One of the first steps to combat unwanted spam robocalls is to authenticate the call and alert customers that an incoming call is — or isn’t — actually coming from the number that comes up on Caller ID, or whether it is spoofed to disguise its origin. While this doesn’t prevent the robocall itself, the recipient at least has more information to help them decide whether or not to answer it.
AT&T and T-Mobile US have announced that they are now using the STIR/SHAKEN framework to provide cross-network call authentication that will notify their users as to whether a call’s ID is verified. The acronym means Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted Information Using toKENs (SHAKEN). Service providers have been testing STIR/SHAKEN over the last several years and implementing the framework on their own networks, as well as beginning to work with other network providers on cross-network validation of calls — so that no matter where a call originates, its identity can be verified.
As T-Mobile US and AT&T describe it, a call that originates on either network and is illegally spoofed will fail the SHAKEN/STIR Caller ID verification, and it will not be marked as verified. If it is marked as “verified,” that confirms that the call is actually coming from the identified number or entity on the Caller ID.
“While authentication won’t solve the problem of unwanted robocalls by itself, it is a key step toward giving customers greater confidence and control over the calls they answer,” the two carriers said in a joint release, adding that “More calls will be verified over time as more device providers participate, and as more network providers implement the standards.”
AT&T had also previously announced cross-network similar efforts with Charter Communications; T-Mobile US was the first to launch its STIR/SHAKEN-based Caller Verified service, back in January of this year, and already is doing cross-network validation with Comcast.
AT&T noted that it is using SHAKEN/STIR data to feed directly into its Call Protect product, in order to strengthen the algorithms that detect and automatically block suspect calls. In July, AT&T announced that it was adding its Call Protect service to all new AT&T Mobility lines at no charge, and that the service would also be added to existing accounts over a few months. It has already added spam alerts to some lines, in which it identified potential “nuisance calls” as “spam risk” to users as they come in. Customers are notified by SMS when fraud blocking is added. Users can also proactively add Call Protect by either downloading it as an app or turning it on in their myAT&T account settings.
The FCC has made combatting unwanted robocalls a major area of focus; some experts have estimated that half of U.S. mobile traffic this year will be scam calls. AT&T credited new FCC rules as part of the reason that it can go ahead and proactively block calls suspected of being fraudulent. The agency said earlier this year that carriers could “immediately start offering call-blocking programs by default, based on any reasonable analytics designed to identify unwanted calls, so long as consumers are given the choice to opt out.”
Last month, at a Federal Communications Commission event focusing on efforts to fight robocalls, representatives of a number of major service providers discussed their ongoing efforts to test and implement the STIR/SHAKEN framework for providing consumers with verification and notification about the origination of incoming calls.
