STIR/ SHAKEN Combats Robocalls with Caller ID Verification

How many times a day do you ignore your phone because you don’t recognize the number? Or, are you tempted to answer because the call looks like it is local? Either way, we all hate answering only to hear an automated robocall about a car warranty or insurance. Unfortunately, consumers in the U.S. get around 4 billion robocalls a month. In June 2021, the Federal Communications Commission (FCC) will be implementing new standards called STIR/ SHAKEN so that consumers can have faith that the number calling is actually who they say they are. So what is STIR/ SHAKEN, and how will it impact telecommunications and IT? Here are 3 things to know about the new standards.

Spoofed calls have long been a problem.

We’ve long recognized that robocalls with spoofed called IDs were a major problem in the telecom industry. A spoofed call happens when a caller disguises their number and usually replaces it with a local number to gain the consumer’s trust and potentially steal information. Let’s be honest–these calls are also incredibly obnoxious and lead businesses and customers to lose trust in phone calls. Thankfully, Congress passed the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act in 2019 and mandated the implementation of the Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted Information Using Tokens (SHAKEN) standards. The creative name was inspired by Ian Fleming’s character James Bond for his distinct preparation instructions for his favorite adult beverage.

STIR/ SHAKEN will validate numbers.

STIR and SHAKEN are tools that prevent illegal calls and ensure the security of the calling number. A STIR/SHAKEN solution involves a series of protocols to ensure a caller ID has not been spoofed. It works as a simple two-step verification process. First, the originating telephone service provider authenticates the call and sends a digitally signed identity token. Then, the terminating service provider verifies the signature and token and, if successfully verified, informs their subscriber that this is a verified call. Providers will need to implement STIR/ SHAKEN protocols by June 30, 2021.

There may be some complications around implementation.

Although STIR/ SHAKEN is great news for consumers, some companies might be experiencing headaches as the protocols get implemented. For one, if the originating provider has already implemented the new protocols, but the terminating provider has not, calls might be dropped. Furthermore, STIR/ SHAKEN is only operational on Internet Provider (IP) networks. This means that if a provider uses a network other than IP, they will have to take steps to make sure consumers have the same protections. This might mean upgrading to IP or developing a phone number verification on non-IP networks.

Once implemented, we will hopefully answer our phones again and know that the person on the other end is who they say they are. While it still doesn’t guarantee that the end-user will actually take your call, at least your car warranty worries will be a thing of the past.

ProfitComm Chats: Voice of the Vendor with CommandLink

How ThreatBlockr Coupled with Your SIEM Will Enhance Your Security Stack

Cyber intelligence is the proactive way to defend your company, and ThreatBlockr is the game changer that blocks every threat. Adding ThreatBlockr to your SIEM will enhance your security stack.

ProfitComm Chats: Voice of the Vendor with Data Canopy

Learn more about cloud and colocation services through Data Canopy.

How To Use Microsoft Office As A Collaboration Tool

Have you ever asked, am I getting everything I can out of Microsoft 365? Here’s how to use Microsoft 365 as a collaboration tool.

How Text and SMS Can Reach Your Customers, Better

At ProfitComm, we’ve been noticing that a lot of companies are now using text messages and SMS to reach their clients. Using SMS and texts in your communications can reach your customers where they are.

How Managed Help Desk and Cybersecurity Work Together

A help desk allows your team to respond to cyber threats faster and better. Here is how managed help desk and cybersecurity work together.