The FCC has issued a Report and Order for use of third parties in the caller ID authentication process.
The Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted Information Using toKENs (SHAKEN) framework — which are used by the FCC and the industry — aims to ensure that bad actors don’t falsify caller ID information in order to trick those receiving a call into thinking it is legitimate.
Most providers are required to implement STIR/SHAKEN requirements on the IP portion of the network. In some cases, third parties are retained to perform these tasks. The Report and Order focuses on these companies.
“Strengthening requirements for third-party authentication solutions will allow providers to realize the economic benefits and efficiencies of working with third parties on the technical aspects of caller ID authentication while maintaining the integrity of the STIR/SHAKEN framework for the protection of consumers,” according to the FCC announcement.
STIR/SHAKEN rules are aimed at confronting a very big problem. In October, consumers received almost 4.9 billion robocalls, according to YouMail. This was an increase of 9.5% over September and 6.5% over October 2023, according to robocall research from YouMail. The fact that YouMail said that the news this year is relatively positive suggests just how massive the challenge is.
In August, John Haraburda — Director Product Management: Identity and Protection at Transaction Network Services (TNS) — told Telecompetitor that confronting the issue involves a complex system of authentication, verification, and reputation management.
He compared it to a high level of mail service: “When you see that Registered Mail label on an envelope, and the envelope is sealed, addressed, and stamped, you know it’s a safe piece of mail to deliver.”
Before today’s caller ID action, the FCC took a swipe at robocalls in August when it voted unanimously in favor of a new Notice of Proposed Rulemaking that seeks to improve the Robocall Mitigation Database. The goal is to protect consumers against robocalls that use artificial intelligence.
