SlideShare a Scribd company logo

ITA SHAKEN Presentation Draft.pptx

Download as PPTX, PDF
I
imranCCIE

STIR shaken

Technology
1 of 31
STIR/Shaken: Mitigating Illegal Robocalling and Caller ID Scams June 10, 2019 Dave Frigen STI-GA Board Member Wabash Communications Louisville, IL
STIR vs. SHAKEN • STIR refers to base Internet standard for call signing and call verification over Internet Protocol (IP) that was developed by the Internet Engineering Task Force (IETF). • SHAKEN (Secure Handling of Asserted information using toKENs) is a secure telecommunications call standard that was developed by the ATIS/SIP Forum IP-NNI Task Force that specifies the use of STIR technology use in an IP-based service provider’s voice network 2
Overview of Secure Telephone Identity (STI) Initiative • Problem Statement • Where and How It Began; Where We Are Now • Federal and State Government Priority • SHAKEN Protocol • Functional Elements • Attestation Levels 3
Caller ID 4 Service Provider Originating service provider inserts Caller ID in network signalling Problem Statement
Caller ID - Enterprise 5 Service Provider Originating service provider inserts Caller ID in network signalling Enterprise inserts Caller ID at PBX Originating service provider generally doesn’t validate Caller ID for enterprise
Caller ID Spoofing: The Problem 6 Service Provider Open source IP-PBX inserts Caller ID Call appears to originate locally Internet Call center agent could be anywhere…
Service Provider Caller ID Spoofing: The Problem 7 Service Provider Internet Call center agent could be anywhere… Open source IP-PBX Inserts Caller ID Routing through multiple service providers further complicates matters
8 Dr. E. 202-555-0123 Verified… 202-555-0123
9 Dr. E. 202-555-0123 … Vs. Good Just because a call is “verified” doesn’t mean it’s “good” 202-555-0123
Overview • Problem Statement • Where And How It Began; Where We Are Now • Federal and State Government Priority • SHAKEN Protocol • Functional Elements • Attestation Levels 10
Where and How It Began Oct 2012 FTC Workshop in Robocalling & Caller ID Spoofing Aug 2013 IETF STIR Charter Approved Jan 2014 ATIS/SIP Forum Begins tracking IETF STIR Aug 2015 ATIS/SIP FORUM IP- NNI begins work on SHAKEN Sept 2015 FCC Workshop on Robocalling & Caller ID Spoofing Apr 2016 ATIS Whitepaper on Caller ID Spoofing June 2016 ATIS Analysis on Caller ID Spoofing Mitigation Techniques July 2016 FCC seeks carrier help, AT&T CEO agrees to chair FCC Robocalling Strike Force Aug 2016 Strike Force kick-off Meeting 11
Where we are now? • On May 11, 2018 the Chief of the Wireline Competition Bureau sent a letter to the NANC indicating support for the CATA Working Group Recommendation • ATIS was endorsed as the GA (General Authority) and members for the STI- GA Board were chosen. • The GA was officially launched on August 29, 2018, and quickly went to work developing an RFP for the Policy Administrator (PA) • The RFP was issued on November 14, 2018 • In May 2019, the STI-GA announced the selection of iconectiv as the STI-PA • The GA is working with iconectiv to get the STI-PA implemented this year 12
North American Numbering Council • In December 2017, the FCC directed the NANC (North American Numbering Counsel) CATA (Call Authentication Trust Anchor) Working Group to recommend a Governance Authority (GA) structure and timeline • On May 3, 2018, the CATA Working Group submitted its recommendation to the FCC – The STI–GA should be industry driven – Industry representation should be a broad, multi-stakeholder voluntary representation from the U.S. communications service provider sector – The timeline calls for the Policy Administrator (PA) to be in place one year after the proposal is submitted to the Commission – Service providers capable of signing and validating VoIP calls should implement the standard within one year of the report 13
Relationship: STI-GA Board and ATIS 14 Board must encompass all interests of the PSTN • Chair -Linda Vandeloop, AT&T • Vice Chair –Glenn Clepper, Charter Communications; appointed by NCTA • Clinton Lee, Jackson Energy Authority; appointed by ACA • Nathan Sutter, Nex-Tech Wireless; appointed by CCA • Indra Chalk, T-Mobile; appointed by CTIA • Greg Rogers, Bandwidth; appointed by INCOMPAS • Dave Frigen, Wabash Communications; appointed by NTCA • Chris Oatway, Verizon; appointed by US Telecom • Gunnar Halley, Microsoft; appointed by the VON Coalition • Michael Starkey, appointed by Western Telecommunications and TEXALTEL • Tim Kagele, Comcast • Darah Franklin, Google
Next Steps: the STI-PA and its Role • The STI-PA applies and enforces the rules as defined by the STI-GA • Verifies that a Service Provider (SP) meets the defined criteria for participation in the SHAKEN framework before issuing “Service Provider Code tokens” to the approved SP • Renews the Service Provider Code token as required, after verifying that the SP continues to meet the criteria to participate in the SHAKEN framework. The Service Provider Code token is used for authentication when the SP obtains Secure Telephone Identity (STI) certificates from an approved Secure Telephone Identity Certification Authority (STI-CA) • Approves STI-CAs and verifies that the STI-CA meets all requirements of its Certification Practice Statement to assess compliance with the Certificate Policy • Securely maintains a “trusted STI-CA” list and distributes this to all SPs participating in the SHAKEN ecosystem 15
Overview • Problem Statement • Where And How It Began; Where We Are Now • Federal and State Government Priority • SHAKEN Protocol • Functional Elements • Attestation Levels 16
Federal And State Government Priority • FCC letters to carriers – Nov 2018, Chairman Pai said: “Combatting illegal robocalls is our top consumer priority at the FCC. That’s why we need call authentication to become a reality—it’s the best way to ensure that consumers can answer their phones with confidence. By this time next year, I expect that consumers will begin to see this on their phones.” – June 6, 2019 FCC votes on Declaratory Ruling & Third Further Notice of Proposed Rulemaking • Creates safe harbor for blocking calls where caller ID fails and seeks input on the blocking of unsigned calls. – FCC July 11 Summit to gauge carrier STIR/SHAKEN implementation plans • State Attorneys General file letter with FCC – Oct 2018, 35 State AGs said: “We strongly recommend the FCC explore ways to encourage all domestic and international service providers to aggressively implement STIR/SHAKEN.” 17
Federal and State Government Priority • Pending Federal Legislation – S.3655 the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act passed by Senate in May 2019. • Mandate adoption of call authentication technology (STIR/SHAKEN) for all IP-based providers. • Raises fines to $10,000 per call and extends statute of limitations to 3 years. • Requires FCC to initiate a rulemaking to protect subscribers from unwanted calls or texts from callers using unauthenticated numbers – HR.946 Stopping Bad Robocalls Act introduced by Congressman Pallone (D) pending in Congress • Mandate adoption of call authentication technology (STIR/SHAKEN) for all providers • Expands FCC enforcement authorities against violations of the TCPA • Redefines robocalls to mean call or text message sent 18
Overview • Problem Statement • Where And How It Began; Where We Are Now • Federal and State Government Priority • SHAKEN Protocol • Functional Elements • Attestation Levels 19
Key Insights Behind SHAKEN • The originating carrier always knows something about the call origination • Sometimes the carrier knows/controls the number in Caller ID: – Mobile phone authenticates with the network – Landlines are hard-wired to the switch • Sometimes the carrier knows the customer, but allows the PBX to insert Caller ID: – Enterprise PBX could display receptionist number for all outgoing calls – Call center could display toll free number, or local callback number • Sometimes the carrier only knows the entry point into their network • The problem: Today there isn’t a secure mechanism for the originating carrier to communicate this information to the terminating carrier • SHAKEN was designed to provide a secure mechanism for this 20
SHAKEN “101” 21 Originating Carrier Terminating Carrier Create digital signature: SHAKEN “PASSporT” Verification of SHAKEN “PASSporT” The essence of SHAKEN is: • Originating service provider creates digital signature based on what it knows about the call origination: o The customer and their right to use the number, or o The customer (but not the number), or o The point it enters their network • Assign “origid” to uniquely identify the call origination
SHAKEN – Published January 2017 22 STI - AS STI - VS SIP Proxy SIP Proxy STI - CR Mechanism to sign calling party information, including attestation claims and origid, to generate PASSporT token. (Authentication Server) Mechanism to verify signature and validate PASSporT claims. (Verification Server) (Certificate Repository) On-the-wire encoding of PASSporT token in SIP Identity header. (Session Initiated Protocol) ATIS-1000074: Signature based Handling of Asserted information using ToKENs (i.e., SHAKEN)
SHAKEN Attestation Claims – Full Attestation • Full attestation: The signing provider shall satisfy all of the following conditions: – Is responsible for the origination of the call onto the IP based service provider voice network – Has a direct authenticated relationship with the customer and can identify the customer – Has established a verified association with the telephone number used for the call – NOTE 1: The signing provider is asserting that their customer can “legitimately” use the number that appears as the calling party (i.e., the Caller ID). …but they are not asserting that the call is actually from the number that appears as the calling party (i.e., SHAKEN allows “legitimate” spoofing) – NOTE 2: Although it will impact reputation, ultimately, it is up to service provider policy to decide what constitutes “legitimate right to assert a telephone number” 23 From ATIS-1000074
SHAKEN Attestation Claims – Partial Attestation • Partial attestation: The signing provider shall satisfy all of the following conditions: – Is responsible for the origination of the call onto its IP-based voice network – Has a direct authenticated relationship with the customer and can identify the customer – Has NOT established a verified association with the telephone number being used for the call – NOTE: When partial attestation is used, each customer will have a unique origination identifier created and managed by the service provider, but the intention is that it will not be possible to reverse engineer the identity of the customer purely from the identifier or signature … allows data analytics to establish a reputation profile and assess the reliability of information asserted by the customer assigned this unique identifier. Also … for forensic analysis or legal action where appropriate 24 From ATIS-1000074
SHAKEN Attestation Claims – Gateway Attestation • Gateway attestation: The signing provider shall satisfy all of the following conditions: – Is the entry point of the call into its VoIP network – Has no relationship with the initiator of the call (e.g., international gateways) – NOTE: The token will provide a unique origination identifier of the node in the “origid” claim (The signer is not asserting anything other than “this is the point where the call entered my network”) 25 From ATIS-1000074
SHAKEN Functions 26 STI - AS STI - VS SIP Proxy SIP Proxy STI - CR Authentication Verification *IP Network only, no workaround for TDM yet.
SHAKEN Example: Full/Partial Attestation 27 Service Provider (IMS) Service Provider (IMS) STI - AS STI - VS SHAKEN Attestation *IP Network only, no workaround for TDM yet.
SHAKEN Example: GW Attestation 28 Service Provider (IMS) Service Provider (SS7) STI - AS STI - VS GW GW Attestation *IP Network only, no workaround for TDM yet.
Summary: SHAKEN Governance – Trust Model 29 FCC/FTC STI-GA STI-PA GW Partial Attestation Full Attestation STI-CA Service Provider
TDM/PSTN Traffic • STIR/SHAKEN is an IP-based solution – Calls that traverse the PSTN will not pass along the IP headers carrying the information that validates the Caller ID – TDM originated calls should receive Gateway level attestation • Potential Solutions? – There are no solutions that have been brought to the IP-NNI for industry discussion • For discussion at the IP-NNI a contribution must be submitted – Some proprietary ideas have been raised by parties within the industry • Use of multiple trunk groups to denote various levels of attestation • Use of out-of-band signaling to transmit caller ID authentication information around TDM networks – There are no industry standard solutions currently for passing authenticated Caller ID information where TDM networks remain in the call path, but it is not expected that providers with TDM networks will implement STIR/SHAKEN 30
Questions 31

Recommended

Battling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKENBattling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKENTelcoBridges Inc.
 
Battling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKENBattling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKENAlan Percy
 
Effective STIR/SHAKEN and Robocall Solutions that Work Today
Effective STIR/SHAKEN and Robocall Solutions that Work TodayEffective STIR/SHAKEN and Robocall Solutions that Work Today
Effective STIR/SHAKEN and Robocall Solutions that Work TodayDonaldStDenis1
 
STIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQSTIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQTelcoBridges Inc.
 
STIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQSTIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQAlan Percy
 
Telecom compliance
Telecom complianceTelecom compliance
Telecom complianceCA
 
Licensing
LicensingLicensing
LicensingCA
 
Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15kantarainitiative
 

Recommended

Battling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKENBattling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKENTelcoBridges Inc.
 
Battling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKENBattling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKENAlan Percy
 
Effective STIR/SHAKEN and Robocall Solutions that Work Today
Effective STIR/SHAKEN and Robocall Solutions that Work TodayEffective STIR/SHAKEN and Robocall Solutions that Work Today
Effective STIR/SHAKEN and Robocall Solutions that Work TodayDonaldStDenis1
 
STIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQSTIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQTelcoBridges Inc.
 
STIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQSTIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQAlan Percy
 
Telecom compliance
Telecom complianceTelecom compliance
Telecom complianceCA
 
Licensing
LicensingLicensing
LicensingCA
 
Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15kantarainitiative
 
Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCAlan Percy
 
Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCTelcoBridges Inc.
 
The IANA Stewardship Transition Overview & Background
The IANA Stewardship Transition Overview & Background The IANA Stewardship Transition Overview & Background
The IANA Stewardship Transition Overview & Background APNIC
 
gTLD Registry Ongoing Operations from ICANN 49
gTLD Registry Ongoing Operations from ICANN 49gTLD Registry Ongoing Operations from ICANN 49
gTLD Registry Ongoing Operations from ICANN 49ICANN
 
Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15kantarainitiative
 
Repositioning your TCPA Strategies in a Post ACA World
Repositioning your TCPA Strategies in a Post ACA WorldRepositioning your TCPA Strategies in a Post ACA World
Repositioning your TCPA Strategies in a Post ACA WorldRyan Thurman
 
Battling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENBattling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENAlan Percy
 
Battling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENBattling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENTelcoBridges Inc.
 
Proposal to Manage the Upgrade of the IT Infrastructure for PPESA
Proposal to Manage the Upgrade of the IT Infrastructure for PPESAProposal to Manage the Upgrade of the IT Infrastructure for PPESA
Proposal to Manage the Upgrade of the IT Infrastructure for PPESAFederico Schiavio
 
IEEE Blockchain Summit Korea 2018 - Commercial Blockchain Application & Scala...
IEEE Blockchain Summit Korea 2018 - Commercial Blockchain Application & Scala...IEEE Blockchain Summit Korea 2018 - Commercial Blockchain Application & Scala...
IEEE Blockchain Summit Korea 2018 - Commercial Blockchain Application & Scala...ICON Foundation
 
PhNOG 2020: Securing your resources with RPKI and IRT
PhNOG 2020: Securing your resources with RPKI and IRTPhNOG 2020: Securing your resources with RPKI and IRT
PhNOG 2020: Securing your resources with RPKI and IRTAPNIC
 
Information Technology Services 201608 v1.5
Information Technology Services 201608 v1.5Information Technology Services 201608 v1.5
Information Technology Services 201608 v1.5John Halbert
 
Information Technology Services 201608 v1.5
Information Technology Services 201608 v1.5Information Technology Services 201608 v1.5
Information Technology Services 201608 v1.5John Halbert
 
Cable Regulation in an Evolving IP World
Cable Regulation in an Evolving IP WorldCable Regulation in an Evolving IP World
Cable Regulation in an Evolving IP WorldMoss & Barnett
 
Open ID in Government
Open ID in GovernmentOpen ID in Government
Open ID in GovernmentKarthik Ethirajan
 
Compliance reporting-licensing trends
Compliance reporting-licensing trends Compliance reporting-licensing trends
Compliance reporting-licensing trends CA
 
Government Contracting - OTA Consortia Overview - And How To Get Involved
Government Contracting - OTA Consortia Overview - And How To Get InvolvedGovernment Contracting - OTA Consortia Overview - And How To Get Involved
Government Contracting - OTA Consortia Overview - And How To Get InvolvedJSchaus & Associates
 
BeyondVoice with SIPconnect Training
BeyondVoice with SIPconnect TrainingBeyondVoice with SIPconnect Training
BeyondVoice with SIPconnect TrainingGreg Rothman
 
Sbi form 477 presentation
Sbi form 477 presentationSbi form 477 presentation
Sbi form 477 presentationUtah Broadband Project
 
Understanding Australia's anti encryption law | EAGLEGATE
Understanding Australia's anti encryption law | EAGLEGATEUnderstanding Australia's anti encryption law | EAGLEGATE
Understanding Australia's anti encryption law | EAGLEGATENicole Murdoch
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 

More Related Content

Similar to ITA SHAKEN Presentation Draft.pptx

Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCAlan Percy
 
Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCTelcoBridges Inc.
 
The IANA Stewardship Transition Overview & Background
The IANA Stewardship Transition Overview & Background The IANA Stewardship Transition Overview & Background
The IANA Stewardship Transition Overview & Background APNIC
 
gTLD Registry Ongoing Operations from ICANN 49
gTLD Registry Ongoing Operations from ICANN 49gTLD Registry Ongoing Operations from ICANN 49
gTLD Registry Ongoing Operations from ICANN 49ICANN
 
Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15kantarainitiative
 
Repositioning your TCPA Strategies in a Post ACA World
Repositioning your TCPA Strategies in a Post ACA WorldRepositioning your TCPA Strategies in a Post ACA World
Repositioning your TCPA Strategies in a Post ACA WorldRyan Thurman
 
Battling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENBattling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENAlan Percy
 
Battling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENBattling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENTelcoBridges Inc.
 
Proposal to Manage the Upgrade of the IT Infrastructure for PPESA
Proposal to Manage the Upgrade of the IT Infrastructure for PPESAProposal to Manage the Upgrade of the IT Infrastructure for PPESA
Proposal to Manage the Upgrade of the IT Infrastructure for PPESAFederico Schiavio
 
IEEE Blockchain Summit Korea 2018 - Commercial Blockchain Application & Scala...
IEEE Blockchain Summit Korea 2018 - Commercial Blockchain Application & Scala...IEEE Blockchain Summit Korea 2018 - Commercial Blockchain Application & Scala...
IEEE Blockchain Summit Korea 2018 - Commercial Blockchain Application & Scala...ICON Foundation
 
PhNOG 2020: Securing your resources with RPKI and IRT
PhNOG 2020: Securing your resources with RPKI and IRTPhNOG 2020: Securing your resources with RPKI and IRT
PhNOG 2020: Securing your resources with RPKI and IRTAPNIC
 
Information Technology Services 201608 v1.5
Information Technology Services 201608 v1.5Information Technology Services 201608 v1.5
Information Technology Services 201608 v1.5John Halbert
 
Information Technology Services 201608 v1.5
Information Technology Services 201608 v1.5Information Technology Services 201608 v1.5
Information Technology Services 201608 v1.5John Halbert
 
Cable Regulation in an Evolving IP World
Cable Regulation in an Evolving IP WorldCable Regulation in an Evolving IP World
Cable Regulation in an Evolving IP WorldMoss & Barnett
 
Compliance reporting-licensing trends
Compliance reporting-licensing trends Compliance reporting-licensing trends
Compliance reporting-licensing trends CA
 
Government Contracting - OTA Consortia Overview - And How To Get Involved
Government Contracting - OTA Consortia Overview - And How To Get InvolvedGovernment Contracting - OTA Consortia Overview - And How To Get Involved
Government Contracting - OTA Consortia Overview - And How To Get InvolvedJSchaus & Associates
 
BeyondVoice with SIPconnect Training
BeyondVoice with SIPconnect TrainingBeyondVoice with SIPconnect Training
BeyondVoice with SIPconnect TrainingGreg Rothman
 
Understanding Australia's anti encryption law | EAGLEGATE
Understanding Australia's anti encryption law | EAGLEGATEUnderstanding Australia's anti encryption law | EAGLEGATE
Understanding Australia's anti encryption law | EAGLEGATENicole Murdoch
 

Similar to ITA SHAKEN Presentation Draft.pptx (20)

Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBC
 
Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBC
 
The IANA Stewardship Transition Overview & Background
The IANA Stewardship Transition Overview & Background The IANA Stewardship Transition Overview & Background
The IANA Stewardship Transition Overview & Background
 
gTLD Registry Ongoing Operations from ICANN 49
gTLD Registry Ongoing Operations from ICANN 49gTLD Registry Ongoing Operations from ICANN 49
gTLD Registry Ongoing Operations from ICANN 49
 
Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15Kantara webinar 800 63-3 approval 2020-07-15
Kantara webinar 800 63-3 approval 2020-07-15
 
Repositioning your TCPA Strategies in a Post ACA World
Repositioning your TCPA Strategies in a Post ACA WorldRepositioning your TCPA Strategies in a Post ACA World
Repositioning your TCPA Strategies in a Post ACA World
 
Battling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENBattling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKEN
 
Battling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENBattling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKEN
 
Proposal to Manage the Upgrade of the IT Infrastructure for PPESA
Proposal to Manage the Upgrade of the IT Infrastructure for PPESAProposal to Manage the Upgrade of the IT Infrastructure for PPESA
Proposal to Manage the Upgrade of the IT Infrastructure for PPESA
 
IEEE Blockchain Summit Korea 2018 - Commercial Blockchain Application & Scala...
IEEE Blockchain Summit Korea 2018 - Commercial Blockchain Application & Scala...IEEE Blockchain Summit Korea 2018 - Commercial Blockchain Application & Scala...
IEEE Blockchain Summit Korea 2018 - Commercial Blockchain Application & Scala...
 
PhNOG 2020: Securing your resources with RPKI and IRT
PhNOG 2020: Securing your resources with RPKI and IRTPhNOG 2020: Securing your resources with RPKI and IRT
PhNOG 2020: Securing your resources with RPKI and IRT
 
Information Technology Services 201608 v1.5
Information Technology Services 201608 v1.5Information Technology Services 201608 v1.5
Information Technology Services 201608 v1.5
 
Information Technology Services 201608 v1.5
Information Technology Services 201608 v1.5Information Technology Services 201608 v1.5
Information Technology Services 201608 v1.5
 
Cable Regulation in an Evolving IP World
Cable Regulation in an Evolving IP WorldCable Regulation in an Evolving IP World
Cable Regulation in an Evolving IP World
 
Open ID in Government
Open ID in GovernmentOpen ID in Government
Open ID in Government
 
Compliance reporting-licensing trends
Compliance reporting-licensing trends Compliance reporting-licensing trends
Compliance reporting-licensing trends
 
Government Contracting - OTA Consortia Overview - And How To Get Involved
Government Contracting - OTA Consortia Overview - And How To Get InvolvedGovernment Contracting - OTA Consortia Overview - And How To Get Involved
Government Contracting - OTA Consortia Overview - And How To Get Involved
 
BeyondVoice with SIPconnect Training
BeyondVoice with SIPconnect TrainingBeyondVoice with SIPconnect Training
BeyondVoice with SIPconnect Training
 
Sbi form 477 presentation
Sbi form 477 presentationSbi form 477 presentation
Sbi form 477 presentation
 
Understanding Australia's anti encryption law | EAGLEGATE
Understanding Australia's anti encryption law | EAGLEGATEUnderstanding Australia's anti encryption law | EAGLEGATE
Understanding Australia's anti encryption law | EAGLEGATE
 

Recently uploaded

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 

Recently uploaded (20)

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 

ITA SHAKEN Presentation Draft.pptx

  • 1. STIR/Shaken: Mitigating Illegal Robocalling and Caller ID Scams June 10, 2019 Dave Frigen STI-GA Board Member Wabash Communications Louisville, IL
  • 2. STIR vs. SHAKEN • STIR refers to base Internet standard for call signing and call verification over Internet Protocol (IP) that was developed by the Internet Engineering Task Force (IETF). • SHAKEN (Secure Handling of Asserted information using toKENs) is a secure telecommunications call standard that was developed by the ATIS/SIP Forum IP-NNI Task Force that specifies the use of STIR technology use in an IP-based service provider’s voice network 2
  • 3. Overview of Secure Telephone Identity (STI) Initiative • Problem Statement • Where and How It Began; Where We Are Now • Federal and State Government Priority • SHAKEN Protocol • Functional Elements • Attestation Levels 3
  • 4. Caller ID 4 Service Provider Originating service provider inserts Caller ID in network signalling Problem Statement
  • 5. Caller ID - Enterprise 5 Service Provider Originating service provider inserts Caller ID in network signalling Enterprise inserts Caller ID at PBX Originating service provider generally doesn’t validate Caller ID for enterprise
  • 6. Caller ID Spoofing: The Problem 6 Service Provider Open source IP-PBX inserts Caller ID Call appears to originate locally Internet Call center agent could be anywhere…
  • 7. Service Provider Caller ID Spoofing: The Problem 7 Service Provider Internet Call center agent could be anywhere… Open source IP-PBX Inserts Caller ID Routing through multiple service providers further complicates matters
  • 9. 9 Dr. E. 202-555-0123 … Vs. Good Just because a call is “verified” doesn’t mean it’s “good” 202-555-0123
  • 10. Overview • Problem Statement • Where And How It Began; Where We Are Now • Federal and State Government Priority • SHAKEN Protocol • Functional Elements • Attestation Levels 10
  • 11. Where and How It Began Oct 2012 FTC Workshop in Robocalling & Caller ID Spoofing Aug 2013 IETF STIR Charter Approved Jan 2014 ATIS/SIP Forum Begins tracking IETF STIR Aug 2015 ATIS/SIP FORUM IP- NNI begins work on SHAKEN Sept 2015 FCC Workshop on Robocalling & Caller ID Spoofing Apr 2016 ATIS Whitepaper on Caller ID Spoofing June 2016 ATIS Analysis on Caller ID Spoofing Mitigation Techniques July 2016 FCC seeks carrier help, AT&T CEO agrees to chair FCC Robocalling Strike Force Aug 2016 Strike Force kick-off Meeting 11
  • 12. Where we are now? • On May 11, 2018 the Chief of the Wireline Competition Bureau sent a letter to the NANC indicating support for the CATA Working Group Recommendation • ATIS was endorsed as the GA (General Authority) and members for the STI- GA Board were chosen. • The GA was officially launched on August 29, 2018, and quickly went to work developing an RFP for the Policy Administrator (PA) • The RFP was issued on November 14, 2018 • In May 2019, the STI-GA announced the selection of iconectiv as the STI-PA • The GA is working with iconectiv to get the STI-PA implemented this year 12
  • 13. North American Numbering Council • In December 2017, the FCC directed the NANC (North American Numbering Counsel) CATA (Call Authentication Trust Anchor) Working Group to recommend a Governance Authority (GA) structure and timeline • On May 3, 2018, the CATA Working Group submitted its recommendation to the FCC – The STI–GA should be industry driven – Industry representation should be a broad, multi-stakeholder voluntary representation from the U.S. communications service provider sector – The timeline calls for the Policy Administrator (PA) to be in place one year after the proposal is submitted to the Commission – Service providers capable of signing and validating VoIP calls should implement the standard within one year of the report 13
  • 14. Relationship: STI-GA Board and ATIS 14 Board must encompass all interests of the PSTN • Chair -Linda Vandeloop, AT&T • Vice Chair –Glenn Clepper, Charter Communications; appointed by NCTA • Clinton Lee, Jackson Energy Authority; appointed by ACA • Nathan Sutter, Nex-Tech Wireless; appointed by CCA • Indra Chalk, T-Mobile; appointed by CTIA • Greg Rogers, Bandwidth; appointed by INCOMPAS • Dave Frigen, Wabash Communications; appointed by NTCA • Chris Oatway, Verizon; appointed by US Telecom • Gunnar Halley, Microsoft; appointed by the VON Coalition • Michael Starkey, appointed by Western Telecommunications and TEXALTEL • Tim Kagele, Comcast • Darah Franklin, Google
  • 15. Next Steps: the STI-PA and its Role • The STI-PA applies and enforces the rules as defined by the STI-GA • Verifies that a Service Provider (SP) meets the defined criteria for participation in the SHAKEN framework before issuing “Service Provider Code tokens” to the approved SP • Renews the Service Provider Code token as required, after verifying that the SP continues to meet the criteria to participate in the SHAKEN framework. The Service Provider Code token is used for authentication when the SP obtains Secure Telephone Identity (STI) certificates from an approved Secure Telephone Identity Certification Authority (STI-CA) • Approves STI-CAs and verifies that the STI-CA meets all requirements of its Certification Practice Statement to assess compliance with the Certificate Policy • Securely maintains a “trusted STI-CA” list and distributes this to all SPs participating in the SHAKEN ecosystem 15
  • 16. Overview • Problem Statement • Where And How It Began; Where We Are Now • Federal and State Government Priority • SHAKEN Protocol • Functional Elements • Attestation Levels 16
  • 17. Federal And State Government Priority • FCC letters to carriers – Nov 2018, Chairman Pai said: “Combatting illegal robocalls is our top consumer priority at the FCC. That’s why we need call authentication to become a reality—it’s the best way to ensure that consumers can answer their phones with confidence. By this time next year, I expect that consumers will begin to see this on their phones.” – June 6, 2019 FCC votes on Declaratory Ruling & Third Further Notice of Proposed Rulemaking • Creates safe harbor for blocking calls where caller ID fails and seeks input on the blocking of unsigned calls. – FCC July 11 Summit to gauge carrier STIR/SHAKEN implementation plans • State Attorneys General file letter with FCC – Oct 2018, 35 State AGs said: “We strongly recommend the FCC explore ways to encourage all domestic and international service providers to aggressively implement STIR/SHAKEN.” 17
  • 18. Federal and State Government Priority • Pending Federal Legislation – S.3655 the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act passed by Senate in May 2019. • Mandate adoption of call authentication technology (STIR/SHAKEN) for all IP-based providers. • Raises fines to $10,000 per call and extends statute of limitations to 3 years. • Requires FCC to initiate a rulemaking to protect subscribers from unwanted calls or texts from callers using unauthenticated numbers – HR.946 Stopping Bad Robocalls Act introduced by Congressman Pallone (D) pending in Congress • Mandate adoption of call authentication technology (STIR/SHAKEN) for all providers • Expands FCC enforcement authorities against violations of the TCPA • Redefines robocalls to mean call or text message sent 18
  • 19. Overview • Problem Statement • Where And How It Began; Where We Are Now • Federal and State Government Priority • SHAKEN Protocol • Functional Elements • Attestation Levels 19
  • 20. Key Insights Behind SHAKEN • The originating carrier always knows something about the call origination • Sometimes the carrier knows/controls the number in Caller ID: – Mobile phone authenticates with the network – Landlines are hard-wired to the switch • Sometimes the carrier knows the customer, but allows the PBX to insert Caller ID: – Enterprise PBX could display receptionist number for all outgoing calls – Call center could display toll free number, or local callback number • Sometimes the carrier only knows the entry point into their network • The problem: Today there isn’t a secure mechanism for the originating carrier to communicate this information to the terminating carrier • SHAKEN was designed to provide a secure mechanism for this 20
  • 21. SHAKEN “101” 21 Originating Carrier Terminating Carrier Create digital signature: SHAKEN “PASSporT” Verification of SHAKEN “PASSporT” The essence of SHAKEN is: • Originating service provider creates digital signature based on what it knows about the call origination: o The customer and their right to use the number, or o The customer (but not the number), or o The point it enters their network • Assign “origid” to uniquely identify the call origination
  • 22. SHAKEN – Published January 2017 22 STI - AS STI - VS SIP Proxy SIP Proxy STI - CR Mechanism to sign calling party information, including attestation claims and origid, to generate PASSporT token. (Authentication Server) Mechanism to verify signature and validate PASSporT claims. (Verification Server) (Certificate Repository) On-the-wire encoding of PASSporT token in SIP Identity header. (Session Initiated Protocol) ATIS-1000074: Signature based Handling of Asserted information using ToKENs (i.e., SHAKEN)
  • 23. SHAKEN Attestation Claims – Full Attestation • Full attestation: The signing provider shall satisfy all of the following conditions: – Is responsible for the origination of the call onto the IP based service provider voice network – Has a direct authenticated relationship with the customer and can identify the customer – Has established a verified association with the telephone number used for the call – NOTE 1: The signing provider is asserting that their customer can “legitimately” use the number that appears as the calling party (i.e., the Caller ID). …but they are not asserting that the call is actually from the number that appears as the calling party (i.e., SHAKEN allows “legitimate” spoofing) – NOTE 2: Although it will impact reputation, ultimately, it is up to service provider policy to decide what constitutes “legitimate right to assert a telephone number” 23 From ATIS-1000074
  • 24. SHAKEN Attestation Claims – Partial Attestation • Partial attestation: The signing provider shall satisfy all of the following conditions: – Is responsible for the origination of the call onto its IP-based voice network – Has a direct authenticated relationship with the customer and can identify the customer – Has NOT established a verified association with the telephone number being used for the call – NOTE: When partial attestation is used, each customer will have a unique origination identifier created and managed by the service provider, but the intention is that it will not be possible to reverse engineer the identity of the customer purely from the identifier or signature … allows data analytics to establish a reputation profile and assess the reliability of information asserted by the customer assigned this unique identifier. Also … for forensic analysis or legal action where appropriate 24 From ATIS-1000074
  • 25. SHAKEN Attestation Claims – Gateway Attestation • Gateway attestation: The signing provider shall satisfy all of the following conditions: – Is the entry point of the call into its VoIP network – Has no relationship with the initiator of the call (e.g., international gateways) – NOTE: The token will provide a unique origination identifier of the node in the “origid” claim (The signer is not asserting anything other than “this is the point where the call entered my network”) 25 From ATIS-1000074
  • 26. SHAKEN Functions 26 STI - AS STI - VS SIP Proxy SIP Proxy STI - CR Authentication Verification *IP Network only, no workaround for TDM yet.
  • 27. SHAKEN Example: Full/Partial Attestation 27 Service Provider (IMS) Service Provider (IMS) STI - AS STI - VS SHAKEN Attestation *IP Network only, no workaround for TDM yet.
  • 28. SHAKEN Example: GW Attestation 28 Service Provider (IMS) Service Provider (SS7) STI - AS STI - VS GW GW Attestation *IP Network only, no workaround for TDM yet.
  • 29. Summary: SHAKEN Governance – Trust Model 29 FCC/FTC STI-GA STI-PA GW Partial Attestation Full Attestation STI-CA Service Provider
  • 30. TDM/PSTN Traffic • STIR/SHAKEN is an IP-based solution – Calls that traverse the PSTN will not pass along the IP headers carrying the information that validates the Caller ID – TDM originated calls should receive Gateway level attestation • Potential Solutions? – There are no solutions that have been brought to the IP-NNI for industry discussion • For discussion at the IP-NNI a contribution must be submitted – Some proprietary ideas have been raised by parties within the industry • Use of multiple trunk groups to denote various levels of attestation • Use of out-of-band signaling to transmit caller ID authentication information around TDM networks – There are no industry standard solutions currently for passing authenticated Caller ID information where TDM networks remain in the call path, but it is not expected that providers with TDM networks will implement STIR/SHAKEN 30

Editor's Notes

  1. From ATIS-1000074 NOTE 1: The signing provider is asserting that their customer can “legitimately” use the number that appears as the calling party (i.e., the Caller ID). The legitimacy of the telephone number(s) the originator of the call can use is subject to signer-specific policy, but could use mechanisms such as the following:  The number was assigned to this customer by the signing service provider.  This number is one of a range of numbers assigned to an enterprise or wholesale customer.  The signing service provider has ascertained that the customer is authorized to use a number (e.g., by business agreement or evidence the customer has access to use the number). This includes numbers assigned by another service provider.  The number is not permanently assigned to an individual customer but the signing provider can track the use of the number by a customer for certain calls or during a certain timeframe. NOTE 2: Ultimately it is up to service provider policy to decide what constitutes “legitimate right to assert a telephone number” but the service provider’s reputation may be directly dependent on how rigorous they have been in making this assertion.
  2. From ATIS-1000074 NOTE: When partial attestation is used, each customer will have a unique origination identifier created and managed by the service provider, but the intention is that it will not be possible to reverse engineer the identity of the customer purely from the identifier or signature. As described in section 5.2.4, the unique origination identifier allows data analytics to establish a reputation profile and assess the reliability of information asserted by the customer assigned this unique identifier. The identifier also provides a reliable mechanism to determine the customer for forensic analysis or legal action where appropriate.