The phone industry has a clever plan to stop spam
Post# of 27037
https://finance.yahoo.com/news/phone-industry...08674.html
The deluge of spam robocalls has reached incredible heights this year, with up to 2.6 billion occurring in the month of May alone, according to the Federal Communications Commission. And it’s showing no signs of slowing down as calls are cheaper than ever to make on a massive scale.
On the other side of the table, a suite of companies, government agencies, and trade groups are all working to solve the horrible scam. And the good news is that these groups have a plan.
Despite bureaucratic challenges and an incredibly slow-moving and complex telecommunications industry, solutions are being fast tracked. The fight against robocalls is a top priority of FCC Chair Ajit Pai, and if everything goes well, the tide may turn in the robocall war in 2018.
The key to solving the robocall spam issue is putting an end to spoofing, which is when a fake caller ID shows up. According to the FCC, caller ID spoofing is the most treacherous aspect of robocalls, since people generally take caller ID at face value, which enables scams.
A license to block
In the telecommunications system, there are a series of numbers that are never assigned to anyone, and spammers sometimes use them. If a call originates with one of these numbers as its caller ID, phone companies know those numbers aren’t valid, but they rarely block the calls.
“Up until now this has been difficult due to call completion rules,” said Chris Drake, chief technology officer at iconectiv, a former Bell company that is developing anti-spoofing solutions in the robocall war. “Any blocking needs to be reported to the FCC in case there’s gamesmanship for competition.”
In March, the FCC proposed rules that would give carriers express permission to finally block these unassigned numbers without worrying about falling afoul of anticompetitive laws. With that in its pocket, carriers could also block numbers that aren’t currently in use and numbers that are likely spoofed, such as numbers for the Internal Revenue Service, which is frequently impersonated. For example, the IRS has many incoming-only numbers, so calls from those numbers are always fake and could be reasonably blocked by carriers.
Unfortunately, however, many scammers are ruthless professionals that are not sloppy. According to Drake, studies show that many scammers don’t just use the “impossible” numbers but instead are able to fake real caller IDs, perhaps to a number that looks similar to yours so you have a higher probability of picking up the call.
“No good scammer is dumb enough to use an area code that’s not real,” said Drake. “The FCC opening up call blocking is an important precedent, and as the carriers start to look for other patterns other than what the caller ID says it is a good start.” In the future, they may have to look for bizarre outgoing call patterns, crazy high call volume, and other things beyond caller ID.
How to have trustworthy caller ID
“This FCC suite of proceedings is a great step forward, but we’re gonna need repertoire of mitigation techniques,” says Drake.
If and when the FCC proposal takes effect and gives phone companies authority to block calls, solving the robocall problem will then lead to having to address spoofing. With the power to block robocalls, the problem becomes identifying them.
The antibody to spoofed caller ID may be cryptographic caller ID keys in a “public key infrastructure” (PKI), which would be a high-tech way for a phone that’s making a call and a phone receiving a call to verify the caller’s identity.
According to Drake, who is working on this technology at iconectiv, the process is very similar to secure email. “They basically sign that email with a cryptographic identifier that can be recomputed by the far end to prove nobody tampered with it,” he said. “They’re doing the same thing with caller ID.”
With a system like that in place, a phone company could block calls at the consumer’s demand — or send calls automatically to voicemail.
When it might get better
The FCC’s open meeting on Nov. 16 will outline the path forward. But there’s still so much to be ironed out. How do you fix accidentally blocked calls? What should the caller hear if their outgoing call is blocked — Nothing? Ringing? A busy signal? How do you communicate with consumers effectively about their options, and with a measure of standardization?
And most of all, how do you deal with the patchwork of carriers, technologies, cellphones, and “black” phones (the industry term for a non-smartphone).
“Sometimes you’re terminating a call to a mobile phone, but sometimes it’s gonna be on a black phone in Montana and there’s no display at all — or a 30 character cordless phone display of one line,” said Drake. “It’s a very complicated problem.”
Should cryptographic keys be ratified as the path forward, we may see this technology come in stages. Cryptographic keys only work with next-gen operators, and not every network has these connections, like small, subsidized phone companies that are simply there to provide coverage of the entire country. The industry expects the FCC to bless a glide path of adoption sometime this year, which will be different for various players in the industry.
“Those big operators will go first, then middle tier,” said Drake. “Rurals will have a lot of trouble getting into the scheme. But the FCC will recognize that and I expect their glide path to be accommodating.”
Though it may seem hard to believe, Drake expects solutions will be in place within a year, should the FCC’s agenda move forward.
“If you’re on a big carrier, it should hit your phone in the second half of 2018, assuming nothing interferes,” he said.
As it starts rolling out to more networks, robocalls will hopefully begin to subside. So, what then? There is a vision held by many people in the phone industry, one that Drake has: “This is an attempt to get people to start answering the phone again.”