At an FCC summit on robocalls, major service providers discussed their progress on testing and implementation of the SHAKEN/STIR specifications aimed at combatting robocalls and illegal call spoofing.
The STIR/SHAKEN specifications aim to authenticate and verify the identity of the party that is calling, including a visual notification to the person receiving the call that the call has been verified. As Chris Wendt, who helped author the standards, described, STIR falls under the auspices of the ITF, which handles standards related to internet protocols; and SHAKEN refers to the U.S. and North America-specific phone numbering plans, policy and interfaces wrapped in to the overall framework.
“We call it a framework because … we’re sort of building the house,” said Wendt, who is also director of technical research and Development for IP communications at Comcast. “We’re building the structure right now, and as we evolve, as we identify bad actors, as we figure out how to solve all the different call use cases and scenarios, we can integrate those tools into this framework.”
He went on to add that STIR/SHAKEN focuses primarily on “protecting and trusting the telephone identity” — i.e., that the call is coming from the entity it purports to be coming from and is not spoofed — or if it is spoofed, that spoofing is for a legitimate purpose, such as appointment reminders from doctors’ offices or notification calls from school districts. It is not a “silver bullet” to stop all unwanted robocalls.
“You’re not going to be able to determine from SHAKEN/STIR whether the call is illegitimate or legitimate, or what the intent was … or what the content of the call is,” Wendt noted.
Representatives from a number of large U.S. service providers have been implementing STIR/SHAKEN, with some partnerships already publicly announced. During a panel session on Thursday, updates from service providers included:
-T-Mobile US has been working on a “comprehensive suite of call protection” for several years, during which it also joined the standards-based anti-robocall efforts, according to Kathleen Foster, core networks engineering director, T-Mobile US. Its work in those areas helped it put in place the structure to support SHAKEN, she added, and it announced last year that it was “network ready, fully deployed, just waiting for someone to test or to launch with us,” she said. Foster said that T-Mobile US is “in various stages of testing” with several of the other companies participating in the panel, and that in January of this year, the carrier launched the first device that would support a visual SHAKEN-based display of authentication of an incoming call for end users, as well as a launch of cross-network robocall protection with Comcast.
“As we get through our testing with the rest of the carriesr, we plan to launch more devices and more partners throughout the year,” Foster added.
-Verizon’s Jeff Haltom, senior manager at Verizon Headquarters Planning, said that the carrier’s SHAKEN/STIR efforts this year have come in three areas: it has deployed capabilities for STIR/SHAKEN on its cloud platform so that its infrastructure is ready; it has focused on upgrades to that infrastructure for smooth interaction between the network and its customers; and it engaged with other service providers so that it would “be in a status of either design, implementation or production implementation” of STIR/SHAKEN for cross-network calls. In addition, he said, a Verizon-to-Verizon call today on Voice over LTE takes advantage of STIR/SHAKEN.
-For AT&T, 100% of its consumer VOIP calls that originate on its network are authenticated now, and it expects that nearly all of the calls that originate on its IP network will be authenticated by the end of the year — including FirstNet and prepaid users, according to Linda Vandeloop, AVP of external Affairs/regulatory at AT&T and the chair of the Secure Telephone Identity Governance Authority Board. She said that A&TT is exchanging verified traffic with one other service provider, will be adding a second by next month and its testing with a third while also preparing to test with others as they become ready. In addition, STIR/SHAKEN information will be used by the end of the year in AT&T’s Call Protect service for customers.
– Vonage has been upgrading code on its core board of controllers which will service all of its inbound and outbound calls that come through its network, according to Alex Eatedali, director of engineering for core network and voice at the company. He said that Vonage has tested that against its customizations and solutions for various lines of business, and that it is very close to beginning testing with partners, which should happen this week or next week.
-Comcast has fully deployed STIR/SHAKEN in its residential networks and is working on doing the same for its other businesses. It has made public announcements of cross-network STIR/SHAKEN partnerships with T-Mobile US and AT&T and is in testing with “another handful of providers,” according to Wendt.