US-20260129439-A1 - IDENTITY VERIFICATION FOR CALL-BASED PROTECTED DATA TRANSMISSION OVER NETWORK

US20260129439A1US 20260129439 A1US20260129439 A1US 20260129439A1US-20260129439-A1

Abstract

A processing system may connect, via a communication network, a call between an endpoint device of a user and an agent system associated with an individual. The processing system may next obtain a voice sample of the individual via the call and verify an identity of the individual, where the verifying comprises matching the voice sample of the individual to a voice signature of the individual. The processing system may then detect a disclosure of sensitive data by the user via the endpoint device, authorize the disclosure of the sensitive data via the endpoint device to the agent system, based upon the verifying of the identity of the individual via the matching of the voice sample of the individual to the voice signature of the individual, and transmit the sensitive data to the agent system, in response to the authorizing of the disclosure of the sensitive data.

Inventors

  • EARL BERNER
  • John Tadlock
  • Daniel Solero

Assignees

  • AT&T INTELLECTUAL PROPERTY I, L.P.
  • AT&T MOBILITY II LLC

Dates

Publication Date
20260507
Application Date
20241105

Claims (20)

  1. 1 . A method comprising: connecting, by a processing system including at least one processor via a communication network, a call between an endpoint device of a user and an agent system associated with an individual; obtaining, by the processing system, a voice sample of the individual via the call; verifying, by the processing system, an identity of the individual, wherein the verifying comprises matching the voice sample of the individual to a voice signature of the individual; detecting, by the processing system, a disclosure of sensitive data by the user via the endpoint device; authorizing, by the processing system, the disclosure of the sensitive data via the endpoint device to the agent system, based upon the verifying of the identity of the individual via the matching of the voice sample of the individual to the voice signature of the individual; and transmitting, by the processing system, the sensitive data to the agent system, in response to the authorizing of the disclosure of the sensitive data.
  2. 2 . The method of claim 1 , wherein the processing system comprises a network-based processing system deployed in the communication network.
  3. 3 . The method of claim 1 , wherein the processing system is a component of the endpoint device.
  4. 4 . The method of claim 1 , wherein the verifying comprises matching a hashed version of the voice sample of the individual to a hashed version of the voice signature of the individual.
  5. 5 . The method of claim 4 , further comprising: hashing the voice sample of the individual to generate the hashed version of the voice sample.
  6. 6 . The method of claim 1 , wherein the sensitive data is transmitted in a hashed format.
  7. 7 . The method of claim 6 , further comprising: hashing the sensitive data to generate the sensitive data in the hashed format.
  8. 8 . The method of claim 1 , wherein the voice signature of the individual is obtained via a prior network-based communication between the endpoint device of the user and the agent system.
  9. 9 . The method of claim 1 , wherein the sensitive data comprises at least one of: credit card information; a social security number; account information; a license number; a passport number; a username; an email address; a password; a personal identification number; a name; street address information; or a date of birth.
  10. 10 . The method of claim 1 , wherein the detecting of the disclosure of the sensitive data by the user comprises: detecting, within call data of the call, that the individual is asking for the sensitive data.
  11. 11 . The method of claim 1 , wherein the detecting of the disclosure of the sensitive data by the user comprises: detecting, within call data of the call, speech of the user indicative that the sensitive data is being disclosed.
  12. 12 . The method of claim 1 , further comprising: presenting a notification via the endpoint device of the verifying of the identity of the individual; and obtaining a user input granting a permission to transmit the sensitive data to the agent system, wherein the authorizing of the disclosure of the sensitive data is further based upon the obtaining of the user input granting the permission to transmit the sensitive data to the agent system.
  13. 13 . The method of claim 1 , wherein the verifying of the identity of the individual is further based on one or more system identifiers associated with the agent system.
  14. 14 . The method of claim 13 , wherein the one or more system identifiers comprise one or more of: a phone number; an international mobile equipment identifier; or an internet protocol address.
  15. 15 . The method of claim 1 , wherein the transmitting of the sensitive data to the agent system is via the call.
  16. 16 . The method of claim 1 , wherein the transmitting of the sensitive data to the agent system is out-of-band from the call.
  17. 17 . The method of claim 1 , wherein the matching of the voice sample of the individual to the voice signature of the individual is via a machine learning model implemented by the processing system.
  18. 18 . The method of claim 1 , wherein the authorizing of the disclosure of the sensitive data via the endpoint device to the agent system is via a machine learning model implemented by the processing system.
  19. 19 . A non-transitory computer-readable medium storing instructions which, when executed by a processing system including at least one processor, cause the processing system to perform operations, the operations comprising: connecting, via a communication network, a call between an endpoint device of a user and an agent system associated with an individual; obtaining a voice sample of the individual via the call; verifying an identity of the individual, wherein the verifying comprises matching the voice sample of the individual to a voice signature of the individual; detecting a disclosure of sensitive data by the user via the endpoint device; authorizing the disclosure of the sensitive data via the endpoint device to the agent system, based upon the verifying of the identity of the individual via the matching of the voice sample of the individual to the voice signature of the individual; and transmitting the sensitive data to the agent system, in response to the authorizing of the disclosure of the sensitive data.
  20. 20 . An apparatus comprising: a processing system including at least one processor; and a computer-readable storage medium storing instructions which, when executed by the processing system when deployed in a communication network, cause the processing system to perform operations, the operations comprising: connecting, via a communication network, a call between an endpoint device of a user and an agent system associated with an individual; obtaining a voice sample of the individual via the call; verifying an identity of the individual, wherein the verifying comprises matching the voice sample of the individual to a voice signature of the individual; detecting a disclosure of sensitive data by the user via the endpoint device; authorizing the disclosure of the sensitive data via the endpoint device to the agent system, based upon the verifying of the identity of the individual via the matching of the voice sample of the individual to the voice signature of the individual; and transmitting the sensitive data to the agent system.

Description

The present disclosure relates generally to communication network-based call security, and more particularly to methods, computer-readable media, and apparatuses for transmitting sensitive data from a user endpoint device to an agent system during a call based upon a verification of an identity of an individual associated with the agent system via a matching of a voice sample of the individual obtained via the call to a voice signature of the individual. BACKGROUND Various types of businesses provide customer service agents for handling a variety of customer-facing issues. For example, a communication network service provider may staff a call center with customer service agents for handling issues relating to billing, service disruption, adding and removing features from service plans, endpoint device troubleshooting, and so forth. In some cases, customers may contact the communication network service provider by a telephone call to the customer call center. In other cases, the communication network service provider may provide access to customer service agents via other communication channels, e.g., video calls or the like. Other entities may provide similar call centers where customers may interact with organization agents/representatives for a variety of issues. Often, these calls involve the disclosure of various types of sensitive data, such as account numbers, credit card numbers, and so forth. SUMMARY In one example, the present disclosure provides a method, computer-readable medium and apparatus for transmitting sensitive data from a user endpoint device to an agent system during a call based upon a verification of an identity of an individual associated with the agent system via a matching of a voice sample of the individual obtained via the call to a voice signature of the individual. For example, a processing system including at least one processor may connect, via a communication network, a call between an endpoint device of a user and an agent system associated with an individual. The processing system may next obtain a voice sample of the individual via the call and verify an identity of the individual, where the verifying comprises matching the voice sample of the individual to a voice signature of the individual. The processing system may then detect a disclosure of sensitive data by the user via the endpoint device, authorize the disclosure of the sensitive data via the endpoint device to the agent system, based upon the verifying of the identity of the individual via the matching of the voice sample of the individual to the voice signature of the individual, and transmit the sensitive data to the agent system, in response to the authorizing of the disclosure of the sensitive data. BRIEF DESCRIPTION OF THE DRAWINGS The present disclosure can be readily understood by considering the following detailed description in conjunction with the accompanying drawings, in which: FIG. 1 illustrates one example of a system including a communication service provider network, according to the present disclosure; FIG. 2 illustrates a flowchart of an example method for transmitting sensitive data from a user endpoint device to an agent system during a call based upon a verification of an identity of an individual associated with the agent system via a matching of a voice sample of the individual obtained via the call to a voice signature of the individual; and FIG. 3 illustrates a high-level block diagram of a computing device specially programmed to perform the steps, functions, blocks and/or operations described herein. To facilitate understanding, identical reference numerals have been used, where possible, to designate identical elements that are common to the figures. DETAILED DESCRIPTION The present disclosure broadly discloses methods, non-transitory (i.e., tangible or physical) computer-readable media, and apparatuses for transmitting sensitive data from a user endpoint device to an agent system during a call based upon a verification of an identity of an individual associated with the agent system via a matching of a voice sample of the individual obtained via the call to a voice signature of the individual. For example, customers, e.g., subscribers, may contact a customer call center of a communication network for various issues relating to billing, service disruption, adding and removing features from service plans, endpoint device troubleshooting, and so forth. The customers may contact the customer call center via telephone, video call, or the like. Other entities may provide similar call centers where customers may interact with organization agents/representatives for a variety of issues. Often, these calls involve the disclosure of various types of sensitive data, such as account numbers, credit card numbers, and so forth. Existing techniques to prevent bad actors in this space include blocking calls from telephone numbers that are known to be sources of spam, fraud, etc., blocking connection