We live in very uncertain times and while it sounds revolting, there are always those who will take advantage of that fear and uncertainty to make a quick profit. Fraudulent calls, especially the automated ones called “robocalls”, have always been a menace, especially in the US, costing Americans billions per year on both wasted time as well as fraudulent transactions. There have been many proposed solutions to this problem but now the FCC is putting its foot down and is making the STIR/SHAKEN a requirement by June next year.
Robocalls are able to sow confusion and wreak havoc through an almost simple technique of spoofing. In a nutshell, these calls use Voice over IP (VoIP) systems that can be located anywhere in the world to start a call and then spoof the actual phone number that gets displayed on the recipient’s phone. In other words, the recipient or even some caller ID will presume it’s a legitimate call based on the number.
The STIR/SHAKEN pair of protocols try to make that harder to pull off by adding digital certificates to the information that’s used to start and route calls over VoIP. They’re meant to ensure that callers are who they really are, regardless of what number they’re trying to force on the authentication system.
The FCC already gave its thumbs up to STIR/SHAKEN but mostly as a recommendation to encourage carriers. Now backed by the Congress’ TRACED Act, the commission is requiring all originating and terminating voice service providers to implement the protocol by June 30, 2021.
STIR/SHAKEN is not a magic panacea that will immediately fix the robocall problem once operators flip the switch. In addition to implementing it within their own network, carriers will have to make sure calls coming from or going to other networks work with their implementation as well. All kinds of phones, from smartphones to landlines with caller IDs, will also have to be updated to support the technology. Fortunately, all players have more than a year to make that happen.