Computing > Security

US FCC requires implementation of STIR/SHAKEN protocol to combat Robo-calls

(1/2) > >>

DrG:
https://www.fcc.gov/call-authentication

https://www.cnn.com/2021/07/02/tech/robocall-prevention-stir-shaken/index.html
https://transnexus.com/whitepapers/stir-and-shaken-overview/

From what I gather, this is a certificate-based authentication system that will, later in Sept. (two years later for small wireless carriers), require blocking of spoofed caller-ID. Techniques to be able to do this are now required.

I notice that some carriers are already touting their part in the war against robocalls, e.g., https://www.verizon.com/business/products/contact-center-cx-solutions/voice-security/stir-shaken-caller-id-identification/

Naturally, worries include, accidental or otherwise inaccurate blocking and missed blocking (leading to false authentication).

It will be interesting to see how this plays out.

RPM:
Also interesting to watch how the SaaS messaging services navigate these requirements and how they ensure compliance. Recent interactions on the topic with Twilio (top tier provider) and Plivo (mid tier provider) have revealed these companies still have some work to do to get their act together. 

TimFox:
I can't wait!  I am so damned tired of spoofed caller-ID numbers that are not only in my area code, but also in my exchange.  I once asked a sub-continental voice where he was located, since his phone number appeared to come from my block--like the police telling the baby-sitter that the evil call comes from inside the house.

Stray Electron:
   I didn't read the article but let's just say that I'm skeptical.  The FCC has NEVER been involved in regulating the telecommunications industry in the US. Telecommunications in the US has always been regulated through state agencies and the (completely in-effective) USG's FTC. IF the FCC is allowed to make rules, then it will be a fundamental shift in the regulatory authority of the Telecommunications Industry in the US.

  The "spoofing" of phone numbers was originally allowed specifically so allow police in the US to make undercover phone calls without giving away the true origin of their phone calls. But since then the US phone companies have allowed anyone with money to do the same.

  Even if the FCC makes rules, how are they going to enforce that on companies making spoof calls from outside of the US?

TimFox:
Telecommunications in the US has been assigned to the FCC since the Communications Act of 1934.  States do not have the authority to regulate interstate commerce.

Navigation

[0] Message Index

[#] Next page

There was an error while thanking
Thanking...
Go to full version