On November 5, 2018, FCC Chairman Ajit Pai sent letters to phone providers demanding that they respond within two weeks with their plans to implement a robust call authentication system to combat illegal caller ID spoofing. Chairman Pai’s letters asked the carriers who have not yet established concrete plans for protection of their customers by use of the Signature-based Handling of Asserted Information Using toKENs (“SHAKEN”) and the Secure Telephone Identity Revisited (“STIR”) standards to do so without delay.
The SHAKEN/STIR framework provides that calls travelling through interconnected phone networks would be “signed” by originating carriers for legitimacy and would be validated by other carriers prior to reaching the consumer. This framework provides for digital validation of phone calls passing through these interconnected phone networks, and creates a procedure for the phone company to verify that a call is genuine.
The FCC began its inquiry in July 2017, seeking public input on the best way to establish a reliable verification system for Caller ID. In May of 2018, Chairman Pai accepted the recommendations of the North American Numbering Council regarding the implementation of SHAKEN/STIR. Industry stakeholders then created a governance authority for implementing SHAKEN/STIR. The governance authority consists of stakeholder members who are determining policies to ensure the trustworthiness of carriers and their calls and to allow these carriers to “sign” these calls originating on their networks.
After these policy determinations have been made, a policy administrator will be established to certify the carriers who are authorized to approve a call as legitimate. Next, certification authorities will be chosen to provide “keys” that will be used to digitally stamp a call as legitimate. Some carriers will start signing before this process is complete, but a complete operational system will allow all carriers to attest to the validity of calls from start to finish by signing calls with their digital keys, or conversely, not signing calls which are deemed illegitimate.
This call authentication framework would erode the ability for callers to illegally spoof their Caller ID, and would allow consumers and law enforcement a tool to more readily identify the source of illegal robocalls, thus reducing their overall impact. The FCC is also considering further steps after the implementation of the SHAKEN/STIR framework, including allowing voice providers the right to block the delivery of unsigned/improperly signed calls to consumers.
Chairman Pai stated “If it does not appear that this system is on track to get up and running next year, then we will take action to make sure that it does.” Further, the FCC will ensure widespread deployment if the industry starts to fall behind; thus, carriers would be best served to begin compliance with the SHAKEN/STIR framework as soon as readily possible.