Big Unwanted Call Management Problem: Robocalls

What is a Robocall? Originally coined from within the ICT industry to refer to a voice call that is initiated by a “bot”, the word “robocall” has achieved lexicon status with everyday phone users to refer to automated calls originated from a machine. These types of calls are used to facilitate a connection between regular phone user as called party, and some (typically unknown) entity, as calling party.

Mind Commerce Robocall Solution Study 2018

Mind Commerce conducted a robocall study in 2018 to identify the performance of carrier robocall solutions in terms of identifying unwanted calls. Surprisingly, informal sampling of carrier customers by Mind Commerce indicates a relatively high number of users are unaware of the solutions at their disposal to combat unwanted calls. As part of its commitment to robocall detection and unwanted call management, Mind Commerce will continue to monitor developments in this area.

The world of information and communications technology is rapidly evolving and so are the methods used for placing robocalls as well as those utilized for call spoofing. Thankfully, leading vendors are also constantly upgrading their solutions with the latest technologies including advanced data analytics and artificial intelligence.

The Good, Bad, and Ugly of Robocalls

References to iconic Clint Eastwood westerns aside, there is a good side, a not so good side, and a down right despicable side to robocalls.

  • Good Robocalls: The good aspect of robocalling is that some lawful and ethical organizations use robocall technology to place calls to their constituents (such as a church, school, etc.) or to legally reach specific people based on some business model (such as a debt collection agency).
  • Bad Robocalls: The not so good aspect of robocalling is that it is also used by some entities to place calls that are considered by many to be a nuisance such as surveys, sweepstakes, sales pitches, etc.
  • Ugly Robocalls: The outright ugly aspect of robocalling is when bad actors use the technology for malicious and illegal intent such as to defraud a calling party through various scams that are as numerous as the imagination. One common example is a robocaller posing to be the IRS and seeking to illegally extort money from a calling party.

Mind Commerce has coined the term “Problematic” to pertain to any call from a phone number that is indicative as cause for concern. This means a particular number that has been identified as being from a spammer, scammer, nuisance, etc.

What is an Unwanted Call?

Not every call from a robocaller is unwanted. One certainly does not want to ever need to receive a reverse 9-1-1 call informing that the Cascadia Subduction Zone off the Pacific Northwest has fractured, triggering a massive tsunami, but you would be glad to know if you live near the beach. Other wanted robocalls are not quite so dramatic, such as receiving a call from church about a cancelled sermon or a call from school about late start due to 12 inches of snow.

Generally speaking, unwanted calls are Problematic, ranging from the highly irritating nuisance calls that waste time and cause frustration to those calls that could potentially put one’s financial resources in jeopardy.

It is the small number of very bad actors that give robocalls an egregious reputation. Some of these callers are from entities that go beyond interrupting dinner. Some of them can be a great financial risk to the called party, especially those that prey on the elderly. Scammers have many schemes to attempt confuse, threaten, and scare people out of their money. For example, one scenario is a caller from someone that poses as a law enforcement officer or governmental official seeking funds for back taxes.

Robocaller Trick: Number Spoofing

One of the tricks robocallers use to prompt called parties to answer a phone call is something known as “number spoofing”, which refers to an altered calling party phone number. The calling party’s phone number is altered electronically so it appears to be a number that is different than the actual originating party caller ID. In other words, the calling number may look like it is coming from the United States, but it is actually being originated from some foreign country such as India.

A specific form of spoofing commonly employed is “neighborhood spoofing”, which is altering a phone number so that it looks like a “neighbor” number (e.g. a number in the same NPA/NXX as the called party). The notion is that a called party would be more apt to answer if it appears to be a number of someone they may know from their local area.

Under the Truth in Caller ID Act, FCC rules prohibit anyone from transmitting misleading or inaccurate caller ID information with the intent to defraud, cause harm or wrongly obtain anything of value. Stated differently, number spoofing is not necessarily illegal or immoral. For example, a business may want to display their toll-free number when calling. However, a spoofed call may be deemed an illegal act if there is intent to commit fraud or otherwise extract monetary value from a called party through trickery, wrongful, or misleading information.

Illegal Robocalls

Whether a involves number spoofing or not, it is illegal in the USA to use robocalls to initiate sale of a product or service without permission. For example, calls that start with a bot making a statement such as “ Would you like to benefit from a lower interest rate for your credit card? Press 9 to be connected “ are against the law. According to the FTC, if the recording is a sales message and you haven’t given your written permission to get calls from the company on the other end, the call is illegal.

Solutions for Robocall and Unwanted Call Management

The receipt of unlawful robocalls causes great stress to end-users as well as a high cost to carriers, both in terms of good will as well as hard costs in the form of customer complaint calls to customer care.

Robocall Detection and Unwanted Call Management Solutions provide Benefit to both End-users and Carriers

Due to the low-cost threshold to deployment unlawful robocall operations, and the high degree of difficulty involved with attempts at bringing the perpetrators to justice, the incidence of illegal machine-based calling is a well-established and ever growing threat to communication service provider business.

There is a clear and imperative need for robocall prevention apps and services. While there are some solutions available, there is not yet an industry standard for managing robocalls.

Current Unwanted Call Management Applications

Some robocall prevention solutions rely upon handset based apps and communication with databases to update the app. Variations of these solutions utilize real-time data and analytics, which is beneficial to optimal solution operation.

Some of the leading solutions in the United States include those from First Orion, Hiya, Transaction Network Services, and YouMail.

Mind Commerce conducted a Robocall Study comparing Robocall Detection and Unwanted Call Management apps offered by carriers. The study identified each carrier robocall detection and unwanted call management solution ability to accurately identify ‘problematic’ numbers.

Future Solutions: Authentication and Verification at the Network

While currently available applications are clearly helping the situation, some industry experts are advocating for identifying, and in some cases blocking, calls at the network level. One such approach advocated by the ATIS and SIP Forum would use techniques and technologies referred to as STIR/SHAKEN for caller ID authentication.

The below figure illustrates the technical approach to STIR-SHAKEN. This approach is intended to authenticate telephone numbers and verify them before they reach an intended called party.

STIR and SHAKEN

The generalized steps in this process are as follows:

  1. Session Initiation Protocol (SIP) Invite message is launched from calling party device
  2. Communication Service Provider (CSP) at Originating Network initiates verification of Telephone Number (TN) associated with Calling Party
  3. Originating CSP queries Authentication Infrastructure to verify TN identity
  4. SIP Invite message is sent to CSP at Terminating Network containing Identity Header obtained from step #3
  5. Terminating CSP transmits SIP Invite with Identity Header to Verification Infrastructure as query for verification of TN
  6. Verification Infrastructure verifies TN identity through various means including authentication of Digital Certificate
  7. Verification results are passed to the Terminating CSP indicating validity of TN
  8. Terminating CSP completes call (if TN verification is positive) to Called Party or may reject the call (if TN verification fails)

STIR/SHAKEN eliminates some, but not all, unwanted robocalls that involve spoofing. However, not all robocalls are spoofed, and not all unwanted calls are robocalls. Consequently, one can conclude that there will remain a market for unwanted call management apps even after STIR/SHAKEN is fully implemented.