How many times a day do you answer a call and it’s a robocall? Or there’s silence? If you’re like most people, you’ve probably lost count, but you know one thing. You hate these calls. They have become an epidemic, and all the number-blocking you and your employees do doesn’t seem to accomplish anything.

You’re not alone. These automated, dial-a-million-numbers-a-day assaults on phone users are universally despised. And no one seems to understand how the companies that make these calls can invest in equipment – even if it is cheap – and reap a benefit. There has to be a profitable success rate, perhaps just a handful of successful calls out of a million dialouts. That means someone, somewhere, must be responding to robocalls, as hard as that is to imagine.

From both the phone user and the carrier viewpoint, robocalls are a huge public menace. Only a tiny fraction of them serve any useful purpose, and the sheer numbers of them eat up precious network resources. In the enterprise, they hamper productivity, interrupt the flow of business, and can pose security risks.

Those few that are worthwhile, from legitimate enterprises, are actually declining. Companies are abandoning that direct marketing channel to their customers and potential customers because of the stigma that has become attached to them. The bad has crowded out the good.

For a while, the problem was sort of manageable. You were able to ignore such calls. But with the massive volume of them, plus their ability to spoof legitimate numbers or mimic numbers you might be inclined to answer, we have reached a critical mass.

Some users have taken the extreme defensive position of limiting their call answering to numbers that are already in their contact lists. But then they close themselves off from callers who may be trying to reach them for very legitimate reasons, even emergencies.

From the carrier perspective, our problem is that we have no ability to easily screen the calls that are coming through the network if they originate from an alien place, somewhere that is not part of our trunking routine, yet enter our network through legitimate methods.

STIR/SHAKEN

The Federal Communications Commission since 2014 has been encouraging the telecommunications industry to develop a solution to stop robocalls and spoofed calling numbers. The industry’s response has been to develop a new technology standard called STIR (Secure Telephony Identity Revisited) and SHAKEN (Secure Handling of Asserted information using toKENs) which defines how telephone service providers should implement the STIR technology to ensure calling numbers are not spoofed.

STIR/SHAKEN uses digital certificates, based on common public key cryptography techniques, to ensure the calling number of a telephone call is secure and that the entity that originates a call is entitled to use the phone number that is displayed.

In simple terms, each telephone service provider obtains their digital certificate from a certificate authority who is trusted by other telephone service providers. The certificate technology enables the called party to verify that the calling number is accurate and has not been spoofed.

With that in place, you have to ask, why are you still getting bombarded with junk calls? The answer is complicated, in part because the bad actors are crafty.

The missing puzzle piece

What is needed is verification of an “enterprise” and the associated identity/call numbers for a time period to be made available for all service providers to verify the call correctly.

The answer may lie in using distributed ledger technology / blockchain to work in tandem with STIR/SHAKEN technology.

There is a task force at ATIS, the Alliance for Telecommunications Industry Solutions, that is preparing a robocall-stopping solution proof of concept based on ledger technology. It extends the idea of known and trusted entities to validate legitimate calls.

Essentially, this ledger technology would be baked into the code, below the carriers’ trunking mechanisms, and serve to whitelist and blacklist who can use numbers legitimately and control screen displays.

Ledger technology involves the processes and related technologies that enable nodes in a network to securely propose, validate, and record updates to a synchronized ledger that is distributed across the network’s nodes. In the context of Know Your Customer, ledger technology provides a data-sharing framework that addresses the access control challenges associated with sensitive data stored in the cloud using immutability and built-in autonomy properties.

It’s about trust

Just like other uses for ledger technology that we have talked about, this comes down to trust. The caller is saying “you can trust me” and that is validated to the called party so that it is clear the call is indeed legitimate and trustworthy.

The Know Your Customer approach verifies an enterprise and assigns it an immutable identity in the distributed ledger, which the carrier then associates with the telephone number for verification purposes. That dovetails with STIR/SHAKEN, to link the distributed ledger at the call origination to the call termination, with immutable verification. That certainly addresses the spoofed number issue.

There is no doubt the ultimate robocall solution must come from deeper within the network, an area that is starting to be addressed by the carrier community today. For everyone frustrated with these calls, the good news is that we’re working toward that solution.