Prior to completing a telephone call, a database is accessed within a telecommunications network to determine whether the call should be completed. The billing number to which the call is to be charged is compared to a customer record assigned to the billing number and stored in the database. The customer record is checked against a treatment category code which combines geographic call restrictions and thresholding. A call may be identified as potentially fraudulent and blocked if the customer record associated with the billing number indicates that the account is in arrears. In addition, at predetermined intervals during the progress of the call and at the end of each allowed call to be charged to that billing number, the time and/or cost of each call is estimated and added to the total stored in a user-defined threshold counter in the database. When the total stored in the counter exceeds a predetermined threshold limit, a potentially fraudulent call is identified. In this manner, call authorization is performed on a per call basis to prevent fraudulent telephone calls.

The method of confirming an identity of a person who requests a financial transaction utilizes a plurality of confirmatory processes. Some of these processes include a voice responsive interactive session, an interactive electronic data session, acquiring and comparing a third set of acquired data with data from the person, and acquiring and comparing nth sets of acquiring data with data from the person. Each confirmatory process has time and cost factors associated therewith. The processes are prioritized and correlated to external factors such as the frequency of inquiry, communications channel data, the communications device, random selection criteria and sampling rate criteria. The financial transaction request is processed and cleared or rejected. Some acquired data is stored data and has a nominal cost and a substantially instantaneous. Other types of data are acquired from commercial data sources. Representative time and cost factors are utilized in order to establish a hierarchy of confirmatory processes based upon the external factors.

The risk of fraud associated with access by a subscriber to a network (42) is managed by a system that includes a data base (46) that stores a record for each subscriber indicative of that subscriber's usage history and payment ability for each service to which that subscriber has access. Additionally, the subscriber's record also stores an individual service risk characteristic indicative of the risk of providing access by the subscriber to a particular service, as well as a composite risk characteristic indicative of an overall risk of access. In response to a request for access to a particular service by a subscriber, the data base (46) responds in accordance with the subscriber's individual service risk characteristic for the service sought as well as the composite risk characteristic. In this way, account is taken of the subscriber's usage and payment ability with respect to all services available to the subscriber, rather than the single service sought by the subscriber.

A method and apparatus for validating a terminal for access to a network that includes a central office having a memory for storing an equipment identity record and a local office having a memory for storing a subscriber record and an access count. The equipment identity record and the subscriber record each store an access authorization status of the terminal. Network access for the terminal is requested at the local office and a value of the access count at the local office is incremented when the value of the access count is less than a predetermined number. The access status of the terminal stored in the equipment identity record at the central office is requested by the local office when the terminal requests access for the first time or the value of the access count equals the predetermined number. The access authorization status of the terminal stored in the equipment identity record is sent to the local office in response to the request. The requested access status of the terminal is received at the local office and stored in the subscriber record. The value of the access count is reset in response to receiving the requested access status and access to the network is provided based on the access status stored in the subscriber record.