In December 2020, the FCC released its latest order of the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) act. This new order encourages Communication Service Providers (CSP) in the US to block unwanted voice calls by extending the methods used in blocking these illegal calls and to make it easier to identify and fix erroneous blocked calls.
This new mandate refers to the typical situations where either the initiator of a call cannot be trusted or when calls are received from other networks without being secured by STIR/SHAKEN caller ID authentication information. While the US nationwide rollout of STIR/SHAKEN is underway, a majority of voice calls between CSP networks and on routes with foreign networks, will not have STIR/SHAKEN authentication information.
This latest FCC ruling circles around the new requirements for CSPs to stop illegal traffic on their networks as stated in the following summary:
“With this order we take further steps to implement the TRACED Act and require voice service providers to better police their networks. First, we require all voice service providers to take steps to stop illegal traffic on their networks and assist the Commission, law enforcement, and the Consortium in tracking down callers that make such calls. Second, we expand our safe harbor to include network-based blocking based on reasonable analytics that incorporate caller ID authentication information designed to identify calls that are highly likely to be illegal, if this blocking is managed with human oversight and network monitoring sufficient to ensure that blocking is working as intended. Third, we require that voice service providers that block calls disclose such blocking, establish a dispute resolution process to correct erroneous blocking, and promptly resolve disputes.”
With this expansion of the safe harbor, CSPs are mandated to implement some form of analytics to screen voice calls to determine if a call may proceed or needs to be rejected if the caller ID suggests an illegal actor. Interesting here are the phrases “reasonable analytics”, “highly likely” and “sufficient to ensure” in combination with the requirement that CSPs need to implement a process to mitigate erroneous blocking conditions. This combination of requirements in the new FCC ruling admits the subtle balance between “good” and “bad” calls, and in particular points to the grey area of false positives for the category of calls that are not accompanied with trustable caller ID authentication information added by STIR/SHAKEN.
This balance in the new FCC ruling leaves room for CSPs to implement a network-based blocking solution to be in compliance with TRACED. Initially this may be a simple analytics-based call blocking solution that would be enhanced over time to become a full STIR/SHAKEN implementation. This may result in an intelligent deployment strategy that will avoid an over-investment in analytics, in the fortunate situation that in due time STIR/SHAKEN will answer its expectations of reducing a high percentage of nuisance calls. This strategy also allows for timely adjustments and optimized investments, with an analytics solution that can evolve gradually and best acts upon the risks of bypass traffic routes.
The simplest form of network-based blocking, and a very effective way to detect and mitigate scam and fraud calls, can be achieved with a real-time gauges capability that can be used to identify one-to-many call sources. This can be further conditioned with follow-on rules such as short call durations, high percentages of A-party disconnects where the call duration is short (possible Wangiri fraud) and percentage of B-party disconnects where the call duration is short (possible generally fraudulent calling).
Smaller CSPs may be challenged by this new FCC ruling given their limited financial and human resources. Although on one hand subscribers will become better secured against abusive call actors with network-based blocking traffic policies, on the other hand subscribers become frustrated if they cannot make outgoing calls or become unreachable for specific callers. The latter is definitely not in the interest of any CSP since it may undermine its brand and reputation and likely will involve extra costs for customer complaint handling and the risk of declining revenues with customer churn.
The category of smaller CSPs can be best served with a cloud-based solution offering to address a network blocking based solution. A simple combination of traffic routing analysis and essential traffic checks may already be satisfying as a solution for the network-based blocking requirement. In particular, if complemented with a comprehensive reporting capability that optimally assist the operational staff with real-time reports of blocked calls could be enabled for corrective actions if calls are erroneously blocked. The same cloud-based solution may then regularly be improved to reduce false positives and onboard improvements to become more effective. Depending on the specific situation, the solution can be integrated with the STIR/SHAKEN call validation solutions as well as other network-based call treatment and routing solutions like number portability.
With its active and leading participation in the standardization of the STIR/SHAKEN solutions and the security and anti-fraud solutions in ATIS, GSMA and i3forum, NetNumber is on top of the recent developments and a serious conversation partner in the industry to assist CSPs with deciding on their most effective and investment friendly implementation. This includes our well-known track record among both leading and smaller CSPs for centralized routing and signaling security solutions with on-premise deployment models, cloud-based outsourcing service arrangements and the newest cloud-native virtualized interGENerational solutions.
This blog was written by Pieter Veenstra, Senior Manager Product Development – Security and Routing, NetNumber