Today, the Federal Communications Commission (FCC) held the SHAKEN/STIR Robocall Summit, led by Chairman Ajit Pai. The focus for the summit was to discuss the current state of efforts to stop robocalls and Caller ID spoofing and discuss the U.S. implementation of a new global standard called SHAKEN/STIR. Defined by the Alliance for Telecommunications Industry Solutions (ATIS) as the global standard for all telephony providers, SHAKEN/STIR introduces cryptographic security to assert and validate Caller ID information for every call in the world. SHAKEN/STIR stands for Signature-based Handling of Asserted information using toKEN/Secure Telephone Identity Revisited. How does it all work? We have created a diagram to illustrate the steps, available for download here.
Leveraging features in Public Key Infrastructure (PKI), SHAKEN/STIR will be governed in the United States as a joint effort of the Internet Engineering Task Force (IETF) the U.S. Secure Telephony Identity Governance Authority (STI-GA). Each country outside the U.S. will be responsible for establishing its own governing authority. With SHAKEN/STIR, the originating telephony company is responsible for identifying and assigning Caller ID details for each call that is placed through its services. This eliminates the decades-old approach of allowing the originator of a call to specify their Caller ID details. With stronger identities asserted, telephony providers have stronger tools available to warn recipients and even block calls before they are ever received.
Today’s summit summarized the current state of SHAKEN/STIR in the U.S., specifically, the awarding of the Policy Administrator role via RFP to iconectiv. Iconectiv, under the direction of the STI-GA, will be responsible for defining, operating, and managing the U.S. SHAKEN/STIR ecosystem. Additionally, today existing major telcos including T-Mobile, Verizon, and AT&T discussed their current rollouts and implementation readiness for SHAKEN/STIR.
Customer advocacy groups spoke about the importance of SHAKEN/STIR to prevent fraud, disruptions, and safety of their various members and parts of the community. The impact of robocalls is hitting every walk of life and is not only a nuisance but often signals fraudulent intent and theft.
Lastly, smaller telcos discussed challenges to their organizations to implement the strong controls and requirements of SHAKEN/STIR. The PKI infrastructure, security, and operations of a strong identity system are highly specialized areas that many organizations lack and as a result, turn to industry experts for advice and assistance. It is undoubtedly clear that many of the 2,000 U.S. telcos are in this space and will require some manner of outside assistance to get it right.
This summit was a great opportunity for all parts of the ecosystem that make up SHAKEN/STIR to showcase their focus on improving the telephony experience of every person living in the U.S. There is a lot of work that remains to be done and it will require a lot of new PKI deployments, stronger controls, and operations and a myriad of other factors to all come together to improve the space.