Author Topic: US FCC requires implementation of STIR/SHAKEN protocol to combat Robo-calls  (Read 1033 times)

0 Members and 1 Guest are viewing this topic.

Offline DrG

  • Super Contributor
  • ***
  • Posts: 1021
  • Country: us
https://www.fcc.gov/call-authentication

https://www.cnn.com/2021/07/02/tech/robocall-prevention-stir-shaken/index.html
https://transnexus.com/whitepapers/stir-and-shaken-overview/

From what I gather, this is a certificate-based authentication system that will, later in Sept. (two years later for small wireless carriers), require blocking of spoofed caller-ID. Techniques to be able to do this are now required.

I notice that some carriers are already touting their part in the war against robocalls, e.g., https://www.verizon.com/business/products/contact-center-cx-solutions/voice-security/stir-shaken-caller-id-identification/

Naturally, worries include, accidental or otherwise inaccurate blocking and missed blocking (leading to false authentication).

It will be interesting to see how this plays out.
- Invest in science - it pays big dividends. -
 

Offline RPM

  • Newbie
  • Posts: 3
  • Country: us
Also interesting to watch how the SaaS messaging services navigate these requirements and how they ensure compliance. Recent interactions on the topic with Twilio (top tier provider) and Plivo (mid tier provider) have revealed these companies still have some work to do to get their act together. 
 

Offline TimFox

  • Super Contributor
  • ***
  • Posts: 3186
  • Country: us
  • Retired, now restoring antique test equipment
I can't wait!  I am so damned tired of spoofed caller-ID numbers that are not only in my area code, but also in my exchange.  I once asked a sub-continental voice where he was located, since his phone number appeared to come from my block--like the police telling the baby-sitter that the evil call comes from inside the house.
 

Online Stray Electron

  • Super Contributor
  • ***
  • Posts: 1194
   I didn't read the article but let's just say that I'm skeptical.  The FCC has NEVER been involved in regulating the telecommunications industry in the US. Telecommunications in the US has always been regulated through state agencies and the (completely in-effective) USG's FTC. IF the FCC is allowed to make rules, then it will be a fundamental shift in the regulatory authority of the Telecommunications Industry in the US.

  The "spoofing" of phone numbers was originally allowed specifically so allow police in the US to make undercover phone calls without giving away the true origin of their phone calls. But since then the US phone companies have allowed anyone with money to do the same.

  Even if the FCC makes rules, how are they going to enforce that on companies making spoof calls from outside of the US?
 

Offline TimFox

  • Super Contributor
  • ***
  • Posts: 3186
  • Country: us
  • Retired, now restoring antique test equipment
Telecommunications in the US has been assigned to the FCC since the Communications Act of 1934.  States do not have the authority to regulate interstate commerce.
 

Offline Marco

  • Super Contributor
  • ***
  • Posts: 5230
  • Country: nl
Even if the FCC makes rules, how are they going to enforce that on companies making spoof calls from outside of the US?
By fining the first company to route it inside the US border? If it's not signed and signals an US phone number it shouldn't be allowed to come into the country, problem solved. Run an ingress filter or get fined into oblivion.
 

Online I wanted a rude username

  • Frequent Contributor
  • **
  • Posts: 525
  • Country: au
  • ... but this username is also acceptable.
Pretty sure the spammers here just use VoIP services with Australian dial-out numbers. They appear as Australian land-line or mobile numbers. This mechanism wouldn't block them.
 

Offline Marco

  • Super Contributor
  • ***
  • Posts: 5230
  • Country: nl
Pretty sure the spammers here just use VoIP services with Australian dial-out numbers. They appear as Australian land-line or mobile numbers. This mechanism wouldn't block them.

If the VoIP service can't spoof and does business with scammers it will get blocked by carrier anti-spam services almost immediately assuming the carriers are allowed to offer them (which they are in the US AFAIK). Even if not, people will be instantly suspicious of unknown numbers which is why scammers try to use recipient area codes or worse. Spoofing is pretty much necessary for scam calls, people have gotten too suspicious.
« Last Edit: July 10, 2021, 02:54:38 pm by Marco »
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf