Initially, the public telephone network was a tightly closed and fully controlled environment under the direct authority of telephone companies. Those companies had direct business relationships with each and every end customer. Customers placed calls on devices provided to them by the telephone company and accessed the network over circuits that were also provided by the telephone company. The system was closed and trust in the integrity of the network was both implicit and guaranteed.
The only person who could make a call with someone’s caller ID was that person themselves. Connectivity to the PSTN was technically complex, capital intensive and required considerable technical skill. In effect, yesterday’s telephone network was protected by a closed and impenetrable wall of technology and capital.
Today’s public telephone network is based on open standards and ubiquitously available IP technology (SIP, VoIP). We have all benefited from the growth of the global IP network, but we have also suffered some unintended consequences. Today, it is possible for a fraudster to originate a call using a spoofed caller ID with very little incremental technology and only a modicum of technical skill. With this technical sleight of hand so easily accomplished, fraudsters have gleefully and energetically devoted themselves to taking full advantage of the opportunities it presents.
Solving this problem requires reasserting the impenetrable wall around the telecom network that once existed. We cannot return the public telephone network to the technology of days gone by of course, and so we must attack this very modern problem with equally modern solutions.
One approach that has been used with limited success is to identify the fraudsters by their “fingerprints” – they place mass calls from the same circuits, those calls are often of short duration and the called party is usually the one to disconnect (except in the case of Wangiri, where the calling party is the one to disconnect).
Detailed and real time analytics, applied across the whole network, can identify at least a subset of fraudsters after the fact and shut them down. In the best case, real time monitoring equipment can detect them in the act and reject their calls. While useful, this approach has achieved only limited success because the fraudsters are as technically savvy as the people trying to shut them down and they can quickly change their attack vectors. The result is a constant game of “whack-a-mole”, which reduces the problem somewhat, but cannot solve it.
A New Perspective
A better solution is to flip this paradigm on its head and examine the problem from the other side. While it is difficult to consistently identify the fraudulent callers, it is actually quite easy to consistently identify the legitimate callers. If the public telephone network could identify calls from known legitimate callers, then mark them in some way that would travel with them as they progressed across the network and finally, only allow marked, legitimate calls to be delivered, the result would be the creation of a virtual impenetrable wall around legitimate calls traveling across the public telephone network.
The fraudsters, outside this wall, would be locked out with no way in. This fundamental principle (identify and facilitate the known trusted calls while leaving all others to be presumed suspect) is the guiding principle behind the STIR/SHAKEN set of standards.
STIR/SHAKEN (Secure Telephone Identity Revisited/Secure Handling of Asserted Information Using ToKENs) is an unusual and somewhat humorous name for a technologically advanced anti-spoofing approach. The name can only be explained by observing that engineers like to have their fun even while working in the deepest levels of technology. Per the above, STIR/SHAKEN is an implementation of the idea of marking calls from known trusted callers.
STIR/SHAKEN allows service providers to digitally sign calls from known and trusted callers in a way that cannot be tampered with as the call flows through the network. The mathematical principles behind the signing mechanism ensure that any tampering, such as replaying valid signatures into other calls, will fail a downstream signature verification process.
This is exactly what a terminating service provider does with signed incoming calls – it mathematically verifies the call signature. If the call signature validates successfully, an indication to this effect is delivered with the call as it is terminated. The inverse is true as well. If there is no signature, or if the call signature fails validation, the recipient of the call is alerted to this fact as well. The fraudsters are immediately visible and their calls are no longer accepted by their intended victims. Trust is restored.
With STIR/SHAKEN deployed, the impenetrable wall surrounding the public telephone network is re-asserted for known, trusted callers, and a network-wide wall of trust is built up around them through the process of call signing and verification. The calls and callers inside this “wall of trust” are generally referred to as being inside the “STIR/SHAKEN trust network”. Fraudsters are left outside, with no way in.
Contact firstname.lastname@example.org for further details.