FCC Calls on Industry to Overcome STIR/SHAKEN Limitation

By Greg Tavarez, TMCnet Editor  |  October 27, 2022

Americans constantly face a barrage of robocalls – to the tune of 4.2 billion robocalls alone in September. As a defense strategy against bad actors of robocalls, the Federal Communications Commission implemented the STIR/SHAKEN protocol to combat illegally spoofed robocalls. It’s designed to improve the accuracy of robocall blocking and consumer warning tools, aid enforcement officials in tracing calls back to the originators, and provide consumers with more reliable caller ID information. Ultimately, it’s supposed to undercut spoofing scams.

Voice service providers are required to implement and use STIR/SHAKEN on their IP-based networks. Extensions were granted for the IP-based implementation requirements with facilities-based small voice service providers until June 30, 2023, and for providers that are unable to receive the certificate required to participate in STIR/SHAKEN.

However, the FCC (News - Alert) ran into a hurdle. STIR/SHAKEN’s caller ID authentication standards only technologically work on IP-based phone networks and not on non-IP networks.  That includes calls that pass through non-IP networks at any point from origination to termination.

Voice service providers place encrypted digital certificates on messages as they pass from network to network. Non-IP networks cannot add or maintain this digital information on calls. This basically means that any call generated by or passing through a non-IP network does not carry STIR/SHAKEN verification information, such as information regarding as to who generated the call. A gap is created in the caller ID authentication scheme, decreasing the effectiveness of the technology. Bad actors notice this and will exploit it.

This prompted the FCC to begin a proceeding to consider ways to combat illegally spoofed robocalls that pass through non-IP networks. Though the number of non-IP phone service users continues to dwindle, the FCC has an obligation to protect all Americans.  As such, the FCC is asking for comment on the prevalence of non-IP technology in the country’s phone networks and the impact this technology has on the illegal robocalls problem. 

It also seeks input on alternative technological or policy solutions to enable caller ID authentication over non-IP networks, including two standards developed by the Alliance for Telecommunications Industry Solutions. One standard would allow non-IP providers to send and receive caller ID authentication information via the internet on a separate track from the call itself. The second standard would carry more limited information with the call even on non-IP systems. 

The Notice of Inquiry put out by the FCC will also study the nexus between non-IP caller ID authentication and the IP transition generally, and on specific steps the FCC will take to encourage the industry’s transition to IP.

If all goes as planned, the FCC will move closer to achieving ubiquitous implementation of STIR/SHAKEN caller ID authentication. 

Edited by Erik Linask