Everyone Likes to Complain About Robocalls

Are they willing to do anything about it?

By Alan Percy, CMO @TelcoBridges

Every time I’m in a social setting and I get asked about what I do for a career, the subject of illegal robocalls always dominates the discussion.   “What are you doing to stop them?”

I clearly remember a series of meetings with service providers a few years back, pitching them on solutions to the illegal robocall problem that could be solved with session border controller software.   They could not care less about the problem.   As much as consumers complained to the FCC about the problem, there was little that service providers could or would do about the problem.  They were getting paid to transit the calls and had little motivation to fix the problem.  It was someone else’s problem.

All that changed with the TRACED Act of 2019.

The TRACED act included a number of new tools and mandates:

Caller ID Authentication requiring the implementation of STIR/SHAKEN – this forced originating service providers to attach an Identity Token to the header of the call, with origination traceback information and an Attestation field that indicated whether the call could be trusted.

Call Blocking – prior to the TRACED act, service providers had to pass all traffic, essentially preventing them from screening call and preventing illegal robocalls from being delivered to consumers.  The Act allowed service providers to block suspicious traffic and indemnified them from prosecution for failing to delivering what they felt was a suspicious call.

Scam Call Protection – required the FCC to explore means to prevent One Ring Scams and protect hospitals from illegal calls.

Enforcement – the Act increased penalties, extended statute of limitations and other tools to help find and charge those generating and passing known illegal robocalls.

The first big milestone of the TRACED Act is almost upon us.  Service providers in the US are required to file their Robocall Mitigation Plans with the FCC by June 30th 2021.   The penalty for not filing a plan is having their traffic blocked by other providers after September 28th, 2021.

So all of a sudden, service providers are interested in dealing with illegal robocalls.

We discussed this in more details during a Cloud Communications Alliance webinar titled “Robocall Mitigation Compliance”, explaining the details of filing and impact of not filing a plan.

View the recording here:

Out-of-Band SHAKEN – Solving the adoption issues of STIR/SHAKEN

By Alan Percy, CMO @TelcoBridges

According to Metcalfe’s Law, “the effect of a telecommunications network is proportional to the square of the connected users”.   As service providers begin deploying STIR/SHAKEN, you can directly apply the law in determining the impact or effectiveness of protecting the integrity of the caller identity.  Without wide adoption, STIR/SHAKEN will have little value.

In the last few year there has been much progress on the legislative effort to mandate the implementation of STIR/SHAKEN, but the reality of doing so is much different.

Last month, we hosted a discussion with Jim Dalton from TransNexus on the challenges that smaller and mixed SIP/TDM service providers are having with STIR/SHAKEN Challengesimplementation of STIR/SHAKEN.  His first-hand experiences with service providers include:

  • The cost of upgrading their software and equipment to generate and verify SHAKEN identity tokens.
  • Tokens are blocked by softswitches or SBCs within the service provider network
  • Tokens that are lost in transport (on both SIP and TDM interconnects)
  • SIP over UDP packets become so large that they are fragmented
  • The destination softswitch or SBCs strip the SHAKEN identity tokens
  • Many rural and smaller service providers depend on TDM interconnects, unable to relay identity tokens

The result of any of the above is the same – an inability to pass or validate SHAKEN identity tokens, the service provider and all their subscribers are not part of the “square of the connected users”.   This means their subscriber’s calls may be blocked or ignored, and without callerID verification, makes them easy targets for spoofers and fraudsters.

So how do smaller and rural service providers participate in the STIR/SHAKEN solution?

Jim and his team have been working with the ATIS and others to devise an out-of-OOB SHAKEN Graphicband mechanism to deliver SHAKEN tokens via the Internet.   A seemingly simple solution to a complex problem, Out-of-Band SHAKEN uses HTTPS to deliver the identity token from the originating service provider’s Authentication Service (AS) to the terminating service provider’s Verification Service (VS).

Not only does this mechanism solve the issues with SIP softswitches, it also enables STIR/SHAKEN on TDM switches using media gateways.

There is much more detail covered in the recorded webinar in the TelcoBridges’ Video Library, along with past events on both STIR/SHAKEN and a range of other topics.

Both TelcoBridges and TransNexus have created a promotional bundle of services and software to help service providers implement Out-of-Band SHAKEN.   Request a consultation to learn how TelcoBridges and TransNexus can get your subscribers part of the “square of the connected users”.

NOW ON YOUTUBE: New Opportunities with Two Factor Authentication – A How To Webinar

Now available on YouTube, our “Build New Opportunities with 2FA – A How To” webinar where we explore Two Factor Authentication – more than just a means to confirm subscriber identities, 2FA is an opportunity for new revenue for service providers, offering it as a service to high-risk customers. Watch now here.