Are SHAKEN and STIR Protocols the Answer to Preventing Robocalls?

Posted by Ken Babcock on Aug 30, 2017 10:04:28 AM
Find me on:

Wikipedia defines Robocalls as follows:

A “robocall” is a phone call that uses a computerized autodialer to deliver a pre-recorded message, as if from a robot.

Robocalls are often associated with political and telemarketing phone campaigns, but can also be used for public-service or emergency announcements. Some robocalls use personalized audio messages to simulate an actual personal phone call.

This is the good news.

Unfortunately, robocalls are all too often blatantly geared to relentless selling of a product or service that is not wanted by the person receiving such calls.

When the entity placing the robocalls uses “spoofing” of CallerID information the annoyance level grows.

Wikipedia defines caller ID spoofing as follows

Caller ID spoofing is the practice of causing the telephone network to indicate to the receiver of a call that the originator of the call is a station other than the true originating station. For example, a Caller ID display might display a phone number different from that of the telephone from which the call was placed. The term is commonly used to describe situations in which the motivation is considered malicious by the speaker or writer.

In addition, the Voice Over IP (VoIP) network provides ample resources to be exercised with user software and associated hardware devices to configure what is transmitted in call signaling as seen in terms of both Caller ID and Caller Name.

This is only illegal in the United States when the practice is utilized to defraud or cause harm to the recipient. There are penalties and fines for illegal use but the practice of blocking CallerID and Caller Name information is still legal in the US for anyone wishing to protect their own anonymity for whatever reason.

Lately, I have noticed from a personal basis that the spoofing of CallerID is done using popular local exchange numbers for restaurants and other local business establishments that the call recipient frequents.

Over the last year, there have been some fairly effective responses made to the crying need for better tools to identify “bad callers”.

In late 2016, an industry-wide Strike Force authorized by the FCC accelerated the work “to introduce standards to verify and authenticate caller identification for calls carried over an Internet Protocol (IP) network. These standards are known as SHAKEN (Signature-based Handling of Asserted information using toKENs) and STIR (Secure Telephony Identity Revisited)”.

These protocols work by being built into SIP-based signaling such that any originating number associated with an individual call must be authenticated before a call is placed on the network.

Unfortunately, the use of the new standards is still very much in its infancy and the costs required for implementation have to be borne by service providers, some of whom have very limited resources to do so. 

Early results from this introductory work being done with the protocols in this area are promising but there are issues surrounding the introduction and implementation of the tools on a large-scale across the industry that still need to be evaluated before anyone can rest assured that “robocalls” are a thing of the past.

It is obvious that federal and state legislators and/or regulators may need to get involved to bring the issue to the attention of the public on a wide-scale basis in order to make the standards an integral part of the services provided and not something that has to be paid for by the individual user on an elective basis.  

In the meantime. There are other efforts underway such as the United States Telephone Associations’ DNO (Do Not Originate) program which has proven effective in blocking a small subset of “bad caller” originating numbers.

In another area of involvement the Industry Traceback (ITB) Group has provided additional hope that effective measures can be taken to limit the potential for unlimited growth of “bad” robocalls by an interested group of some seventy (70) service providers working together to collect “bad caller” lists to be blocked upon origination by tracing suspected bad calls placed upstream through a series of service provider networks.

In any event, there are financial as well as individual personal protection issues that must be resolved before an ongoing effective solution can be crafted and implemented world-wide.

Topics: SS7, robocalls, SIP