I think everybody can agree that the growth in spam and scam calling is a problem we would all love to reduce. This challenge is being tackled in the US in a way that will affect all Service Providers globally, given time.
The FCC (Federal Communications Commission) https://www.fcc.gov is concerned about the growth in nonsense calls and fraud and has begun to take a number of actions against offending parties. Recently, it officially tabled a proposal that could force carriers and service providers to implement the Stir/Shaken caller ID authentication framework by the end of the year.
STIR (Secure Telephony Identity Revisited) and SHAKEN (Secure Handling of Asserted information using tokens) jointly create an industry formulated system which defines how telephone service providers should implement to ensure calling numbers are not spoofed. The system demands that a service provider attest to the origination of the call, and give the call one of 3 different attestation levels depending on their knowledge of the originating caller.
Full Attestation (A) — The service provider has authenticated the calling party and they are authorised to use the calling number.
Partial Attestation (B) — The service provider has authenticated the call origination, but cannot verify the call source is authorized to use the calling number.
Gateway Attestation (C) — The service provider has authenticated from where it received the call, but cannot authenticate the call source
A number of vendors are offering solutions, you can read some examples here from Ribbon (https://ribboncommunications.com/solutions/service-provider-solutions/stirshaken) & TransNexus (https://transnexus.com/whitepapers/understanding-stir-shaken/).
The impact this might have on International Service Providers is best understood by reading the full submission to the FCC from the CCA (which I am proud to be a Director of). The submission outlines a fear that international calls may be mistakenly blocked or that end users will decide not to accept these calls as they will not fall into either category A or B. This also brings us into an interesting area of numbering where often the number provider maybe different to the Service Provider
I have also included the specific section of the submission related to International calls, below. Alternatively if you’d like to take a look at the full submission, you can find it here: https://www.cloudcommunications.com/cca-files-comments-with-the-fcc-on-behalf-of-hosting-telecom-providers/).
If you want to find out more about this topic we will have the CTO of the FCC, “Eric Berger” speaking at our Cloud Comms Summit in Washington. We have a regulatory track at the event dedicated to issues like this. Details can be found at: www.cloudcommssummit.com . In addition to our informative events, we are also working with some leading US regulatory firms who can provide advice and guidance on these challenges.
CCA Submission on International Calls:
“Many fraudulent or illegally spoofed calls originate in foreign countries. Domestic providers that receive international calls on their networks for termination may have no information regarding the originating caller or whether the caller has any authority to use the calling party number. The SHAKEN/STIR framework proposes to address this problem through the gateway attestation that is to be provided by the first domestic provider that receives the call on its network.
The gateway or C-level attestation simply certifies that the call has entered that provider’s network. It is unclear how C-level attestations would be presented to the domestic called party, if at all. CCA has many foreign companies that provide cloud-based VoIP and enterprise communications services to legitimate companies located in Europe and Asia. These companies would, of course, be concerned if their calls to the U.S. were blocked based on the level of attestation.
While countries have expressed interest in the SHAKEN/STIR model, global implementation remains a long-term goal. CCA would urge the Commission not to authorize blocking based solely on the foreign origin of the call. Determining whether a foreign-originated call is fraudulent or illegal will require review of various indicia. Moreover, foreign callers and their service providers must also have access to mechanisms to reverse erroneous call blocking.”