Ribbon Communications (News - Alert) announced this week that Intrado, a global provider of technology-enabled services, has chosen Ribbon Call Trust for STIR/SHAKEN compliance. The Ribbon Call Trust is a comprehensive solution designed to validate a caller's identity, intent, and reputation to mitigate fraud, nuisance, and robocalls.
"Fraudsters and bad actors are becoming increasingly adept at conducting sophisticated, wide-scale attacks on enterprise communications systems, so we needed a solution that would provide our customers advanced security and protection against various IP-based telephony attacks and annoying nuisance and robocalls," said Juan Rosero, Vice President of Technology for Intrado (News - Alert). "Ribbon's Call Trust solution delivers carrier-grade technology that enables us to have our calls signed and verified to ensure they are from legitimate sources. In addition to protecting our customers, we are also complying with the FCC (News - Alert)'s mandate to implement the STIR/SHAKEN standard."
STIR/SHAKEN is an industry-standard that stands for (Secure Telephony Identity Revisited) STIR / (Signature-based Handling of Asserted information using toKENs) SHAKEN. The goal of STIR/SHAKEN is to restore the end user's confidence and trust in receiving phone calls by enabling service providers to authenticate, sign and verify caller identity to protect their customers from malicious attacks, nuisance, and robocalls. The Federal Communications Commission (FCC) has mandated that US service providers, unless granted an exception, implement the STIR/SHAKEN standard by June 30, 2021.
STIR is the proposed standard developed by the Internet Engineering Task Force (IETF) that defines a signature to verify the calling number and specifies how it will be transported in SIP "on the wire." SHAKEN is the framework document developed by the Alliance for Telecommunications Industry Solutions (ATIS (News - Alert))/SIP Forum IP-NNI task force to provide an implementation profile for service providers implementing STIR. STIR/SHAKEN will be the basis for verifying calls, classifying calls, and facilitating the ability to trust the caller ID information.
"Our longstanding partnership with Intrado allows us to keep delivering solutions that enable their customers to have a superior enterprise communications and collaboration experience by leveraging some of the most advanced identity assurance solutions on the market," said Tony Scarfo, EVP & General Manager, Cloud & Edge Business Unit for Ribbon. "Our Call Trust portfolio is designed to examine calls in real-time, on a per-call basis to ensure that calls are legitimate."
The solutions deployed by Intrado include Ribbon's Session Border Controllers (SBC), Media Gateway (GSX), and Policy and Routing Server (PSX). Ribbon Call Trust provides Intrado with the network functions required to participate in STIR/SHAKEN and protect its enterprise customers against unwanted nuisance and robocalls.
In an originating service provider's network, Ribbon's Call Controllers can attest to the originator's identity and provide a tag the call accordingly before it sends a SIP invite to the SBC or GSX (News - Alert). The SBC or GSX will generate and pass an authorization request to the PSX. In turn, the PSX routes the authentication request to the STI function, whether that is provided by Ribbon or any certified 3rd party. Following STI authentication and signing, the PSX will receive signature information and pass that back to the SBC or GSX to be forward to the next network hop.
In the terminating service provider's network, the SBC or GSX will generate a verification request and send it to the PSX to be forwarded to the Ribbon Secure Telephone Identity (STI) function. Following STI signature verification, the PSX will receive the verification information and pass it back to the SBC or GSX. In addition, the PSX can instruct the SBC or the GSX to perform a specific call validation treatment based on the verification information.
Both the SBC and the GSX have flexible handling of error conditions, e.g., "reject the call," "continue with the call," or "continue with the call and remove Identity header" if signature verification fails. And if the call terminates with a Ribbon Call Controller, it too will provide verification status reporting.
Although several providers and third parties offer call blocking and caller identification verification products, there is no ubiquitous solution that spans wireline and wireless communication networks.
To address these concerns, service providers are focusing their efforts across three key areas: source authentication as well as network and consumer blocking tools. Ribbon's solutions are designed to protect consumers from unwanted calls and give them more control over the calls and texts they receive.
Edited by Luke Bellos