SlideShare a Scribd company logo

SHAKEN without the EARTHQUAKE - Blocking calls with STIR/SHAKEN in 2023

L
lindsey601888

These slides present groundbreaking survey conducted by ECG in late 2023. For the first time, major US service providers and STIR/SHAKEN software vendors have joined forces to answer a pivotal question: Can STIR/SHAKEN data effectively block nuisance or illegal calls today? Gain insights from industry leaders on how they're harnessing this data to create a more secure and peaceful communication environment. Prevent outages and have confidence in your blocking strategy. Why STIR/SHAKEN Identity Headers are not being delivered consistently today. How many STIR/SHAKEN Identity headers are being delivered to different entities, from small to large service providers. The impact on low deliverability of STIR/SHAKEN Identity hreaders. Reasons that attestation verifications are failing, including number formatting, certificate access and date problems. The challenges of third-party certificates.

Technology
1 of 32
Download to read offline
SHAKEN without the EARTHQUAKE
2 Faythe’s Story: Protecting Subscribers From Nuisance Calls Scenario: Voice service provider, managed by Faythe Largest client: A major contact center, operated by Bob Problem: Robocalls interfering with business operations
3 One Small Step for a Service Provider, One Giant Leap… The Solution: • Engineering team designs a nuisance call blocking solution to exploit the great STIR/SHAKEN data they're getting • They test the solution and put it into production
4 Plot Twist: Alice Calls Bob Next Day: • Alice in Atlanta tries to call Bob in Biloxi… but the call fails
5 Bob's Emergency • Bob's call center sales are plummeting. • Some calls are still coming in – but not many of them!
6 What's going on? • Faythe’s Service Provider is blocking calls without valid STIR/SHAKEN Identity • . . . and it’s causing a massive outage! • Between 25% and 75% of won't have valid Identity headers.
7 A Top-10 US-Based Voice Provider • Neustar / TransUnion • Sansay • Transnexus Our Source of Information ECG provides engineering staff for voice and internet service providers. Expert sources: Microsoft STIR/SHAKEN Providers AT&T
8 Let’s Talk Robocall Blocking 1 2 4 5 The Case of the Missing Identity For Service Providers, Size is an Advantage The Problem of the Third-Party Certificate Look at a Major, Legal Robocaller 3 6 Why Attestations Fail So, how should we do blocking?
It's hard to verify an Identity header that isn't there. Key Limitation: TDM Gateways TDM Gateways use the 1960s-2000s technology and cannot natively deliver the STIR/SHAKEN Identity header
How many Identity headers are making it through? Hiya - Calls from Mobile to Hiya Customers 89% Hiya - Calls from Non-Mobile Callers to Hiya Customers 54% Calls to TransNexus Clients 33% Enterprise To Mobile (Neustar) 20% Calls to Microsoft Clients 66% Calls to Service Provider SP-X - one of the top-10 US service providers 75% Goal of Authenticated calls delivery to all US Service Providers 100% Copyright 2023, ECG Inc.
11 Low Identity Header Availability "Neustar estimates that on average more than 80% of enterprise-to-mobile (consumer) calls do not receive any STIR/SHAKEN attestation."
12 Let’s Talk Robocall Blocking 1 2 4 5 The Case of the Missing Identity For Service Providers, Size is an Advantage The Problem of the Third-Party Certificate Look at a Major, Legal Robocaller 3 6 Why Attestations Fail So, how should we do blocking?
13 Disparity Between the Largest Providers: TDM In the US, large providers have more prolific SIP end-to-end (TDM-free) connections to most US phones compared to smaller providers. Some of the largest PSTN gateway providers: Bandwidth, CenturyLink, Sinch, Verizon Business Gateway providers have TDM infrastructure, which is not subject to Attestation requirements. Calls flowing through TDM do not have Identity headers.
14 One TDM Hop in a call can mean that no Identity header is delivered, or else a different one is created Caller Alice Callee Bob “Yellow” Originating Service Provider Intermediate Service Provider 1 Intermediate Service Provider 2 “Pink” Intermediate Service Provider 3 TDM SS7 Intermediate Service Provider 4 Intermediate Service Provider 5 Terminating Service Provider ? Copyright 2023, ECG Inc. C A A C C
15 Big Providers Have More Identity headers • Top-10 US provider: 75% of calls arrive with Identity headers • Microsoft: 66% of calls arrive with Identity headers • Big Providers are less dependent on TDM – -- more of their calls are SIP end-to-end
16 Let’s Talk Robocall Blocking 1 2 4 5 The Case of the Missing Identity For Service Providers, Size is an Advantage The Problem of the Third-Party Certificate Look at a Major, Legal Robocaller 3 6 Why Attestations Fail So, how should we do blocking?
17 Validation Errors Are Rampant Invalid Attestation. This is when the Identity header is delivered, but the Attestation fails validation for some reason. • Number Formatting / Mismatch Problems • Expired Certificate • Recycled Identity Header • Time Synchronization Problems
18 Number Formatting / Mismatch Problems Number formatting mismatch causing validation failure: To: <sip:2293160013@1.2.3.4;user=phone> Identity: Decodes as . . ."dest":{"tn":[ "2293160013" ]} Call forwarding causing validation failure: To: <sip:12296305555@1.2.3.4;user=phone> Identity: Decodes as . . . "dest":{"tn":[ "12293160013" ]}
19 Number Formatting / Mismatch Problems “Green” Originating Service Provider Intermediate Providers Terminating Service Provider Callee Bob Caller Alice A From: 2292442099 orig tn: 2292442099 Incorrect number formatting; missing CC A “Teal” Originating Service Provider Caller Frank A Date: 1970-01-01 Incorrect Date timestamp A “Red” Originating Service Provider Caller Dave A Certificate https://inacccessible Certificate inaccessible for Verification A “Purple” Originating Service Provider Caller Carlos A To: 12293160013 dest tn: 12296305553 Forwarded call, reused token A
20 Let’s Talk Robocall Blocking 1 2 4 5 The Case of the Missing Identity For Service Providers, Size is an Advantage The Problem of the Third-Party Certificate Look at a Major, Legal Robocaller 3 6 Why Attestations Fail So, how should we do blocking?
21 Quality Limitations – Even With Valid Attestations Limitation #1: Third Party Certificates The originating service provider doesn't sign; instead an intermediate SP signs with their own certificate. In effect, the PSTN Access Provider is saying they have a direct relationship with Alice – but they don’t. “Green” Originating Service Provider “Pink” Intermediate Service Provider 1 Other Intermediate Providers Terminating Service Provider Callee Bob Caller Alice 1 2 3 4 5 A A
22 I'm the originating service provider with a direct relationship to the calling end- user or enterprise, who is using their own number (which I've verified). A I'm the originating service provider with a direct relationship to the calling end- user or enterprise. B I'm receiving this call from another service provider, or from someone forwarding the call. C Quality Limitations – Even With Valid Attestations Limitation #2: Incorrect Attestations When C should be used, A or B are being used. Credit: Alec Finechel, TransNexus
23 Both TDM & Third-Party Certificates Allow Masking "The most valuable source of information in SHAKEN should be the identity of the originating service provider.“
24 I'm the originating service provider with a direct relationship to the calling end- user or enterprise, who is using their own number (which I've verified). A I'm the originating service provider with a direct relationship to the calling end- user or enterprise. B I'm receiving this call from another service provider, or from someone forwarding the call. C Quality Limitations – Even With Valid Attestations Some third-party certificate intermediate providers are only using A & B.
25 Let’s Talk Robocall Blocking 1 2 4 5 The Case of the Missing Identity For Service Providers, Size is an Advantage The Problem of the Third-Party Certificate Look at a Major, Legal Robocaller 3 6 Why Attestations Fail So, how should we do blocking?
26 90% attested, 10% not attested The Case of One Important Caller One US government caller places millions of robocalls per month. Potential explanation: About 10% of calls traverse TDM (From the perspective of one large service provider)
27 Let’s Talk Robocall Blocking 1 2 4 5 The Case of the Missing Identity For Service Providers, Size is an Advantage The Problem of the Third-Party Certificate Look at a Major, Legal Robocaller 3 6 Why Attestations Fail So, how should we do blocking?
28 SHAKEN Data Is Valuable for Traceback "The traceback value of STIR/SHAKEN has been and will continue to be useful. We believe that calls that ostensibly would be subject to spam tagging or blocking are going to be those from enterprises (landline) to (mobile) consumer." Traceback is the semi-manual process of tracking a call back to the originating service provider.
29 When is it advisable to block calls? Not yet • All experts advised against blocking based solely on available 2023 SHAKEN/STIR data. • How do you block calls with STIR/SHAKEN? • Action Item: Begin verifying and analyzing the STIR/SHAKEN data you are getting today. • Too many US service providers are sending Identity headers but not performing verification.
30 How should you handle blocking? • Analytics platforms to detect nuisance robocalling calling detection are crucial (e.g., TransNexus, Hiya, First Orion, TrueCNAM, TNS, Neustar, Mutare, Redshift) • Plumbing should be built to send STIR/SHAKEN data should be sent to the analytics platforms. • But some argue outright blocking will never be a good option: • Perhaps better to send it to voicemail (Microsoft) • Or send to a Voice Captcha (Mutare)
31 How should you handle blocking? Is SHAKEN Data useable for automated blocking and labeling today? Yes! "Calls signed with B-level attestation are far more more likely to be robocalls than unsigned calls." -- Transnexus Bottom Line: STIR/SHAKEN data will be useful in ways you don’t expect – and you need to get verification into all your analytics systems as soon as possible.
Thank You! Ready for more effective call blocking? ECG’s experts are here to help. https://www.ecg.co/contact sales@e-c-group.com

Recommended

Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
TelcoBridges Inc.
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Alan Percy
 
Battling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKENBattling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKEN
Alan Percy
 
Battling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKENBattling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKEN
TelcoBridges Inc.
 
The Role of SBCs in Fraud Protection
The Role of SBCs in Fraud ProtectionThe Role of SBCs in Fraud Protection
The Role of SBCs in Fraud Protection
TelcoBridges Inc.
 
The Role of SBC in Fraud Protection
The Role of SBC in Fraud ProtectionThe Role of SBC in Fraud Protection
The Role of SBC in Fraud Protection
Alan Percy
 
STIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQSTIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQ
TelcoBridges Inc.
 
STIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQSTIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQ
Alan Percy
 

Recommended

Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
TelcoBridges Inc.
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Alan Percy
 
Battling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKENBattling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKEN
Alan Percy
 
Battling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKENBattling Robocall Fraud with STIR/SHAKEN
Battling Robocall Fraud with STIR/SHAKEN
TelcoBridges Inc.
 
The Role of SBCs in Fraud Protection
The Role of SBCs in Fraud ProtectionThe Role of SBCs in Fraud Protection
The Role of SBCs in Fraud Protection
TelcoBridges Inc.
 
The Role of SBC in Fraud Protection
The Role of SBC in Fraud ProtectionThe Role of SBC in Fraud Protection
The Role of SBC in Fraud Protection
Alan Percy
 
STIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQSTIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQ
TelcoBridges Inc.
 
STIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQSTIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQ
Alan Percy
 
Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBC
TelcoBridges Inc.
 
Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBC
Alan Percy
 
How to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-TimeHow to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-Time
TelcoBridges Inc.
 
How to Prevent Telecom Fraud
How to Prevent Telecom FraudHow to Prevent Telecom Fraud
How to Prevent Telecom Fraud
JeraSoft
 
How to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-TimeHow to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-Time
Alan Percy
 
Passwords don't work multifactor controls do!
Passwords don't work multifactor controls do!Passwords don't work multifactor controls do!
Passwords don't work multifactor controls do!
FitCEO, Inc. (FCI)
 
5 Common Hosted VoIP Myths Debunked
5 Common Hosted VoIP Myths Debunked5 Common Hosted VoIP Myths Debunked
5 Common Hosted VoIP Myths Debunked
Jive Communications
 
Hosted PBX- Should You Be a Provider or a Reseller?
Hosted PBX- Should You Be a Provider or a Reseller?Hosted PBX- Should You Be a Provider or a Reseller?
Hosted PBX- Should You Be a Provider or a Reseller?
NetSapiens
 
Battling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENBattling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKEN
TelcoBridges Inc.
 
Battling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENBattling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKEN
Alan Percy
 
Vertical Selling Series - Professional Services Webinar v2.1
Vertical Selling Series - Professional Services Webinar v2.1Vertical Selling Series - Professional Services Webinar v2.1
Vertical Selling Series - Professional Services Webinar v2.1
Paul Rowe
 
How to choose a VoIP provider
How to choose a VoIP providerHow to choose a VoIP provider
How to choose a VoIP provider
Flowroute
 
2019_USA RSAConference_stir-shake-n-sip-to-stop-robocalling.pdf
2019_USA RSAConference_stir-shake-n-sip-to-stop-robocalling.pdf2019_USA RSAConference_stir-shake-n-sip-to-stop-robocalling.pdf
2019_USA RSAConference_stir-shake-n-sip-to-stop-robocalling.pdf
Lilminow
 
The Power of a Black List, the Promise of a White List
The Power of a Black List, the Promise of a White ListThe Power of a Black List, the Promise of a White List
The Power of a Black List, the Promise of a White List
derektop
 
5 Common Hosted VoIP Myths Debunked
5 Common Hosted VoIP Myths Debunked5 Common Hosted VoIP Myths Debunked
5 Common Hosted VoIP Myths Debunked
Jive Communications
 
VoIP Security 101 what you need to know
VoIP Security 101 what you need to knowVoIP Security 101 what you need to know
VoIP Security 101 what you need to know
Eric Klein
 
Effective STIR/SHAKEN and Robocall Solutions that Work Today
Effective STIR/SHAKEN and Robocall Solutions that Work TodayEffective STIR/SHAKEN and Robocall Solutions that Work Today
Effective STIR/SHAKEN and Robocall Solutions that Work Today
DonaldStDenis1
 
How to Protect Against TDOS Attacks
How to Protect Against TDOS AttacksHow to Protect Against TDOS Attacks
How to Protect Against TDOS Attacks
TelcoBridges Inc.
 
How to Protect Against TDOS Attacks
How to Protect Against TDOS AttacksHow to Protect Against TDOS Attacks
How to Protect Against TDOS Attacks
Alan Percy
 
Webinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the TrenchesWebinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the Trenches
Withum
 
Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform Engineering
Marcus Vechiato
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
Safe Software
 

More Related Content

Similar to SHAKEN without the EARTHQUAKE - Blocking calls with STIR/SHAKEN in 2023

Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBC
TelcoBridges Inc.
 
Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBC
Alan Percy
 
Battling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENBattling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKEN
TelcoBridges Inc.
 
Battling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENBattling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKEN
Alan Percy
 
Vertical Selling Series - Professional Services Webinar v2.1
Vertical Selling Series - Professional Services Webinar v2.1Vertical Selling Series - Professional Services Webinar v2.1
Vertical Selling Series - Professional Services Webinar v2.1
Paul Rowe
 
2019_USA RSAConference_stir-shake-n-sip-to-stop-robocalling.pdf
2019_USA RSAConference_stir-shake-n-sip-to-stop-robocalling.pdf2019_USA RSAConference_stir-shake-n-sip-to-stop-robocalling.pdf
2019_USA RSAConference_stir-shake-n-sip-to-stop-robocalling.pdf
Lilminow
 
How to Protect Against TDOS Attacks
How to Protect Against TDOS AttacksHow to Protect Against TDOS Attacks
How to Protect Against TDOS Attacks
TelcoBridges Inc.
 
How to Protect Against TDOS Attacks
How to Protect Against TDOS AttacksHow to Protect Against TDOS Attacks
How to Protect Against TDOS Attacks
Alan Percy
 

Similar to SHAKEN without the EARTHQUAKE - Blocking calls with STIR/SHAKEN in 2023 (20)

Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBC
 
Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBC
 
How to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-TimeHow to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-Time
 
How to Prevent Telecom Fraud
How to Prevent Telecom FraudHow to Prevent Telecom Fraud
How to Prevent Telecom Fraud
 
How to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-TimeHow to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-Time
 
Passwords don't work multifactor controls do!
Passwords don't work multifactor controls do!Passwords don't work multifactor controls do!
Passwords don't work multifactor controls do!
 
5 Common Hosted VoIP Myths Debunked
5 Common Hosted VoIP Myths Debunked5 Common Hosted VoIP Myths Debunked
5 Common Hosted VoIP Myths Debunked
 
Hosted PBX- Should You Be a Provider or a Reseller?
Hosted PBX- Should You Be a Provider or a Reseller?Hosted PBX- Should You Be a Provider or a Reseller?
Hosted PBX- Should You Be a Provider or a Reseller?
 
Battling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENBattling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKEN
 
Battling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKENBattling Robocallers - How to Implement STIR-SHAKEN
Battling Robocallers - How to Implement STIR-SHAKEN
 
Vertical Selling Series - Professional Services Webinar v2.1
Vertical Selling Series - Professional Services Webinar v2.1Vertical Selling Series - Professional Services Webinar v2.1
Vertical Selling Series - Professional Services Webinar v2.1
 
How to choose a VoIP provider
How to choose a VoIP providerHow to choose a VoIP provider
How to choose a VoIP provider
 
2019_USA RSAConference_stir-shake-n-sip-to-stop-robocalling.pdf
2019_USA RSAConference_stir-shake-n-sip-to-stop-robocalling.pdf2019_USA RSAConference_stir-shake-n-sip-to-stop-robocalling.pdf
2019_USA RSAConference_stir-shake-n-sip-to-stop-robocalling.pdf
 
The Power of a Black List, the Promise of a White List
The Power of a Black List, the Promise of a White ListThe Power of a Black List, the Promise of a White List
The Power of a Black List, the Promise of a White List
 
5 Common Hosted VoIP Myths Debunked
5 Common Hosted VoIP Myths Debunked5 Common Hosted VoIP Myths Debunked
5 Common Hosted VoIP Myths Debunked
 
VoIP Security 101 what you need to know
VoIP Security 101 what you need to knowVoIP Security 101 what you need to know
VoIP Security 101 what you need to know
 
Effective STIR/SHAKEN and Robocall Solutions that Work Today
Effective STIR/SHAKEN and Robocall Solutions that Work TodayEffective STIR/SHAKEN and Robocall Solutions that Work Today
Effective STIR/SHAKEN and Robocall Solutions that Work Today
 
How to Protect Against TDOS Attacks
How to Protect Against TDOS AttacksHow to Protect Against TDOS Attacks
How to Protect Against TDOS Attacks
 
How to Protect Against TDOS Attacks
How to Protect Against TDOS AttacksHow to Protect Against TDOS Attacks
How to Protect Against TDOS Attacks
 
Webinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the TrenchesWebinar: Be Cyber Smart – Stories from the Trenches
Webinar: Be Cyber Smart – Stories from the Trenches
 

Recently uploaded

The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
Safe Software
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
panagenda
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
panagenda
 
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Paige Cruz
 
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Skynet Technologies
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
Srushith Repakula
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
Muhammad Subhan
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
FIDO Alliance
 

Recently uploaded (20)

Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform Engineering
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024
 
Vector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptxVector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptx
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
 
Generative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdfGenerative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdf
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
 
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
 
AI mind or machine power point presentation
AI mind or machine power point presentationAI mind or machine power point presentation
AI mind or machine power point presentation
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Event-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingEvent-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream Processing
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage Intacct
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptx
 

SHAKEN without the EARTHQUAKE - Blocking calls with STIR/SHAKEN in 2023

  • 2. 2 Faythe’s Story: Protecting Subscribers From Nuisance Calls Scenario: Voice service provider, managed by Faythe Largest client: A major contact center, operated by Bob Problem: Robocalls interfering with business operations
  • 3. 3 One Small Step for a Service Provider, One Giant Leap… The Solution: • Engineering team designs a nuisance call blocking solution to exploit the great STIR/SHAKEN data they're getting • They test the solution and put it into production
  • 4. 4 Plot Twist: Alice Calls Bob Next Day: • Alice in Atlanta tries to call Bob in Biloxi… but the call fails
  • 5. 5 Bob's Emergency • Bob's call center sales are plummeting. • Some calls are still coming in – but not many of them!
  • 6. 6 What's going on? • Faythe’s Service Provider is blocking calls without valid STIR/SHAKEN Identity • . . . and it’s causing a massive outage! • Between 25% and 75% of won't have valid Identity headers.
  • 7. 7 A Top-10 US-Based Voice Provider • Neustar / TransUnion • Sansay • Transnexus Our Source of Information ECG provides engineering staff for voice and internet service providers. Expert sources: Microsoft STIR/SHAKEN Providers AT&T
  • 8. 8 Let’s Talk Robocall Blocking 1 2 4 5 The Case of the Missing Identity For Service Providers, Size is an Advantage The Problem of the Third-Party Certificate Look at a Major, Legal Robocaller 3 6 Why Attestations Fail So, how should we do blocking?
  • 9. It's hard to verify an Identity header that isn't there. Key Limitation: TDM Gateways TDM Gateways use the 1960s-2000s technology and cannot natively deliver the STIR/SHAKEN Identity header
  • 10. How many Identity headers are making it through? Hiya - Calls from Mobile to Hiya Customers 89% Hiya - Calls from Non-Mobile Callers to Hiya Customers 54% Calls to TransNexus Clients 33% Enterprise To Mobile (Neustar) 20% Calls to Microsoft Clients 66% Calls to Service Provider SP-X - one of the top-10 US service providers 75% Goal of Authenticated calls delivery to all US Service Providers 100% Copyright 2023, ECG Inc.
  • 11. 11 Low Identity Header Availability "Neustar estimates that on average more than 80% of enterprise-to-mobile (consumer) calls do not receive any STIR/SHAKEN attestation."
  • 12. 12 Let’s Talk Robocall Blocking 1 2 4 5 The Case of the Missing Identity For Service Providers, Size is an Advantage The Problem of the Third-Party Certificate Look at a Major, Legal Robocaller 3 6 Why Attestations Fail So, how should we do blocking?
  • 13. 13 Disparity Between the Largest Providers: TDM In the US, large providers have more prolific SIP end-to-end (TDM-free) connections to most US phones compared to smaller providers. Some of the largest PSTN gateway providers: Bandwidth, CenturyLink, Sinch, Verizon Business Gateway providers have TDM infrastructure, which is not subject to Attestation requirements. Calls flowing through TDM do not have Identity headers.
  • 14. 14 One TDM Hop in a call can mean that no Identity header is delivered, or else a different one is created Caller Alice Callee Bob “Yellow” Originating Service Provider Intermediate Service Provider 1 Intermediate Service Provider 2 “Pink” Intermediate Service Provider 3 TDM SS7 Intermediate Service Provider 4 Intermediate Service Provider 5 Terminating Service Provider ? Copyright 2023, ECG Inc. C A A C C
  • 15. 15 Big Providers Have More Identity headers • Top-10 US provider: 75% of calls arrive with Identity headers • Microsoft: 66% of calls arrive with Identity headers • Big Providers are less dependent on TDM – -- more of their calls are SIP end-to-end
  • 16. 16 Let’s Talk Robocall Blocking 1 2 4 5 The Case of the Missing Identity For Service Providers, Size is an Advantage The Problem of the Third-Party Certificate Look at a Major, Legal Robocaller 3 6 Why Attestations Fail So, how should we do blocking?
  • 17. 17 Validation Errors Are Rampant Invalid Attestation. This is when the Identity header is delivered, but the Attestation fails validation for some reason. • Number Formatting / Mismatch Problems • Expired Certificate • Recycled Identity Header • Time Synchronization Problems
  • 18. 18 Number Formatting / Mismatch Problems Number formatting mismatch causing validation failure: To: <sip:2293160013@1.2.3.4;user=phone> Identity: Decodes as . . ."dest":{"tn":[ "2293160013" ]} Call forwarding causing validation failure: To: <sip:12296305555@1.2.3.4;user=phone> Identity: Decodes as . . . "dest":{"tn":[ "12293160013" ]}
  • 19. 19 Number Formatting / Mismatch Problems “Green” Originating Service Provider Intermediate Providers Terminating Service Provider Callee Bob Caller Alice A From: 2292442099 orig tn: 2292442099 Incorrect number formatting; missing CC A “Teal” Originating Service Provider Caller Frank A Date: 1970-01-01 Incorrect Date timestamp A “Red” Originating Service Provider Caller Dave A Certificate https://inacccessible Certificate inaccessible for Verification A “Purple” Originating Service Provider Caller Carlos A To: 12293160013 dest tn: 12296305553 Forwarded call, reused token A
  • 20. 20 Let’s Talk Robocall Blocking 1 2 4 5 The Case of the Missing Identity For Service Providers, Size is an Advantage The Problem of the Third-Party Certificate Look at a Major, Legal Robocaller 3 6 Why Attestations Fail So, how should we do blocking?
  • 21. 21 Quality Limitations – Even With Valid Attestations Limitation #1: Third Party Certificates The originating service provider doesn't sign; instead an intermediate SP signs with their own certificate. In effect, the PSTN Access Provider is saying they have a direct relationship with Alice – but they don’t. “Green” Originating Service Provider “Pink” Intermediate Service Provider 1 Other Intermediate Providers Terminating Service Provider Callee Bob Caller Alice 1 2 3 4 5 A A
  • 22. 22 I'm the originating service provider with a direct relationship to the calling end- user or enterprise, who is using their own number (which I've verified). A I'm the originating service provider with a direct relationship to the calling end- user or enterprise. B I'm receiving this call from another service provider, or from someone forwarding the call. C Quality Limitations – Even With Valid Attestations Limitation #2: Incorrect Attestations When C should be used, A or B are being used. Credit: Alec Finechel, TransNexus
  • 23. 23 Both TDM & Third-Party Certificates Allow Masking "The most valuable source of information in SHAKEN should be the identity of the originating service provider.“
  • 24. 24 I'm the originating service provider with a direct relationship to the calling end- user or enterprise, who is using their own number (which I've verified). A I'm the originating service provider with a direct relationship to the calling end- user or enterprise. B I'm receiving this call from another service provider, or from someone forwarding the call. C Quality Limitations – Even With Valid Attestations Some third-party certificate intermediate providers are only using A & B.
  • 25. 25 Let’s Talk Robocall Blocking 1 2 4 5 The Case of the Missing Identity For Service Providers, Size is an Advantage The Problem of the Third-Party Certificate Look at a Major, Legal Robocaller 3 6 Why Attestations Fail So, how should we do blocking?
  • 26. 26 90% attested, 10% not attested The Case of One Important Caller One US government caller places millions of robocalls per month. Potential explanation: About 10% of calls traverse TDM (From the perspective of one large service provider)
  • 27. 27 Let’s Talk Robocall Blocking 1 2 4 5 The Case of the Missing Identity For Service Providers, Size is an Advantage The Problem of the Third-Party Certificate Look at a Major, Legal Robocaller 3 6 Why Attestations Fail So, how should we do blocking?
  • 28. 28 SHAKEN Data Is Valuable for Traceback "The traceback value of STIR/SHAKEN has been and will continue to be useful. We believe that calls that ostensibly would be subject to spam tagging or blocking are going to be those from enterprises (landline) to (mobile) consumer." Traceback is the semi-manual process of tracking a call back to the originating service provider.
  • 29. 29 When is it advisable to block calls? Not yet • All experts advised against blocking based solely on available 2023 SHAKEN/STIR data. • How do you block calls with STIR/SHAKEN? • Action Item: Begin verifying and analyzing the STIR/SHAKEN data you are getting today. • Too many US service providers are sending Identity headers but not performing verification.
  • 30. 30 How should you handle blocking? • Analytics platforms to detect nuisance robocalling calling detection are crucial (e.g., TransNexus, Hiya, First Orion, TrueCNAM, TNS, Neustar, Mutare, Redshift) • Plumbing should be built to send STIR/SHAKEN data should be sent to the analytics platforms. • But some argue outright blocking will never be a good option: • Perhaps better to send it to voicemail (Microsoft) • Or send to a Voice Captcha (Mutare)
  • 31. 31 How should you handle blocking? Is SHAKEN Data useable for automated blocking and labeling today? Yes! "Calls signed with B-level attestation are far more more likely to be robocalls than unsigned calls." -- Transnexus Bottom Line: STIR/SHAKEN data will be useful in ways you don’t expect – and you need to get verification into all your analytics systems as soon as possible.
  • 32. Thank You! Ready for more effective call blocking? ECG’s experts are here to help. https://www.ecg.co/contact sales@e-c-group.com