In the latest milestone in the U.S. government’s anti-robocall effort, phone companies are now prohibited from receiving calls from providers that have failed to meet a Federal Communications Commission deadline that passed this week.
Phone companies must now block traffic from other “voice service providers that have neither certified to the implementation of STIR/SHAKEN caller ID authentication standards nor filed a detailed robocall mitigation plan with the FCC.”
The Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted Information Using toKENs (SHAKEN) protocols verify the accuracy of caller identification by using digital certificates derived from public-key cryptography.
STIR/SHAKEN is now widely used in IP networks, as large telephone companies have been obliged to introduce it effective June 30 of this year.
Due to technological limitations, there was no need to implement STIR/SHAKEN on older TDM-based networks that still use copper fixed networks. FCC stated that providers that use older forms of network technology must either switch their networks to IP or actively work on developing a solution for authenticating caller identifiers that work on non-IP networks.
In addition, the FCC gave airlines with 100,000 or fewer customers until June 30, 2023, to comply with the STIR/ SHAKEN requirement, although the commission is planning to adjust that deadline earlier to June 30, 2022.
In 2020, the FCC authorized phone companies to block calls from certain “bad-actor upstream voice service providers” and cracked down on companies that act as “gateways” for foreign robotic callers.
As of Tuesday, 4,798 companies had filed in the Robocall Mitigation Database.
In addition, the U.S. Public Interest Research Group (PIRG) analyzed the 3,063 applications submitted by September 3 and found that “17 percent (536 companies) had completely implemented anti-robocall technology; 27 percent (817 companies) had partially implemented the technology; and 56 percent (1,710 companies) said they were not using the industry-standard technology but had resorted to their own methods to block robocalls.”
For more information, read the original story in Ars Technica.