`
`A RTM EXT 0]“ (TIE-'1}! {-ZRC E
`
`
`
`lfini‘tm‘i States: I’mam' and 'l'rs'sdmnm-E. 0mm-
`
`
`February 09, 2017
`
`
`
`
`THIS IS TO CERTIFY THAT ANNEXED IS A TRUE COPY FROM THE
`RECORDS OF THIS OFFICE OF THE FILE WRAPPER AND CONTENTS
`OF:
`
`
`
`
`APPLICATION NUMBER: 13/743,078
`FILING DATE: January 16, 2013
`PATENT NUMBER: 8755376
`
`
`
`ISSUE DATE: June 17, 2014
`
`
`
`
`
`
`
`Léndcr Secremry 0f Cmmncrcc
`fur Immmciual I’mpm‘t}
`and Director of the 1.3 :1 Had Sial‘tfi'fii
`3110111 and "I‘rademark Office
`
`
`(i‘u-nified by
`
`
` agu
`
`TW_0001 1 150
`
`TELESIGN EX1002
`Page 1
`
`
`
`Doc Code: TRACK1.REQ
`
`Document Description: TrackOne Request
`
`PTO/AlA/424 (09-12)
`
`CERTIFICATION AND REQUEST FOR PRIORITIZED EXAMINATION
`
`UNDER 37 CFR 1.102(e) (Page 1 of 1)
`
`Jeffrey 6- Lawson ——
`
`SYSTEM AND METHOD FOR PROCESSING TELEPHONY SESSIONS
`
`APPLICANT HEREBY CERTIFIES THE FOLLOWING AND REQUESTS PRIORITIZED EXAMINATION FOR
`THE ABOVE-IDENTIFIED APPLICATION.
`
`1. The processing fee set forth in 37 CFR 1.17(i), the prioritized examination fee set forth in 37
`CFR 1.17(c), and if not already paid, the publication fee set forth in 37 CFR 1.18(d) have been
`filed with the request. The basic filing fee, search fee, examination fee, and any required
`excess claims and application Size fees are filed with the request or have been already been
`paid.
`
`2. The application contains or is amended to contain no more than four independent claims and
`no more than thirty total claims, and no multiple dependent claims.
`
`3. The applicable box is checked below:
`
`I.
`
`“ Ori
`
`inal A lication Track One - Prioritized Examination under
`
`i.
`
`(a) The application is an original nonprovisional utility application filed under 35 U.S.C. 111(a).
`This certification and request is being filed with the utility application via EFS—Web.
`---OR---
`
`(b) The application is an original nonprovisional plant application filed under 35 U.S.C. 111(a).
`This certification and request is being filed with the plant application in paper.
`
`ii.
`
`The executed inventor's oath or declaration is filed with the application. (37 CFR 1.63 and 1.64)
`
`Re uest for Continued Examination - Prioritized Examination under
`
`1.102 e 2
`
`.
`
`'
`
`A request for continued examination has been filed with, or prior to, this form.
`If the application is a utility application, this certification and request is being filed via EFS—Web.
`The application is an original nonprovisional utility application filed under 35 U.S.C. 111(a), or is
`a national stage entry under 35 U.S.C. 371.
`. This certification and request is being filed prior to the mailing of a first Office action responsive
`to the request for continued examination.
`No prior request for continued examination has been granted prioritized examination status
`under 37 CFR1.102(e)(2).
`
`
`
`Mature /Jeffrey Schox/
`
`(“PimSTWJeffrey Schox
`
`Date 2013-01-16
`
`Petitioner
`Registration Number
`
`42445
`
`Note: This form must be signed in accordance with 37 CFR 1.33. See 37 CFR 1.4(d) for signature requirements and certifications.
`Submit multiple forms if more than one signature is required, see below".
`
`D *Total of
`
`forms are submitted.
`
`TELESIGN EX1002
`
`Page 2
`TW_00011151
`
`TELESIGN EX1002
`Page 2
`
`
`
`Privacy Act Statement
`
`The Privacy Act of 1974 (P.L. 93-579) requires that you be given certain information in connection with your
`submission of the attached form related to a patent application or patent. Accordingly, pursuant to the requirements of
`the Act, please be advised that: (1) the general authority for the collection of this information is 35 U.S.C. 2(b)(2); (2)
`furnishing of the information solicited is voluntary; and (3) the principal purpose for which the information is used by the
`US. Patent and Trademark Office is to process and/or examine your submission related to a patent application or
`patent.
`If you do not furnish the requested information, the US. Patent and Trademark Office may not be able to
`process and/or examine your submission, which may result in termination of proceedings or abandonment of the
`application or expiration of the patent.
`
`The information provided by you in this form will be subject to the following routine uses:
`
`1. The information on this form will be treated confidentially to the extent allowed under the Freedom of
`Information Act (5 U.S.C. 552) and the Privacy Act (5 U.S.C 552a). Records from this system of records may
`be disclosed to the Department of Justice to determine whether disclosure of these records is required by the
`Freedom of Information Act.
`
`2. A record from this system of records may be disclosed, as a routine use, in the course of presenting evidence
`to a court, magistrate, or administrative tribunal, including disclosures to opposing counsel in the course of
`settlement negotiations.
`3. A record in this system of records may be disclosed, as a routine use, to a Member of Congress submitting a
`request involving an individual, to whom the record pertains, when the individual has requested assistance from
`the Member with respect to the subject matter of the record.
`4. A record in this system of records may be disclosed, as a routine use, to a contractor of the Agency having
`need for the information in order to perform a contract. Recipients of information shall be required to comply
`with the requirements of the Privacy Act of 1974, as amended, pursuant to 5 U.S.C. 552a(m).
`5. A record related to an International Application filed under the Patent Cooperation Treaty in this system of
`records may be disclosed, as a routine use, to the International Bureau of the World Intellectual Property
`Organization, pursuant to the Patent Cooperation Treaty.
`6. A record in this system of records may be disclosed, as a routine use, to another federal agency for purposes
`of National Security review (35 U.S.C. 181) and for review pursuant to the Atomic Energy Act (42 U.S.C.
`218(0)).
`7. A record from this system of records may be disclosed, as a routine use, to the Administrator, General
`Services, or his/her designee, during an inspection of records conducted by GSA as part of that agency’s
`responsibility to recommend improvements in records management practices and programs, under authority of
`44 U.S.C. 2904 and 2906. Such disclosure shall be made in accordance with the GSA regulations governing
`inspection of records for this purpose, and any other relevant (i.e., GSA or Commerce) directive. Such
`disclosure shall not be used to make determinations about individuals.
`
`8. A record from this system of records may be disclosed, as a routine use, to the public after either publication of
`the application pursuant to 35 U.S.C. 122(b) or issuance of a patent pursuant to 35 U.S.C. 151. Further, a
`record may be disclosed, subject to the limitations of 37 CFR 1.14, as a routine use, to the public if the record
`was filed in an application which became abandoned or in which the proceedings were terminated and which
`application is referenced by either a published application, an application open to public inspection or an issued
`patent.
`9. A record from this system of records may be disclosed, as a routine use, to a Federal, State, or local law
`enforcement agency, if the USPTO becomes aware of a violation or potential violation of law or regulation.
`
`Page 2
`
`TELESIGN EX1002
`
`Page 3
`Tw_ooo11152
`
`TELESIGN EX1002
`Page 3
`
`
`
`DECLARATION AND ASSIGNMENT
`
`This combined Declaration and Assignment is in relation to the patent application
`
`entitled SYSTEM AND NIETHOD FOR PROCESSING TELEPHONY SESSIONS
`
`attorney docket TWIL—POl—U82 which was filed on 01 October 2012 and given
`
`application number 13 / 632,798.
`
`As the below named inventor, I hereby declare that:
`
`t
`
`I have reviewed and understand the contents and the claims of the patent
`
`application.
`
`I acknowledge the duty to disclose all information known to me to be material to
`
`the patentability of the claims of the patent application.
`
`I believe that I am the original inventor, or an ori ginal joint inventor, of a claimed
`
`invention in the patent application.
`
`° The patent application was made or authorized to be made by me.
`
`I hereby acknowledge that any willful false statement made in this declaration is
`
`punishable under 18 U.S.C. 1001 by fine or imprisonment of not more than (5) years,
`
`or both.
`
`Oct 3, 2012
`
`WHEREAS, Twilio, Inc. (“the assignee”), a state of Delaware corporation located at
`
`501 Folsom Street, 3rd Floor, San Francisco, California 94105 is desirous of acquiring
`
`an exclusive. right to the claimed invention.
`
`For valuable consideration that I acknowledge,
`
`I hereby sell and assign to the
`
`assignee the full and exclusive right and title to the invention,
`
`to all patent
`
`applications for the invention in the United States and in all other countries, and to
`
`all patents issued on the invention in the United States and in all other countries;
`
`and I hereby request the Director of the United States Patent and Trademark Office
`
`to issue all patents on the invention to the assignee.
`
`Executed by:
`
`Jeff Lawson
`
`“
`
`TELESIGN EX1002
`
`Page 4
`TW_00011153
`
`TELESIGN EX1002
`Page 4
`
`
`
`DECLARATION AND ASSIGNMENT
`
`This combined Declaration and Assignment is in relation to the patent application
`
`entitled SYSTEM AND NIETHOD FOR PROCESSING TELEPHONY SESSIONS
`
`attorney docket TWIL—POl—U82 which was filed on 01 October 2012 and given
`
`application number 13 / 632,798.
`
`As the below named inventor, I hereby declare that:
`
`t
`
`I have reviewed and understand the contents and the claims of the patent
`
`application.
`
`I acknowledge the duty to disclose all information known to me to be material to
`
`the patentability of the claims of the patent application.
`
`I believe that I am the original inventor, or an ori ginal joint inventor, of a claimed
`
`invention in the patent application.
`
`° The patent application was made or authorized to be made by me.
`
`I hereby acknowledge that any willful false statement made in this declaration is
`
`punishable under 18 U.S.C. 1001 by fine or imprisonment of not more than (5) years,
`
`or both.
`
`Oct 8, 2012
`
`WHEREAS, Twilio, Inc. (“the assignee”), a state of Delaware corporation located at
`
`501 Folsom Street, 3rd Floor, San Francisco, California 94105 is desirous of acquiring
`
`an exclusive. right to the claimed invention.
`
`For valuable consideration that I acknowledge,
`
`I hereby sell and assign to the
`
`assignee the full and exclusive right and title to the invention,
`
`to all patent
`
`applications for the invention in the United States and in all other countries, and to
`
`all patents issued on the invention in the United States and in all other countries;
`
`and I hereby request the Director of the United States Patent and Trademark Office
`
`to issue all patents on the invention to the assignee.
`
`Executed by:
`
`John Wolthuis
`
`23.2; “
`
`TELESIGN EX1002
`
`Page 5
`TW_00011154
`
`TELESIGN EX1002
`Page 5
`
`
`
`DECLARATION AND ASSIGNMENT
`
`This combined Declaration and Assignment is in relation to the patent application
`
`entitled SYSTEM AND NIETHOD FOR PROCESSING TELEPHONY SESSIONS
`
`attorney docket TWIL—POl—U82 which was filed on 01 October 2012 and given
`
`application number 13 / 632,798.
`
`As the below named inventor, I hereby declare that:
`
`t
`
`I have reviewed and understand the contents and the claims of the patent
`
`application.
`
`I acknowledge the duty to disclose all information known to me to be material to
`
`the patentability of the claims of the patent application.
`
`I believe that I am the original inventor, or an ori ginal joint inventor, of a claimed
`
`invention in the patent application.
`
`° The patent application was made or authorized to be made by me.
`
`I hereby acknowledge that any willful false statement made in this declaration is
`
`punishable under 18 U.S.C. 1001 by fine or imprisonment of not more than (5) years,
`
`or both.
`
`Oct 3, 2012
`
`WHEREAS, Twilio, Inc. (“the assignee”), a state of Delaware corporation located at
`
`501 Folsom Street, 3rd Floor, San Francisco, California 94105 is desirous of acquiring
`
`an exclusive. right to the claimed invention.
`
`For valuable consideration that I acknowledge,
`
`I hereby sell and assign to the
`
`assignee the full and exclusive right and title to the invention,
`
`to all patent
`
`applications for the invention in the United States and in all other countries, and to
`
`all patents issued on the invention in the United States and in all other countries;
`
`and I hereby request the Director of the United States Patent and Trademark Office
`
`to issue all patents on the invention to the assignee.
`
`Executed by:
`
`Evan Cooke
`
`TELESIGN EX1002
`
`Page 6
`TW_00011155
`
`TELESIGN EX1002
`Page 6
`
`
`
`SYSTEM AND METHOD FOR PROCESSING TELEPHONY SESSIONS
`
`TWIL—Po1-US4
`
`CROSS-REFERENCE TO RELATED APPLICATIONS
`
`[0001]
`
`This application is a continuation of co-pending US Patent Application
`
`number 13/632,798, filed 01 October 2012, which is a continuation of US Patent
`
`application number 12/417,630, filed 02 April 2009, now issued as US Patent Number
`
`8,306,021, which claims the benefit of US Provisional Application number 61/041,829
`
`filed 02 April 2008; US Provisional Application number 61/055,417 filed on 22 May
`
`2008, US Provisional Application number 61/ 100,578 filed on 26 September 2008, US
`
`Provisional Application number 61/ 156,746 filed on 02 March 2009, and US Provisional
`
`Application number 61/ 156,751 filed on 02 March 2009, which are all incorporated in
`
`their entirety by this reference.
`
`TECHNICAL FIELD
`
`[0002]
`
`This invention relates generally to the telephony field, and more
`
`specifically to a new and useful system and method for processing telephony sessions in
`
`the telephony field.
`
`BACKGROUND
`
`[0003]
`
`In the last decade,
`
`legislation and the advent of Voice over Internet
`
`Protocol
`
`(VOIP) have
`
`revolutionized the
`
`communication industry with new
`
`technologies, business models, and service providers. Software and commodity
`
`Page 1 of 45
`
`TELESIGN EX1002
`
`Page 7
`TW_00011156
`
`TELESIGN EX1002
`Page 7
`
`
`
`TWIL-P01-US4
`
`hardware now provide an alternative to expensive carrier equipment. One can
`
`implement extensible call switching and voice application logic in Open source software
`
`applications, such as Asterisk and FreeSwitch. These new application stacks, however,
`
`usher in new complexities and challenges, requiring new skill sets to deploy, develop,
`
`and maintain. Deploying telephony services requires knowledge of voice networking and
`
`codecs, hardware or services to bridge servers to the public phone infrastructure, capital
`
`investment in hardware, and ongoing collocation of that hardware. These burdens are a
`
`mere prerequisite to developing the actual application, which requires developers to
`
`train in new languages,
`
`tools, and development environments. Even telephony
`
`applications that currently try to leverage a model more similar to web-development
`
`such as Voice Extensible Markup Language (VoiceXML), require the dedication to learn
`
`a new language and understand telephony interaction. Ongoing operation and
`
`maintenance of these services requires teams to adopt new analysis tools, performance
`
`metrics, and debugging methodologies. Developing even the simplest of voice services
`
`(such as a so-called “phone tree”) requires significant upfront and ongoing investment
`
`in specialized infrastructure, skills, and operations. Thus,
`
`there is a need in the
`
`telephony field to create a new and useful system and method for processing telephony
`
`sessions. This invention provides such a new and useful system and method.
`
`SUMMARY
`
`[0004]
`
`The method of the preferred embodiment for processing telephony
`
`sessions include the steps of communicating with an application server using an
`
`Page 2 of 45
`
`TELESIGN EX1002
`
`Page 8
`TW_00011157
`
`TELESIGN EX1002
`Page 8
`
`
`
`TWIL-Po1—US4
`
`application layer protocol, processing telephony instructions with a call router, and
`
`creating call router resources accessible through an Application Programming Interface
`
`(API). The method and system of the preferred embodiments enables web developers to
`
`use their existing skills and tools with the esoteric world of telephony, making telephony
`
`application development as easy as web programming. The method and system use the
`
`familiar web site visitor model to interact with a web developer’s application, with each
`
`step of the phone call analogous to a traditional page view. Within this model,
`
`developers reuse their existing tools and techniques, including familiar concepts such as
`
`H'I'I‘P redirects, accessing resources through an API, cookies, and mime-type responses
`
`to construct complex telephony applications. The method of processing telephony
`
`instructions and creating call router resources accessible through an API (a call router
`
`API) cooperatively function to enable a stateless and simple telephony language with
`
`more call router resources and information provided through the call router (preferably
`
`a REST API as is familiar to many web developers). In one embodiment, the telephony
`
`instructions set may have fewer than dozen verbs, simplifying the language so that
`
`developers can quickly learn and implement telephony applications, while the call
`
`router API compliments the simple telephony instructions to enable complex telephony
`
`applications.
`
`BRIEF DESCRIPTION OF THE FIGURES
`
`[0005]
`
`FIGURE 1 is a flowchart representation of a preferred method of the
`
`invention.
`
`Page 3 of 45
`
`TELESIGN EX1002
`
`Page 9
`TW_00011158
`
`TELESIGN EX1002
`Page 9
`
`
`
`TWIL-Po1-US4
`
`[0006]
`
`FIGURES 2A, 2B, 3A and 3B are schematic representations of preferred
`
`embodiments of the invention.
`
`[0007]
`
`FIGURES 4A — 4C are examples of a HTTP GET request, a HTTP POST
`
`request, and a HTTP GET request, respectively.
`
`[0008]
`
`FIGURES 4D — 4F are examples of a HTTP requests.
`
`[0009]
`
`FIGURES 5A and 5B are examples of XML responses.
`
`[0010]
`
`FIGURE 6 is an example of a call Router request and response.
`
`[0011]
`
`FIGURES 7-15 are schematic representations of various applications that
`
`incorporate the principals of the preferred method of the invention.
`
`[0012]
`
`FIGURE 16 is a flowchart representation of the sub-steps relating to the
`
`digital signature aspect of the preferred method of the invention.
`
`DESCRIPTION OF THE PREFERRED EMBODIMENTS
`
`[0013]
`
`The following description of the preferred embodiments of the invention is
`
`not intended to limit the invention to these preferred embodiments, but rather to enable
`
`any person skilled in the art to make and use this invention.
`
`
`1.
`Method for Processing Telephony Sessions
`
`[0014]
`
`As shown in FIGURES 1, 2A, 2B, 3A, and 3B, the method 10 of the
`
`preferred embodiment
`
`for processing telephony sessions
`
`include the steps of
`
`communicating with an application server using an application layer protocol S110,
`
`processing telephony instructions with a call router S120, and creating call router
`
`Page 4 of 45
`
`TELESIGN EX1002
`
`Page 10
`TW_0001 1 159
`
`TELESIGN EX1002
`Page 10
`
`
`
`TWIL-P01-US4
`
`resources accessible through an Application Programming Interface (API) S130. The
`
`preferred method may also include other steps and/ or sub-steps, as explained below.
`
`
`1A.
`Communicating with an Application Server
`
`[0015]
`
`As shown in FIGURE 1, the step of communicating with an application
`
`server using an application layer protocol S110 preferably includes the following sub-
`
`steps: initiating a telephony session S1, mapping a call to a Universal Resource Identifier
`
`(URI) S3, sending a request to a server associated with the URI S5, processing the
`
`request corresponding to the state of a telephony session S7, and receiving a response
`
`from the server S9. One of the challenges of using the familiar web site visitor model is
`
`that a third party web application may expose URIs that contain sensitive data or that
`
`suggest actions that could maliciously manipulate the application database. In the
`
`preferred embodiment, the call router cryptographically signs outbound requests to
`
`customer web applications using an account-specific key. More specifically, the step of
`
`communicating with the application server includes the additional steps of digitally
`
`signing the request parameters S4 and verifying the digital signature of the request
`
`parameters S6. Only the call router and the application server know that key, so any
`
`request that includes parameters (URL, POST data, headers, etc) signed with that key
`
`can be checked for authenticity before allowing such operations. This method also
`
`provides verification of authenticity over insecure links (HTI‘P) with low CPU overhead.
`
`[0016]
`
`Step S1, which recites initiating a telephony session, functions to accept an
`
`incoming message. The message is preferably a call from a PSTN—connected (Public
`
`Switched Telephone Network) or Internet addressable devices, such as landline phones,
`
`Page 5 of 45
`
`TELESIGN EX1002
`
`Page 11
`TW_0001 1 160
`
`TELESIGN EX1002
`Page 11
`
`
`
`TWIL-Po1—US4
`
`cellular phones, satellite phones, Voice-Over-Internet—Protocol (VOIP) phones, SIP
`
`devices, Skype, Gtalk, or any other suitable PSTN-connected or Internet addressable
`
`voice device. The message may alternatively be a Short Message Service (SMS) message.
`
`A SMS gateway server may alternatively connect to a SMS network through a Short
`
`Message Service Center (“SMS-C”), directly to the Signaling System #7 (SS7) telephony
`
`network, or by any other suitable SMS gateway provider, and the message is preferably
`
`received from the gateway by the call router and translated into a format (such as a URI)
`
`that can be sent over the public Internet such as HTI‘P, based on the recipient address of
`
`the SMS, such as a short code, or Direct Inward Dialing (DID), or other suitable unique
`
`recipient identifier. The message may alternatively be a multimedia message, a facsimile
`
`transmission, an email, or any other suitable messaging medium. The originating phone
`
`number of the PSTN device is preferably captured using caller ID, but any other suitable
`
`ID may be captured, such as a VOIP provider ID, SMS device number, email address, or
`
`a short code. The dialed phone number, the EIN, and/ or billing identifier, and/or the
`
`date and time of the call are also preferably included in the session information. An
`
`authentication ID may additionally or alternatively be included in the session
`
`information.
`
`[0017]
`
`In one variation, Step S1 also functions to initiate a telephony session
`
`(such as a phone call) via an HTTP or other request sent to a call router from an
`
`application running on a third-party server. In this variation, the application running on
`
`the server preferably specifies an initial URI for the call router to use for telephony
`
`session in step S3, as well as the phone number (or other addressable destination) to
`
`Page 6 of 45
`
`TELESIGN EX1002
`
`Page 12
`TW_00011161
`
`TELESIGN EX1002
`Page 12
`
`
`
`TWIL-Po1—US4
`
`dial and the source phone number (caller id). In this variation, the call router API is
`
`preferably used by the application server to request an outgoing call from the call router.
`
`[0018]
`
`Step S3, which recites mapping the call to a Universal Resource Identifier
`
`(URI), functions to enable a telephony session to be converted into a format that may be
`
`handled with standard web servers and web applications. The mapping is preferably
`
`performed using a call router. The initial URI is preferably pre-specified at the call
`
`router by a web application (which may be running on a third party server) or call router
`
`account owner. More preferably, the initial URI is assigned to the call via a unique
`
`identifier for the call destination, such as a DID (Direct Inbound Dial) phone number, or
`
`a VOIP SIP address. The URI may alternatively be specified by a remote server or other
`
`suitable device or method. In one variation, the URI may be used to encapsulate state
`
`information or a portion of state information from the initiated telephony session, such
`
`as the originating phone number, the dialed phone number, the date and time of the
`
`call, geographic location of the caller (e.g. country, city, state, and/or zip), and/ or the
`
`unique call ID. The information included in the URI may be included in the form of a
`
`URI
`
`template.
`
`For
`
`example
`
`the
`
`URI
`
`default
`
`template
`
`could
`
`be:
`
`http: // demo.twilio.com/myapp/ {dialed phone number}/{originating phone number} or
`
`http: //demo.twilio.com/myapp/foo.php?dialed_number={dialed
`
`phone
`
`number}&
`
`originating_number={originating phone number}.
`
`[0019]
`
`Step S4 functions to digitally sign the request parameters. As shown in
`
`FIGURE 16, Step S4 preferably determines the call router account owner and, more
`
`preferably, looks up the account owner’s unique ID or secret key and signs a set of
`
`Page 7 of 45
`
`TELESIGN EX1002
`
`Page 13
`TW_0001 1 162
`
`TELESIGN EX1002
`Page 13
`
`
`
`TWIL-Po1—US4
`
`request parameters. Step S4 is preferably accomplished by generating a cryptographic
`
`hash of the request parameters, preferably including the URI as well as any request body
`
`parameters (in the case of an HTTP POST, for example) with the unique key associated
`
`with the call router account owner. The cryptographic hash is preferably generated by
`
`appending the hash of the request parameters to the original set of request parameters.
`
`The hash is preferably appended to a URL, but if the hash is particularly long (i.e. for a
`
`very large number of parameters) the hash may be included in an HTTP header, where
`
`there is no limitation on size. In a variation of Step S4, at least one sensitive parameter
`
`may be individually encrypted using the account owner’s secret key before the hash is
`
`processed. In another variation, a cryptographic credential delegation system, such as
`
`Oauth (oauth.net), may alternatively be used to electronically sign the request.
`
`[0020]
`
`Step S5 functions to send the request to a server. Preferably, the request is
`
`sent to a URI and, more preferably, the request is sent to the URI mapped in S3. The
`
`request preferably includes a cryptographic hash computed from the set of request
`
`parameters (acting as a digital signature), but the request may alternatively include
`
`individually encrypted request parameters if the parameters are determined to contain
`
`sensitive data. The server is preferably a third party server and, more preferably, the
`
`server is running a web application. The request is preferably sent to a server over a
`
`network. In one variation, the request is sent to a local server on a local area network. In
`
`another variation,
`
`the request
`
`is sent
`
`to a server running locally on the device
`
`originating the call. In yet another variation, the request may be sent to multiple servers.
`
`The request preferably encapsulates at least a portion of the state information from the
`
`Page 8 of 45
`
`TELESIGN EX1002
`
`Page 14
`TW_0001 1 163
`
`TELESIGN EX1002
`Page 14
`
`
`
`TWIL-Po1—US4
`
`initiated telephony session, such as the originating phone number, the dialed phone
`
`number, the date and time of the call, geographic location of the caller (e.g. country, city,
`
`and/ or state, zip), and/or the unique call ID. The request, more preferably, encapsulates
`
`all the state information of the call, but may alternatively include no state information or
`
`partial state information. The state information from the initiated telephony session is
`
`preferably sent via HTTP POST in the request body, HTTP GET in the request URI,
`
`HTTP header parameters to mimic the data flow of a web browser, or by any
`
`combination or suitable alternative way. If new state information is generated in the
`
`course of the operation of the call router, a request to the application server is preferably
`
`made to communicate the new state and to request new telephony instructions.
`
`Preferably, new state information is not kept or acted upon internally by the call router,
`
`but is passed to the application server for processing. Alternatively, partial state
`
`information is preferably stored on the call router until a fully updated state is achieved,
`
`and then communicated to the application server. For example, the application server
`
`may specify that multiple digits should be pressed on the keypad, not just one, before
`
`new call state is derived and communicated to the application server. In one variation,
`
`the information from the initiated telephone session may be a web-form submission
`
`included in the HTTP POST request. The request may include any state information
`
`from the telephony session, such as the originating phone number, the dialed phone
`
`number, the date and time of the call, and/or the unique call ID, the current status of
`
`the phone call (pending, in-progress, completed, etc.), or the results of a telephony
`
`action,
`
`including Dual Tone Multi Frequency (DTMF) digit processing, or a
`
`Page 9 of 45
`
`TELESIGN EX1002
`
`Page 15
`TW_0001 1 164
`
`TELESIGN EX1002
`Page 15
`
`
`
`TWIL-Po1—US4
`
`representation of or a link to a sound recording, or the status of the last command, or
`
`other call state. Examples of a HTTP GET request, a HTTP POST request, and a HTTP
`
`GET request are shown in FIGURES 4A, 4B, and 4C, respectively. Further examples of
`
`HTTP communication used for SMS messaging are shown in FIGURES 4D, 4E, and 4F.
`
`The HTTP request (or any suitable request communication) to the server preferably
`
`observes the principles of a RESTful design. RESTful is understood in this document to
`
`describe a Representational State Transfer architecture as is known in the art. The
`
`RESTful HTTP requests are preferably stateless, thus each message communicated from
`
`the call router to the application server preferably contains all necessary information for
`
`operation of the application server and response generation of the application server.
`
`The call router and/or the application server preferably do not need to remember or
`
`store previous communications to be aware of the state. Documents, media, and
`
`application state are preferably viewed as addressable resources, combined with data
`
`provide to the resource via request parameter, such as H'ITP GET or HTTP POST
`
`parameters, or request body contents. Such request data may include an updated
`
`representation of the call resource, or other call state data generated as a result of call
`
`router operation, such as digits pressed on the keypad or audio recordings generated.
`
`State information included with each request may include a unique call identifier, call
`
`status data such as whether the call is in—progress or completed, the caller ID of the
`
`caller, the phone number called, geographic data about the callers, and/ or any suitable
`
`data. However, a varying level of a RESTful communication (statelessness) may be used,
`
`such as by using cookies, session tracking, or any suitable devices to simulate a normal
`
`Page 10 of 45
`
`TELESIGN EX1002
`
`Page 16
`TW_0001 1 165
`
`TELESIGN EX1002
`Page 16
`
`
`
`TWIL-Po1—US4
`
`website visitor model. Preferably, data sent with each request may fully enable the
`
`application server to determine the next state of the call to execute. RESTfulness
`
`preferably does not preclude using external datasource, such as a database, to lookup
`
`additional data to log call meta data, or determine application logic.
`
`[0021]
`
`Step S6 functions to verify the digital signature of the request parameters.
`
`As shown in FIGURE 13, after the request is received at the server, the request
`
`parameters are preferably checked and/or parsed for a hash. The cryptographic hash is
`
`preferably included in the URL of an HTTP request, but may alternatively be included in
`
`the HTTP header of the request. If the request does not include a hash, and the web
`
`application server has enabled the hash function checking as a security measure, the
`
`request is preferably determined to be fraudulent, which would include — for example —
`
`malicious requests, mis-routed requests, corrupted requests and any other requests not
`
`intended for the application server. If the set of request parameters includes a hash, the
`
`hash is preferably extracted from the request, and the secret key of the customer web
`
`application (i.e. the same key that is stored on the call router as the customer account
`
`secret key) is preferably used to generate a server side cryptographic hash of the
`
`parameters received. The server side cryptographic hash is preferably compared to the
`
`hash included with the request and if the hashes do not match, the request is preferably
`
`determined to be fraudulent. However, if the server side cryptographic hash matches the
`
`request hash, the request is preferably determined to be authentic and ready for further
`
`processing at the application server. In the variation mentioned above in Step S4, where
`
`sensitive parameters may have been encrypted using the secret key, Step S6 preferably
`
`Page 11 of 45
`
`TELESIGN EX1002
`
`Page 17
`TW_0001 1 166
`
`TELESIGN EX1002
`Page 17
`
`
`
`TWIL-Po1—US4
`
`includes decrypting the sensitive parameter