Robocalls and spam calls are a major issue for people in the United States. The Federal Communications Commission, or FCC, estimates that fraudulent calls cost Americans a total of $10 billion every year. As such, there have been efforts by software technology giants (such as Google), smartphone makers, telecommunications carriers, and the FCC itself aimed at stopping or reducing robocalls and fraudulent call schemes. One of the major technologies aimed at fighting robocalls is the STIR/SHAKEN protocol, with STIR standing for “Secure Telephone Identity Revisited” and SHAKEN standing for “Signature-based Handling of Asserted Information Using toKENs”. Now, the FCC has set a deadline for the mandatory adoption of STIR/SHAKEN for IP calls.
The STIR/SHAKEN protocol is one of the best lines of defense against robocalls. Calls must be verified and signed by the network the call is originating from using cryptographic certificates. The certificate is then verified again by the network the call is going to. This reduces the effectiveness of caller ID spoofing, so scammers and robocallers can’t hide the phone number they’re calling from. Work on the protocol began in the mid-2010s and the FCC formally proposed and sought public comment on its mandatory adoption in June of 2019. This eventually led to the TRACED Act being passed by Congress and signed by President Trump in December of 2019. And now the FCC is mandating “all originating and terminating voice service providers to implement STIR/SHAKEN in the Internet Protocol (IP) portions of their networks by June 30, 2021.” This deadline extends to 2022 for smaller voice providers that have fewer resources to direct towards upgrading their infrastructure. In the future, intermediate voice service providers will also be required to implement STIR/SHAKEN as well.
STIR/SHAKEN is meant for IP calls, but the FCC is also working on a different standard that can apply to older, non-IP-based calling services as well since they’re also a vector for robocalling. With STIR/SHAKEN, the FCC estimates that the $10 billion yearly figure will be reduced by at least $3 billion, cutting down on annoying robocalls quite a bit.
Most modern Android devices and dialer applications should support displaying the “Caller Verified” notification, but some older devices may not support the feature. For older devices, an update may be required.
Source: FCC | Via 1: ZDNet | Via 2: Engadget
The post FCC will make carriers authenticate IP calls with STIR/SHAKEN by the end of June 2021 appeared first on xda-developers.
from xda-developers https://ift.tt/3awkyta
via IFTTT