This article needs to be updated. The reason given is: Only a few short updates post-2019. Needs finished description of SHAKEN and info on global rollout.(September 2023) |
STIR/SHAKEN, or SHAKEN/STIR, is a suite of protocols and procedures intended to combat caller ID spoofing on public telephone networks. Caller ID spoofing is used by robocallers to mask their identity or to make it appear the call is from a legitimate source, often a nearby phone number with the same area code and exchange, or from well-known agencies like the Internal Revenue Service or Ontario Provincial Police. This sort of spoofing is common for calls originating from voice-over-IP (VoIP) systems, which can be located anywhere in the world.
STIR, short for Secure Telephone Identity Revisited, has been defined as a series of RFC standards documents by a Working Group of the Internet Engineering Task Force. It works by adding a digital certificate to the Session Initiation Protocol information used to initiate and route calls in VoIP systems. The first public connection on the system, typically the VoIP service provider, examines the caller ID and compares it to a known list of IDs they provide to that customer. The provider then attaches an encrypted certificate to the SIP header with the service provider's identity and a trust value. VoIP software on the receiving end can check the authenticity of the message by decrypting STIR using the provider's public key.
For non-VoIP systems, like cell phones and landlines, call routing information is carried by SS7. In these cases, the SIP header is not directly useful as it cannot be sent to users unless they are on a VoIP connection. This is the purpose of the SHAKEN system, short for Signature-based Handling of Asserted information using toKENs. SHAKEN is a suite of guidelines for public switched telephone networks that indicate how to deal with calls that have incorrect or missing STIR information. This may be in the form of additional information in the CNAM information of caller ID indicating the number has been spoofed, but the details have not been finalized.
As of 2019 [update] , STIR/SHAKEN is a major ongoing effort in the United States, which is suffering an "epidemic" of robocalls. [1] The Federal Communications Commission requires use of the protocols by June 30, 2021. [2] The Canadian Radio-television and Telecommunications Commission requires use of the protocols by November 30, 2021. [3]
The name was inspired by Ian Fleming's character James Bond, who famously prefers his martinis "shaken, not stirred". STIR having existed already, the creators of SHAKEN "tortured the English language until [they] came up with an acronym." [4]
The idea of sending the phone number to the customer for identification purposes dates to 1968, when Ted Paraskevakos introduced the idea of modem-like devices that would send and receive the information over normal voice lines. It sent a small burst of information using the 1200 bit/s Bell 202 modulation in the time between the first and second rings. The concept was developed through the 1970s and had its first public trial with Bell Atlantic in 1984 and a follow-up in 1987. [5]
The system was widespread in the United States and Canada by the mid-1990s, and spread to most other countries by the end of the decade. It soon became an indispensable system allowing customers to screen calls from telemarketers. Marketers often provided alternative numbers in the caller ID so returned calls went to an inbound call center instead of the telemarketing firm where the call originated. Unscrupulous users began using this concept, which became known as "spoofing", to hide the true origins of the call to prevent callbacks. [5] This became so common that the Federal Trade Commission (FTC) was given the mandate to sue companies that provided false caller ID information. [6]
The introduction of voice-over-IP (VoIP) systems allowed users to place calls to other users directly through the internet without ever using the public telephone network. Initially, these systems were proprietary, but over time a series of proposals created the Session Initiation Protocol (SIP), a messaging protocol that contained the information needed to set up a VoIP call between two endpoints. SIP borrowed from existing protocols, including the use of simple headers like "From:" in a format similar to the SMTP email system. SIP requests are sent to proxy servers that provide access information for end-users to the caller, which is then used to provide a direct connection between the two endpoints. [7]
As the cost of an Internet line with enough bandwidth to host a given number of simultaneous calls is much less than leasing that number of telephone lines, there was a strong economic benefit for companies to switch to VoIP as well. From the late 1990s a number of new PBX-like systems emerged that use SIP and VoIP to route calls wherever possible, only exiting to the public switched telephone network (PSTN) system when required to call a non-VoIP user. A company with several of these systems in separate offices could forward the call to the one closest to the number being dialed, thereby reducing or eliminating long distance charges. [7]
As these systems became popular, new telephony providers emerged that offered centralized SIP routing, allowing both companies and end-users to use VoIP systems to call the service and then route back out to the PSTN. Many of these also allowed incoming calls from conventional phone equipment, providing local or toll-free numbers for the inbound calls. This allowed users to place calls to and from anywhere with local access for a greatly reduced cost by avoiding the telephone company's own long-distance service. [7]
Today, a call may travel for most of its "distance" as a SIP-initiated VoIP call, only exiting to the SS7 PSTN network at the final stages, if ever. As this sort of call became common, even the largest service providers, like AT&T, began offering SIP/VoIP to their customers. In this case, the caller ID information is taken from the SIP headers, not the provider, and that information is often editable by the end-user. [7]
The opening of the telephone network to VoIP systems resulted in a dramatic lowering in cost for the support of multiple simultaneous phone calls. This was as much of a boon to robocallers as it was to legitimate users. [8] By purchasing commodity personal computers and running suitable software, a robocaller can make hundreds of simultaneous calls for the cost of a single Internet connection. [9]
In the early days of such robocalling, the caller would often attempt to hide their identity by entering false caller ID information into the VoIP software. This had the added advantage to the robocaller of making it impossible for the called user to call back to complain, or even report the call to their provider or government agency like the Federal Trade Commission. Users quickly learned to stop taking calls from obviously faked IDs. [9]
In response, robocallers began using less obviously incorrect IDs, but these had a lower chance of being picked up – the chance to ignore a call from an unknown user was precisely why many used caller ID in the first place. Robocallers changed their tactics again, first by using phone numbers that were similar to the user's to make it appear local, [10] and later by using well-known numbers, often government agencies, as part of scams. [9] Using such tactics, robocalls become an increasing problem, rising another 18% year-over-year in 2019 with 26 billion calls between January and October, [11] with an estimated 5.7 billion robocalls in the US placed in October 2019 alone. [12] Estimates for 2020 are 46 billion robocalls in the US alone. [13]
The STIR system aims to add information to the SIP headers that allow the endpoints along the system to positively identify the origin of the data. This does not directly prevent the ability for a robocaller to spoof a caller ID, but it does allow upstream points to decide whether or not to trust that ID. [9]
For instance, a business system using a VoIP-based PBX might connect to the wider telephony network through a SIP service provider. When the SIP packet is received by these providers, they will add additional information to the header, indicating whether they are sure the call originates with a known customer and whether or not the caller ID they provided is one that is known to their system. In this example, the internal phone number may not be known by the provider, but they may agree that all numbers starting with 555-555 do indeed belong to that customer, and that the provided ID, 555-555-1234, is therefore valid. Likewise, a customer might use a separate toll-free number for return calls and thus have a legitimate reason to use a totally different caller ID number, perhaps 800-123-4567. [9]
There are three levels of verification, or "attestation", [8] possible in the STIR protocol. The highest level, "Full Attestation", indicated in the STIR header with an "A", indicates that the provider recognizes the entire phone number as being registered with the originating subscriber. This would be the case for a landline or mobile phone where the customer connects directly to the VoIP network and the phone number can be verified as being a particular customer, or in the case of a company that has registered a particular callback number. "Partial Attestation", or "B", indicates that the call originated with a known customer but the entire number cannot be verified, which would be the case with a call originating from a client PBX where the extension number is not registered with the provider. "Gateway Attestation", "C", indicates the call can only be verified as coming from a known gateway, for instance, a connection to another service provider. [9]
STIR systems produce a JSON Web Token containing, among other things, the originating phone number as provided by the original SIP, the number being called, and the level of attestation being given by the provider. This information is then encrypted with the provider's private key, encoded using Base64, and appended to the original SIP header in a new Identity field. The new information now travels along with the original SIP request until it reaches its destination, another VoIP system or provider that will route the call to an external telephone. [9]
On reception, the STIR information is decoded using the provider's public key. If this fails, the STIR information can be considered invalid. If it properly decodes, it can extract the information and examine the attestation to decide whether to allow the call to continue. In the case of a VoIP endpoint on a smart phone, for instance, the display might show that the call is of an unknown origin ("C") or that it failed verification entirely. [9]
Anyone on the VoIP side of the call can add a STIR header claiming "A" attestation even to known-bad calls. This may start in a robocaller's software, for instance. In this case, upstream users would not have the keys necessary to decode the STIR header and the authentication would fail. The software might also encode a header to pose as a trusted source, but in this case, the known public key for trusted source would fail to decode the header and the authentication would fail. [9]
The STIR system relies on a chain of trust. For this to work, the system requires certification services that are well known so end-user software knows whom to query to retrieve the public key, and are trusted to provide valid information and not provide keys to known-bad players. This network will be based on the existing Certificate Authority system in use today. [9]
The robocaller might find a VoIP provider willing to sign their calls even though they are known-bad, in the same fashion that there are Internet service providers that provide service to known email spam farms.[ citation needed ] To combat this, the STIR header contains both the original phone number when it enters the provider as well as the caller ID being claimed. If these do not match, the STIR authentication fails. For such a certificate to get through, the provider would also have to be willing to fake the number on reception, for instance, by copying whatever caller ID number the robocaller provided. In this case the STIR will validate correctly, and stopping such calls will have to be done at a higher level, through key revocation or similar. [9]
The STIR system is defined [14] as a series of Request for Comments documents by the IETF:
STIR is based on SIP and is designed to work with calls being routed through a VoIP network. It does not work within the "original" telephony network, which relies on standards such as SS7 to route calls. [6] VoIP calls enter the network at the "edge" through a variety of VoIP-to-telephony gateways, and they can receive STIR information at that point or anywhere earlier during the VoIP section of the call. But once inside the telephony network there is no standard for forwarding that STIR information to the end user. [8]
Additionally, STIR does not define how authentication failures should be handled within the network. In a system where most calls will not have STIR information, at least during the period where the system is being set up, failed STIR checks cannot simply block the call. [8] Some sort of information has to be sent to the user, but the precise nature of that information is not part of STIR itself.
Developed jointly by the SIP Forum and ATIS (the Alliance for Telecommunications Industry Solutions) to efficiently implement the Internet Engineering Task Force’s (IETF) STIR (for Secure Telephony Identity Revisited) standard, SHAKEN (for Signature-based Handling of Asserted information using toKENs) defines a mechanism to verify the calling number and specifies how it will be transported across communications networks. [15]
Together, STIR/SHAKEN offers a practical mechanism to provide verified information about the calling party as well as the origin of the call—what is known as "attestation"—for the first time in the network. Giving service providers the tools needed to sign and verify calling numbers makes it possible for businesses and consumers to know, before answering, that the calls they receive are from legitimate parties.
In the common case of a robocaller calling an end user on a landline or mobile phone, it is the last step of the connection that does not directly handle STIR. For instance, if a call originates in a VoIP system and was tagged with a STIR header that successfully authenticated, the caller ID provided to the user might be appended with "(verified)", whereas one that fails might say "(spoofed)" or "(no verification)". [16]
As of 2019 [update] , the exact nature of the messages sent to end users is still being discussed. [8] The Secure Telephone Identity Governance Authority, or STI-GA, is organizing these discussions as well as calling for certificate authorities who will handle the majority of the key protocol. [17] Additionally, the Secure Telephone Identity Policy Administrator, or STI-PA, has the job of actually carrying out policy decisions like key revocation. On May 30, 2019, the GA announced iconectiv had won the role of PA. [8]
STIR/SHAKEN was designed to allow expansion to carriers outside the United States. [8]
On December 9, 2019, FCC commissioner Ajit Pai and CRTC chairman Ian Scott conducted "the first official cross-border call" using the protocol. [18] The same day, the CRTC announced that it "expects" all phone providers to adopt STIR/SHAKEN no later than September 30, 2020. [19] [20] This was later extended to June 30, 2021 at the request of Rogers Communications Canada Inc. [21] The implementation date was again pushed back to November 30, 2021, as the CRTC announced that no TSP will be exempted from the requirement. [22]
In January 2018, the CRTC issued Compliance and Enforcement and Telecom Decision 2018-32, which states that the CRTC expects Canadian Telecommunications Service Providers to implement STIR/SHAKEN by 31 March 2019, establish a Canadian administrator, and issue progress reports. [23]
In December 2019, the CRTC issued decision 2019-402, which extended the deadline to 30 September 2020. [24] At the same time, the CRTC issued CRTC 2019-403, which approved the establishment of the Canadian Secure Token Governance Authority (CSTGA) as Governance Authority for STIR/SHAKEN. [25]
In September 2020, the CRTC issued decision 2019-402-2, which extended the deadline to 30 June 2021. [26]
In December 2019, the TRACED Act (Telephone Robocall Abuse Criminal Enforcement and Deterrence Act) was signed into U.S. law, which compels the FCC to mandate implementation of the protocols by all U.S. phone companies. [27] The FCC approved the mandate on March 31, 2020, under which large carriers must implement the systems by June 30, 2021, and smaller and rural carriers by June 30, 2022. [28] [2]
In July 2021, the CRTC issued decision 2021-123, further pushing back the implementation deadline to 30 November 2021, while also making it clear that no carrier in Canada would be exempt from the implementation date, in contrast to FCC's decision to grant exemptions to smaller and rural operators. [22]
Interoperability working:
The Session Initiation Protocol (SIP) is a signaling protocol used for initiating, maintaining, and terminating communication sessions that include voice, video and messaging applications. SIP is used in Internet telephony, in private IP telephone systems, as well as mobile phone calling over LTE (VoLTE).
Voice over Internet Protocol (VoIP), also called IP telephony, is a method and group of technologies for voice calls for the delivery of voice communication sessions over Internet Protocol (IP) networks, such as the Internet.
Enhanced 911 is a system used in North America to automatically provide the caller's location to 911 dispatchers. 911 is the universal emergency telephone number in the region. In the European Union, a similar system exists known as E112 and known as eCall when called by a vehicle.
Caller identification is a telephone service, available in analog and digital telephone systems, including voice over IP (VoIP), that transmits a caller's telephone number to the called party's telephone equipment when the call is being set up. The caller ID service may include the transmission of a name associated with the calling telephone number, in a service called Calling Name Presentation (CNAM). The service was first defined in 1993 in International Telecommunication Union – Telecommunication Standardization Sector (ITU-T) Recommendation Q.731.3.
Telephone number mapping is a system of unifying the international telephone number system of the public switched telephone network with the Internet addressing and identification name spaces. Internationally, telephone numbers are systematically organized by the E.164 standard, while the Internet uses the Domain Name System (DNS) for linking domain names to IP addresses and other resource information. Telephone number mapping systems provide facilities to determine applicable Internet communications servers responsible for servicing a given telephone number using DNS queries.
In the context of information security, and especially network security, a spoofing attack is a situation in which a person or program successfully identifies as another by falsifying data, to gain an illegitimate advantage.
VoIP spam or SPIT is unsolicited, automatically dialed telephone calls, typically using voice over Internet Protocol (VoIP) technology.
A session border controller (SBC) is a network element deployed to protect SIP based voice over Internet Protocol (VoIP) networks.
Direct inward dialing (DID), also called direct dial-in (DDI) in Europe and Oceania, is a telecommunication service offered by telephone companies to subscribers who operate private branch exchange (PBX) systems. The feature provides service for multiple telephone numbers over one or more analog or digital physical circuits to the PBX, and transmits the dialed telephone number to the PBX so that a PBX extension is directly accessible for an outside caller, possibly by-passing an auto-attendant.
A VoIP phone or IP phone uses voice over IP technologies for placing and transmitting telephone calls over an IP network, such as the Internet. This is in contrast to a standard phone which uses the traditional public switched telephone network (PSTN).
Caller ID spoofing is a spoofing attack which causes the telephone network's Caller ID to indicate to the receiver of a call that the originator of the call is a station other than the true originating station. This can lead to a display showing a phone number different from that of the telephone from which the call was placed.
This is a comparison of voice over IP (VoIP) software used to conduct telephone-like voice conversations across Internet Protocol (IP) based networks. For residential markets, voice over IP phone service is often cheaper than traditional public switched telephone network (PSTN) service and can remove geographic restrictions to telephone numbers, e.g., have a PSTN phone number in a New York area code ring in Tokyo.
Voice phishing, or vishing, is the use of telephony to conduct phishing attacks.
The SIP URI scheme is a Uniform Resource Identifier (URI) scheme for the Session Initiation Protocol (SIP) multimedia communications protocol. A SIP address is a URI that addresses a specific telephone extension on a voice over IP system. Such a number could be a private branch exchange or an E.164 telephone number dialled through a specific gateway. The scheme was defined in RFC 3261.
A robocall is a phone call that uses a computerized autodialer to deliver a pre-recorded message, as if from a robot. Robocalls are often associated with political and telemarketing phone campaigns, but can also be used for public service, emergency announcements, or scammers. Multiple businesses and telemarketing companies use auto-dialing software to deliver prerecorded messages to millions of users. Some robocalls use personalized audio messages to simulate an actual personal phone call. The service is also viewed as prone to association with scams.
Telemarketing fraud is fraudulent selling conducted over the telephone. The term is also used for telephone fraud not involving selling.
Nuisance calls encompass any type of unwanted, unsolicited, telephone call. Common types of nuisance calls include prank calls, telemarketing calls, and silent calls. Obscene phone calls and other threatening calls are criminal acts in most jurisdictions, particularly when hate crime is involved.
SunComm Technology is a Taiwan multinational computer technology and GSM Voice over IP gateway manufacturer. The main products in 2010 focused on GSM VoIP gateways & IP surveillance camera devices. Core members have been engaging in the communication & networks industry since 1977.
Federated VoIP is a form of packetized voice telephony that uses voice over IP between autonomous domains in the public Internet without the deployment of central virtual exchange points or switching centers for traffic routing. Federated VoIP uses decentralized addressing systems, such as ENUM, for location and identity information of participants and implements secure, trusted communications (TLS) for identify verification.
The Session Initiation Protocol (SIP) is the signaling protocol selected by the 3rd Generation Partnership Project (3GPP) to create and control multimedia sessions with multiple participants in the IP Multimedia Subsystem (IMS). It is therefore a key element in the IMS framework.