Important NNI Task Force Announcement:
TRACED ACT Signed Into Law and the U.S. Federal Communications Commission Mandates Adoption of STIR/SHAKEN Call Authentication Framework developed by the SIP Forum/ATIS NNI Task Force.
With the recent signing into law of the “Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act”, or the “TRACED Act” (S.151), by President Trump on December 30, 2019, there is new urgency surrounding the deployment of STIR/SHAKEN within the telecommunications industry.
In addition, on March 31, 2020, the United States Federal Communications Commission adopted new rules requiring implementation of caller ID authentication using “STIR/SHAKEN.” These rules will further the FCC’s efforts to protect consumers against malicious caller ID “spoofing,” which is often used during robocall scam campaigns to trick consumers into answering their phones.
The TRACED Act authorizes the Federal Communications Commission (FCC) to issue additional civil penalties on individuals who intentionally violate restrictions on the use of automated telephone equipment (i.e., illegal robocalls and spoofing); and directs the FCC to require voice service providers to offer call authentication technologies (i.e., STIR/SHAKEN) to consumers.
About the SIP Forum/ATIS NNI Task Force
The global communications industry is currently in the midst of an important transition from the legacy PSTN (Public Switched Telephone Network) infrastructure to a newer, more advanced SIP (Session Initiation Protocol) and IP-based infrastructure. Today, many advanced services cannot reliably work end-to-end because the interconnection between service providers often still occurs via the PSTN’s TDM-based (Time Division Multiplexing) facilities.
Although IP-based SIP interconnection between service providers is increasingly common, each agreement must be negotiated and engineered on a case-by-case basis, leading to duplication of effort. Typically, equipment, such as Session Border Controllers, is used to “normalize” the protocol at the edge of each network to ensure the interconnection will work. The overall effect is to significantly increase the operational and capital cost of SIP/IP-based interconnection. In addition, there is no commonly-agreed methodology on how to translate phone numbers for routing data for SIP-IP interconnection.
The Alliance for Telecommunications Solutions (ATIS) and the SIP Forum formed a Joint Network-to-Network Interface Task Force to fully specify an IP communications network-to-network interface between North American service providers. The Joint Task Force will enable the goal, identified in the United States National Broadband Plan, of ensuring all service interconnection between providers occur at the Internet Protocol (IP) level. By enabling ubiquitous IP-based interconnection, the Task Force supports wide-scale availability of IP-based voice services, and for laying the groundwork for ubiquitous advanced real-time communications such as high-definition voice, point-to-point video calling, and multimedia text across wireless, wireline and cable providers.
The SHAKEN Call Authentication Framework
To address unwanted and illegal Robocalls, ATIS and the SIP Forum have been working to develop standards to verify and authenticate caller identification for calls carried over an Internet Protocol (IP) network using the Session Initiation Protocol (SIP). The ATIS and SIP Forum work consists of a three-phase approach to solving the issue of caller identification, using a digital certificate scheme to “verify and authenticate caller identification for calls carried over an Internet Protocol (IP) network.”
Phase 1 (completed) consists of the development of the SHAKEN framework, based on the protocols developed by the IETF’s STIR working group (the STIR framework), and describes the operations necessary for making an authenticated telephone call using the SHAKEN framework.
Phase 2 (completed) consists of the development of a “Governance Model and Certificate Management for the Trust Anchor,” describing the way in which entities will be granted the trust necessary to vouch for call authenticity, and the organizational structures needed to manage this process. Specifically, this work introduces a governance model and defines X.509 certificate management procedures. Certificate management provides mechanisms for validation of a certificate and verification of the associated digital signature, allowing for the identification of illegitimate use of national telecommunications infrastructure.
Phase 3 consists of the development of a “Call Validation Display Framework” that will recommend how to display SHAKEN/STIR information to consumers. Phase 3 is still being developed by ATIS and the SIP Forum.
How to Join the Effort
Participation in the ATIS/SIP Forum Joint Task Force is currently open to ATIS and/or SIP Forum members.
To join the effort, you must already be an Individual “Participant” Member of the SIP Forum. This membership is completely FREE.
If you are not yet a Participant Member, please register. (Note: This link will take you to a quick and easy online form).
Once you are registered, please visit the NNI Task Group Charter page.
At the top of the charter page, you will find a link to subscribe to the NNI TF Mailing List.
SHAKEN and Other NNI Task Force Documentation
The following documents produced by the NNI Task Force are available for download:
- Joint ATIS/SIP Forum Standard – Signature-Based Handling of Asserted Information Using Tokens (SHAKEN): Governance Model and Certificate Management.This is the PDF version of the ratified standard. This specification expands the SHAKEN framework, introducing a governance model and defining X.509 certificate management procedures. Certificate management provides mechanisms for validation of a certificate and verification of the associated digital signature, allowing for the identification of illegitimate use of national telecommunications infrastructure. Published on July 11, 2017.
- Signature-based Handling of Asserted information using toKENs (SHAKEN)
This is the PDF version of the ratified NNI Task Force “SHAKEN” document. Signature-based Handling of Asserted information using toKENs (SHAKEN) is an industry framework for managing the deployment of Secure Telephone Identity (STI) technologies with the purpose of providing end-to-end cryptographic authentication and verification of the telephone identity and other information in an IP-based service provider voice network. This specification defines the framework for telephone service providers to create signatures in SIP and validate initiators of signatures. It defines the various classes of signers and how the verification of a signature can be used towards the mitigation and identification of illegitimate use of national telecommunications infrastructure and to protect its users.
- Technical Report on a Framework for Display of Verified Caller ID. The Technical Report on a Framework for Display of Verified Caller ID provides a framework for signaling verified Caller ID information from the network to a User Equipment (UE), and displaying the information on the UE in a uniform manner, independent of technology. The goal is to produce display guidelines that help meet the goals of regulators and consumer protection agencies for empowering consumers with simple and effective information on the displayed Caller ID. This will help consumers know if a call is from who it says it is from so they can make an informed decision on whether to answer.
- Technical Report on SHAKEN API for a Centralized Signing and Signature Validation Server. The Technical Report on SHAKEN API for a Centralized Signing and Signature Validation Server provides additional detail on one possible implementation of the SHAKEN specification in service provider networks. It defines a RESTful interface (API) that can be used in the SHAKEN framework to interface with a centralized server to sign and verify telephony identity for multiple nodes within a network. Implementing SHAKEN authentication and verification functions in a centralized server that can be accessed via an API supports cloud-based implementations and is designed to enable a more cost-effective network deployment.
- Technical Report on Operational and Management Considerations for SHAKEN STI Certification Authorities and Policy Administrators. This document provides operational and management considerations for the Certification Authorities with the SHAKEN Governance Model and Certificate Management framework. It introduces considerations for the STI Policy Administrator in managing the list of valid STI CAs and authorized Service Providers, as well as general operational and policy considerations for PKI. This document introduces those aspects which are unique to the SHAKEN use of PKI.
- Joint ATIS/SIP FORUM Technical Report – IP NNI Profile
This is the ratified version of the IP NNI Profile Specification, published by the joint ATIS/SIP Forum NNI Task Force. The IP-NNI Profile Specification defines a reference architecture and specifications for both the protocol and media as it appears “on-the-wire” at interconnect points. The specifications reference commonly used IETF, 3GPP, and other related industry specifications and identify protocol extensions and capability information needed for all-IP telephony peering.
- Joint ATIS/SIP Forum Technical Report – IP Interconnection Routing
This is the ratified version of the IP Interconnection Routing Report, published by the joint ATIS/SIP Forum NNI Task Force. The IP-NNI Routing Technical Report documents mechanisms for identifying the preferred IP interconnection point for a given TN. This report presents multiple views of current IP interconnection mechanisms based on aggregate PSTN constructs, interim solutions based on all-IP routing using a per-TN registry, and a consideration of hybrid approaches across both mechanisms during the transition to all-IP.
NNI Task Force SHAKEN Presentations
Please find below a sampling of presentations about STIR/SHAKEN-related topics that are available for download:
- Overview of the STIR / SHAKEN Framework and Current NNI Task Force Milestones. This presentation was given by Martin Dolly, AT&T, and Co-Chair of the NNI Task Force during SIPNOC 2019.
- Overview and Update of the Secure Telephone Identity Governance Authority. This presentation was given by Presented by Linda Vandeloop, AVP External Affairs/Regulatory, AT&T and Chair, STI Governance Authority, during SIPNOC 2019.
- Operational Aspects of the STI-PA Policy Administrator including lessons learned on Certificate Management.. This presentation was given by Mary Barnes, SIP Forum, during SIPNOC 2019.
- Call Validation Display Framework: Challenges and Opportunities. What Do We Show to the Consumer?. This presentation was given by Richard Shockey SIP Forum Chairman, during SIPNOC 2018.
- Considerations Surrounding Enterprise Delegated Certificates. This presentation was given by Chris Wendt, Principle Architect, IP Communications and Services, Comcast, Director, SIP Forum, and Co-Chair of the NNI Task Force, during SIPNOC 2019.
- Introduction to Digital Signatures, Certificates and PKI.. This presentation was given by Russ Housley, Principal, Vigilsec, and Co-Chair of the IETF STIR WG. STIR / SHAKEN Working Group during SIPNOC 2018.
- SHAKEN and STIRed: Thoughts on the Current State of: Anti Spoofing / Caller Validation / Robocall Mitigation / Call Validation Display. This presentation was given by Richard Shockey during the Ribbon Communications STIR-SHAKEN Summit, March 2019.
- Full Attestation Alternatives for Enterprises and Business Entities with Multi-Homing and Other Arrangements. Presented by Gary Richenaker, Principal Solutions Architect, iconectiv during SIPNOC 2019.
For additional presentations, please visit the archived SIPNOC 2019 agenda webpage. Please note that the titles of each agenda item are hyperlinked to the associated presentation.
FCC and Other Regulatory Actions Regarding Robocalls and Caller ID Spoofing
Robocalls and telemarketing calls are currently the number one source of consumer complaints at the FCC.What was once a nuisance has become a plague to U.S consumers receiving an estimated 2.4 billion robocalls per month in 2016.
The FCC has been encouraging service providers to offer call blocking solutions that give customers greater control over the types of calls they receive. Call blocking is one part of the robocall solution. Another part is identifying the bad actors who use robocalls to take advantage of unsuspecting consumers by using numbers assigned to others (spoofing). They use cheap and accessible technologies to spoof their caller identity and scam victims with threats from the IRS, offers of loans, or free travel. The Strike Force is committed to protecting customers, but these disguised calls have put investigators and enforcers at a disadvantage.
Although several providers and third parties offer call blocking and caller identification verification products, there is no ubiquitous solution that spans wireline and wireless communication networks. The industry has been called to action by the Robocall Strike Force to collaborate on creative solutions to this ever changing problem.
The mission of the cross industry Strike Force is to accelerate the development and adoption of new tools and solutions to abate the proliferation of illegal and unwanted robocalls, to promote greater consumer control over the calls they wish to receive, and to make recommendations to the FCC on the role government can play in this battle.
The following information related to the FCC’s Robocall Strike Force and other FCC and FTC regulatory, and U.S. legislative actions include:
- FCC MANDATES THAT PHONE COMPANIES IMPLEMENT CALLER ID AUTHENTICATION TO COMBAT SPOOFED ROBOCALLS. Industry-wide Deployment of STIR/SHAKEN Will Yield Substantial Benefits for American Consumers. News Release. (Dkt No 17-97 20-67). Adopted: March 31, 2020.
- CALL AUTHENTICATION TRUST ANCHOR. The FCC adopted an item that adopts rules requiring originating and terminating voice service providers to implement the STIR/SHAKEN caller ID authentication framework in the IP portions of their networks, and proposes additional measures. (Dkt No 17-97 20-67). Action by: the Commission. Comments Due: 2020-05-15. Reply Comments Due: 2020-05-29. Adopted: 2020-03-31 by R&O. (FCC No. 20-42).
- IN THE MATTER OF IMPLEMENTING SECTION 13(D) OF THE PALLONE-THUNE TELEPHONE ROBOCALL ABUSE CRIMINAL ENFORCEMENT AND DETERRENCE ACT (TRACED ACT). FCC adopts rules to establish a registration process for a single consortium that conducts private-led traceback efforts of suspected unlawful robocalls and seeks comment on robocall mitigation practices for certain voice service providers. Action by: the Commission. Adopted: 2020-03-27 by ORDER. (FCC No. 20-34).
- FCC LAUNCHES HOSPITAL ROBOCALL PROTECTION GROUP; SEEKS NOMINATIONS TO HELP COMBAT ROBOCALLS TARGETING HOSPITALS. The Federal Communications Commission began soliciting nominations for the Hospital Robocall Protection Group, a new federal advisory committee dedicated to combating robocalls to hospitals. by News Release.
- FCC CHAIRMAN PAI ANNOUNCES CRITICAL STEP IN FIGHTING SPOOFED ROBOCALLS: MANDATING STIR/SHAKEN CALLER ID AUTHENTICATION. Widespread Implementation Will Yield Substantial Benefits For American Consumers. by News Release.
- FCC PROPOSES NEARLY $13 MILLION FINE FOR ILLEGAL SPOOFED ROBOCALLS. Robocaller Launched ‘Neighbor Spoofing’ Campaigns Which Specifically Targeted Communities in Six States with the Intent to Cause Harm . News Release. Adopted: 2020-01-30.
- FCC MOVES TO BOLSTER EFFORTS TO TRACE ROBOCALLS BACK TO INTERNATIONAL FRAUDSTERS & PROPOSES NEW TRACEBACK PARTNERSHIP RULES. Companies That Facilitate Inbound International Robocall Traffic Are Called Upon to Help Track Down Fraudsters Misusing Their Service. by News Release.
- FCC CHAIRMAN PAI ANNOUNCES REVIEW OF CONSUMERS’ ROBOCALL BLOCKING OPTIONS. The Federal Communications Commission began a study of unwanted-call blocking services available to consumers across the country. by News Release.
- STATEMENT OF FCC CHAIRMAN AJIT PAI ON THE SIGNING OF THE TRACED ACT. by News Release.
- TRACED Act Signed into Law: President Trump signed the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act into law on Monday, December 30, 2019.
- AMERICAN & CANADIAN TELECOM LEADERS MAKE FIRST OFFICIAL CROSS-BORDER CALL USING ANTI-SPOOFING TECHNOLOGY. FCC Chairman Pai & CRTC Chairperson Scott Discussed Their Shared Goal of Protecting Consumers from Spoofed, Scam Robocalls.
- Truth in Caller ID Rules: In this document, the FCC takes the next step in our multi-pronged approach to putting an end to unlawful caller ID spoofing. Specifically, we amend our Truth in Caller ID rules to implement the amendments to section 227(e) of the Communications Act adopted by Congress last year as part of the RAY BAUM’S Act. Consistent with these statutory amendments, we amend our rules to encompass malicious spoofing activities directed at consumers in the United States from actors outside of our country and reach caller ID spoofing using alternative voice and text messaging services. This actions advance our goal of ending the malicious caller ID spoofing that causes billions of dollars of harm to millions of American consumers each year. Effective February 5, 2020.
- FTC Announces New Public Web Page with Interactive Do Not Call and Robocall Data: As part of its continued efforts to help make the Do Not Call (DNC) data it collects more transparent and easier for consumers to use, the Federal Trade Commission today announced the debut of a new interactive public web page containing a wealth of information about the National DNC Registry and unwanted telemarketing robocalls. The page allows consumers to search the data interactively, for example, by clicking on a specific state or county. The information will be updated quarterly. In the past, similar DNC and robocall complaint data was only available to the public annually in the FTC’s Do Not Call Data Book.
- FCC COMMISSIONER GEOFFREY STARKS RELEASES RESPONSES TO HIS INQUIRY INTO THE AVAILABILITY OF FREE, DEFAULT ROBOCALL BLOCKING SERVICES. by News Release.
- FCC CHAIRMAN PROPOSES BANNING MALICIOUS CALLER ID SPOOFING OF TEXT MESSAGES & FOREIGN ROBOCALLS. New Rules Supported by Bipartisan Group of More Than 40 State Attorneys General. by News Release.
- H.R. 3605. A bill to expand the private right of action under the Telephone Consumer Protection Act for calls in violation of the Do Not Call rules. Sponsor: Representative Schakowsky (D-IL).
- Advanced Methods To Target and Eliminate Unlawful Robocalls, Call Authentication Trust Anchor: In this document, the FCC clarifies that voice service providers may offer consumers programs to block unwanted calls through analytics (call-blocking programs) on an informed opt-out basis and may block calls from numbers not in a consumer’s contact list (white-list programs). The Commission also reminds voice service providers that protecting emergency communications is paramount. Finally, the Commission directs the Consumer and Governmental Affairs Bureau (CGB), in consultation with the Wireline Competition Bureau (WCB) and Public Safety and Homeland Security Bureau (PSHSB), to prepare two reports on the state of deployment of advanced methods and tools to eliminate such calls. This declaratory ruling is effective June 7, 2019.
- FTC and Law Enforcement Partners to Announce Robocall Enforcement Sweep: The Federal Trade Commission, in conjunction with other federal, state, and local law enforcement, will announce “Operation Call it Quits,” the latest joint-agency crackdown on telemarketers responsible for more than a billion illegal robocalls, on Tuesday, June 25, 10:30 a.m. CDT at the FTC Midwest Region Office.
- Stopping Bad Robocalls Act Passes House of Representatives by an Overwhelming Vote of 429-3, House Committee on Energy and Commerce Press Release, July 24, 2019.
- Bipartisan Robocall Bill Introduced. Reps. Donald McEachin (D-Va.), Pete Olson (R-Texas), Andy Kim (D-N.J.), Susan Brooks (R-Ind.), Anthony Brindisi (D-N.Y.) and David Kustoff (R-Tenn.) introduced a bill on June 18, 2019, entitled “Locking Up Robocallers Act of 2019.” The bill would direct the FCC to provide evidence of unlawful robocall violations to the attorney general and would strengthen enforcement of current robocall laws aimed at ending the scourge of predatory robocalls.
- Remarks of FCC Chairman Ajit Pai at the USTelecom Forum: Turning the Tide on Illegal Robocalls, June 11, 2019.
- FCC CHAIRMAN PROPOSES CALL BLOCKING BY DEFAULT TO HELP COMBAT THE SCOURGE OF ROBOCALLS. FCC Chairman Ajit Pai is proposing bold action to help consumers block unwanted robocalls. He expects providers to offer consumers robust, free call blocking tools based on analytics & consumer contact lists.. by News Release.
- Senate panel advances bill penalizing illegal robocalls. A Senate panel advanced legislation that would levy a hefty fine on illegal robocalls, the latest congressional effort to crack down on the billions of unwanted calls that irritate U.S. consumers every year. Published April 3, 2019.
- Prepared Statement by SIP Forum Chairman Richard Shockey during the DHS CyberSecurity Subcommitee roundtable discussion on April 2, 2019.
- Department of Homeland Security Cybersecurity, Infrastructure Protection and Innovation Subcommitee Roundtable. SIP Forum Chairman Richard Shockey and other experts giving testimony about Robocalls and Caller ID Spoofing in a roundtable discussion in front of the Department of Homeland Security Cybersecurity, Infrastructure Protection, and Innovation Subcommittee on April 2, 2019.
- Pallone Reintroduces Bill to Stop Robocalls. Press release announcing that Energy and Commerce Chairman Frank Pallone, Jr. (D-NJ) reintroduced the Stopping Bad Robocalls Act (HR 946) in the House of Representatives to stop abusive robocall practices. February 4, 2019.
- Notice of Inquiry (WC Docket No. 17-97). This official FCC NOI, approved on July 13, 2017, seeks industry comment on the SIP Forum/ATIS SHAKEN Call Authentication Framework, which sets forth a comprehensive methodology for validating phone calls and mitigating Caller ID Spoofing and fraudulent Robocalling.
- ADVANCED METHODS TO TARGET AND ELIMINATE UNLAWFUL ROBOCALLS. The FCC adopted a Notice of Proposed Rulemaking (NPRM) and Notice of Inquiry (NOI) on 03/23/2017 that would enable voice service providers to better protect subscribers from illegal robocalls.
- Robocall Strike Force Final Report
- Robocall Strike Force Update (Presentation given during the October 26, 2016 Meeting)
- Video of the Second Robocall Strike Force Meeting on October 26, 2016
- FCC Chairman Wheeler’s Analysis of Robocall Strike Force Report
- FCC Commissioner Clyburn’s Remarks at Strike Force Meeting
- FCC Commissioner Rosenworcel’s Remarks at Strike Force Meeting
- Remarks of FCC Commissioner Ajit Pai at the Final Meeting of the Robocall Strike Force
- FCC consumer alert regarding a set of recent robocall scams
- FCC consumer webinar regarding “How to Deal with Robocalls” on December 14, 2016
- FCC Enforcement Bureau announcement of a memorandum of understanding with the Canadian Radio-Television and Telecommunications Commission on caller ID spoofing and robocalls.
- FCC Enforcement Advisory — ROBOTEXT Consumer Protection–Text Message Senders Must Comply With The Telephone Consumer Protection Act. (DA No.16-1299)
SHAKEN in the News
- Robocalls will soon be a thing of the past thanks to this new technology, CNET, August 27, 2019.
- AT&T and T-Mobile team up to fight scam robocalls, Techcrunch, August 14, 2019.
- A Bipartisan Bill That Could End Our Robocall Hell Just Passed the House 429-3, Gizmodo, July 24, 2019.
- Robocalls are overwhelming hospitals and patients, threatening a new kind of health crisis, The Washington Post, June 17, 2019.
- FCC Votes to Allow Default Robocall Blocking, Telecompetitor, June 6, 2019.
- Anti-Robocall Bill Gets Bipartisan Backing, The New York Times, June 6, 2019.
- You’re About to Get Fewer Robocalls. But Maybe Not for Long. The New York Times, April 23, 2019.
- Robocallers Rang Americans’ Phones Billions of Times Last Year, Now Congress is Taking Aim The Washington Post, April 3, 2019.
- Mad About Robocalls? Consumer Reports, April 2, 2019.
- Verizon Rolls Out Free Call Filter Service to Fight Robocalls. PC Magazine, March 29, 2019.
- Scam Likely. AVC, March 20. 2019.
- Fight against robocalls continues as AT&T, Comcast complete test of verified call. USA Today, March 20, 2019.
- AT&T, Comcast Exchange Calls Verified with SHAKEN/STIR Unwanted Robocall-Fighting Technology. Telecompetitor, March 20, 2019.
- ‘It’s an arms race’: Inside the war on robocalls. Yahoo Finance News, March 8, 2019.
- T-Mobile expands ‘Call Verified’ service to combat spammers and robocalls. FierceWireless, March 7, 2019.
- Our Robocall Nightmare May Be Coming to an End. Medium, February 14, 2019.
- Frustrated by robocalls? Proposals in Congress offer some hope. The Washington Post, February 10, 2019.
- T-Mobile switches on spam call protections for some cellphone users. The Washington Post, January 10. 2019.
- Robocallers “evolved” to sidestep new call blocking rules, AGs tell FCC. Ars Technica, October 10, 2018
- Phone Numbers Were Never Meant as ID. Now We’re All At Risk. Wired, August 25, 2018.
- State Attorneys General Push for Faster Action to Fight Robocalls. Consumer Reports, October 11, 2018.
- Policymakers alone cannot stop those pesky robocalls. The Washington Post, February 8, 2018.
- Yes, It’s Bad. Robocalls, and Their Scams, Are Surging. New York Times, May 6. 2018.
For More Information
For more information about the NNI Task Force, and the work in progress, please visit the ATIS/SIP Forum NNI Task Force Charter.
You can also access NNI Task Group announcements as follows:
- Two New ATIS/SIP Forum Resources Advance Industry-Led Solutions to Mitigate Unwanted Robocalling
- Federal Communications Commission Approves Notice of Inquiry (NOI) on the SHAKEN Call Authentication Framework Developed by the SIP Forum/ATIS NNI Task Force
- New Specification by ATIS and SIP Forum Designed to Mitigate Robocalls and Caller ID Fraud
- ATIS and SIP Forum Complete New IP-Based Network to Network Interface (NNI) Technical Specification
- ATIS/SIP Forum IP Network-to-Network (NNI) Joint Task Force Publishes Draft Documents for Comment
- ATIS and SIP Forum Launch Joint Task Force on IP-NNI