By Alan Percy, CMO @TelcoBridges
This last week, we participated in ITEXPO 2022, a giant step towards returning to normalcy. The last ITEXPO event TelcoBridges participated in was in February 2020 and I can clearly remember the empty booths, reserved for exhibitors from the far-east. Nobody had any idea what was coming or the impact it would make on our nation and industry. Despite the challenges of the last two years, it does appear that attendance for events has sprung back, with excellent attendance on both the show floor and in the sessions.
So, on to the topic at hand:
Wednesday morning of the show, I participated in a panel discussion titled “STIR/SHAKEN Will Decrease Robocalls But There’s Much More To Be Done”. I was joined by Jim Brewer, Peerless Network; Alec Fenichel, TransNexus; Jim Tyrell, Transaction Network Services; and moderated by Phil Edholm, PKE Consulting.
We started the session with a reminder of what STIR/SHAKEN can and cannot do.
What STIR/SHAKEN can do:
-
- Provide proof where the call originated
- Attaches a unique identifier to each call, improving traceback
- Conveying the level of attestation (A, B or C) assigned by the originator of the call
- Provide information to the terminating service provider on whether the calling party information is trustworthy and the attestation level
STIR/SHAKEN cannot:
-
- Determine the intent of the caller (why are they trying to call?)
- Block calls based on behavior or intent
Alec shared some STIR/SHAKEN statistics from data collected by TransNexus, showing a significant uptick in May of 2022. The number of calls that were signed and carried SHAKEN Passports rose to nearly 40% of all traffic. Still, over 70% of calls were not signed, often the result of TDM transport or origination.
Despite these improving numbers, illegal robocalls continue to plague subscribers. The panel explored the source of illegal call and those with STIR/SHAKEN attestation. How does happen? Data leads us to a few scenarios:
-
- Those wishing to send illegal robocalls have found that using TDM operators (currently exempt from implementing STIR/SHAKEN) is a means to get their traffic to their targets. This traffic typically does not carry an attestation. The FCC has mandated that TDM operators must support STIR/SHAKEN this June, but many are nowhere near ready.
- Weak Know-your-customer checks by some service providers allows illegal traffic to get into the network. A case study from the Cloud Communications Alliance found that bad actors will use stolen identities to gain access.
- There are a small number of “Sign for hire” operators that will sign any traffic that crosses their network, irrespective of the origin.
- That spreading their traffic across many number/operators (AKA snowshowing), the bad actors avoid detection.
In summary, it is incumbent on operators that either originate traffic or act as a gateway into the North American PSTN to play an active role in supervising the traffic from their networks. Now that STIR/SHAKEN is mandated, better attention to the vetting process, robocall mitigation, and call traceback are the cure for an endless game of “whack-a-mole” and stamping out the spammers.
Want to learn more? There is a host of information on STIR/SHAKEN solutions from TelcoBridges and our partners here