Robocall Mitigation in lieu of STIR/SHAKEN
The FCC is mandating that service providers must fully implement STIR/SHAKEN or certify that they are taking reasonable steps to avoid originating illegal robocall traffic in the portions of their network where STIR/SHAKEN can't be implemented. They have also declined to specify what those steps might be, though there may be more information available when they clarify the certification process by March 30th. What steps are people taking to meet this robocall mitigation requirement when STIR/SHAKEN is not able to be implemented? David
Well, a number of bright-eyed, bushy-tailed, enterprising eager beavers have ploughed full-on into the dubious business ? more superstition than science ? of proprietary reputation-scoring / spam risk-scoring for numbers. Nothing more exciting to the entrepreneurial element than an opportunity to provide a knock-off of a regulatory requirement that falls just a millimetre shy of overt intellectually fraud. I imagine querying one of those services? database of numbers scraped from the National Association of Ignoble Car Warranty Merchants or Ashley Madison or whatever ... could be construed to the gullible as a ?good?-faith effort at robocall mitigation. It?s an A-for-effort kind of cultural moment anyhow. ? Sent from mobile, with due apologies for brevity and errors.
On Mar 9, 2021, at 7:32 PM, Zilk, David <David.Zilk at cdk.com> wrote:
?
The FCC is mandating that service providers must fully implement STIR/SHAKEN or certify that they are taking reasonable steps to avoid originating illegal robocall traffic in the portions of their network where STIR/SHAKEN can?t be implemented. They have also declined to specify what those steps might be, though there may be more information available when they clarify the certification process by March 30th.
What steps are people taking to meet this robocall mitigation requirement when STIR/SHAKEN is not able to be implemented?
David
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
You may want to consider integrating with a reputation service provider that provides A) real-time data, and B) works closely with the Industry Traceback Group to identify the real problem traffic, rather than the "legal nuisance" traffic. This is a non-apologetic name drop for *YouMail*, but other names out there are TrueCNAM, Robokiller, First Orion, Hiya, Nomorobo. If you are looking for a drop-in solution, TransNexus ClearIP or NexOSS may work for you. We chose to roll our own using OpenSIPS and localized data sources with caching to keep latency low. I'd be happy to discuss this further but can't reveal the 11 herbs and spices or the way we prepare the special sauce. Regards, *Calvin Ellison* Systems Architect calvin.ellison at voxox.com +1 (213) 285-0555 ----------------------------------------------- *voxox.com <http://www.voxox.com/> * 5825 Oberlin Drive, Suite 5 San Diego, CA 92121 [image: Voxox] On Tue, Mar 9, 2021 at 5:22 PM Alex Balashov <abalashov at evaristesys.com> wrote:
Well, a number of bright-eyed, bushy-tailed, enterprising eager beavers have ploughed full-on into the dubious business ? more superstition than science ? of proprietary reputation-scoring / spam risk-scoring for numbers. Nothing more exciting to the entrepreneurial element than an opportunity to provide a knock-off of a regulatory requirement that falls just a millimetre shy of overt intellectually fraud.
I imagine querying one of those services? database of numbers scraped from the National Association of Ignoble Car Warranty Merchants or Ashley Madison or whatever ... could be construed to the gullible as a ?good?-faith effort at robocall mitigation. It?s an A-for-effort kind of cultural moment anyhow.
? Sent from mobile, with due apologies for brevity and errors.
On Mar 9, 2021, at 7:32 PM, Zilk, David <David.Zilk at cdk.com> wrote:
?
The FCC is mandating that service providers must fully implement STIR/SHAKEN or certify that they are taking reasonable steps to avoid originating illegal robocall traffic in the portions of their network where STIR/SHAKEN can?t be implemented. They have also declined to specify what those steps might be, though there may be more information available when they clarify the certification process by March 30th.
What steps are people taking to meet this robocall mitigation requirement when STIR/SHAKEN is not able to be implemented?
David
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
I don't know if this will pass muster or not, and I don't think it will be too long before we can have full S/S up and running anyway, but we don't allow and have never allowed any of our customers to send a value for CLID that does not match a number linked to their account. Full stop. If they transmit a number that isn't actually provisioned on their account, we don't block the call, but the CLID gets forcibly overwritten with their BTN instead. We simply won't allow a CLID spoof. Now, if they want to use us only for some of their term & have a bunch of numbers from another provider that they wish to source calls from through us, we will whitelist those numbers on their account on our side, but only after they have first supplied us with sufficient documentation / proof of ownership of those numbers. -- Nathan Anderson First Step Internet, LLC nathana at fsr.com<mailto:nathana at fsr.com> From: VoiceOps [mailto:voiceops-bounces at voiceops.org] On Behalf Of Zilk, David Sent: Tuesday, March 9, 2021 4:31 PM To: Voiceops.org Subject: [VoiceOps] Robocall Mitigation in lieu of STIR/SHAKEN The FCC is mandating that service providers must fully implement STIR/SHAKEN or certify that they are taking reasonable steps to avoid originating illegal robocall traffic in the portions of their network where STIR/SHAKEN can't be implemented. They have also declined to specify what those steps might be, though there may be more information available when they clarify the certification process by March 30th. What steps are people taking to meet this robocall mitigation requirement when STIR/SHAKEN is not able to be implemented? David
I suspect that will more than pass muster, given it's what we're expected to do under S/S but more thorough, with hard know your customer enforcement.
On Mar 11, 2021, at 1:22 AM, Nathan Anderson <nathana at fsr.com> wrote:
I don't know if this will pass muster or not, and I don't think it will be too long before we can have full S/S up and running anyway, but we don't allow and have never allowed any of our customers to send a value for CLID that does not match a number linked to their account. Full stop. If they transmit a number that isn't actually provisioned on their account, we don't block the call, but the CLID gets forcibly overwritten with their BTN instead. We simply won't allow a CLID spoof.
Now, if they want to use us only for some of their term & have a bunch of numbers from another provider that they wish to source calls from through us, we will whitelist those numbers on their account on our side, but only after they have first supplied us with sufficient documentation / proof of ownership of those numbers.
-- Nathan Anderson First Step Internet, LLC nathana at fsr.com <mailto:nathana at fsr.com> ? <> From: VoiceOps [mailto:voiceops-bounces at voiceops.org] On Behalf Of Zilk, David Sent: Tuesday, March 9, 2021 4:31 PM To: Voiceops.org Subject: [VoiceOps] Robocall Mitigation in lieu of STIR/SHAKEN
The FCC is mandating that service providers must fully implement STIR/SHAKEN or certify that they are taking reasonable steps to avoid originating illegal robocall traffic in the portions of their network where STIR/SHAKEN can?t be implemented. They have also declined to specify what those steps might be, though there may be more information available when they clarify the certification process by March 30th.
What steps are people taking to meet this robocall mitigation requirement when STIR/SHAKEN is not able to be implemented?
David
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
participants (5)
-
abalashov@evaristesys.com -
calvin.ellison@voxox.com -
David.Zilk@cdk.com -
nathana@fsr.com -
paul@timmins.net