There is a global movement we want IPS members to be aware of called STIR and SHAKEN. It is backed by governments and all the major players in the Telco (Telecommunications) industry whose future is threatened by this clear and present danger.
Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted information using toKENs (SHAKEN) together, are a set of standards that provide a method to increase transparency and repair some of the damage and loss of trust.
We don’t want our newsletter and articles to become overly technical as we aim to provide simple advice and actions for you all to consider before making a positive change in your behaviours. You can read more detail about these solutions at the Wikipedia page but the takeaways for you to absorb are endorsed by OFCOM:
- STIR is a new global technical standard to ensure that only legitimate calls with valid caller line identities reach the recipient, to help tackle spoofing and hiding of the real caller’s identity.
- Trust will be restored when people can rely on the caller line identity being shown to them and make a more informed judgement on whether to answer the call.
- The standard has been approved and a date for implementation in the UK is being considered.
STIR/SHAKEN will create a digital signature for known trusted calls (at their point of origin) in a way that cannot be tampered with. Before they reach your phone your telephone service provider checks for the presence of a digital signature and, if found, verifies it on your device. A tick box “approved and verified caller” icon alongside the name of the company (or person) who is making the call should appear. If it can’t be verified, then the tick box won’t be added and the advice will be for you not to answer it: you can have those calls automatically blocked or sent to your voice mail.
This approach should revive trust in the system. STIR/SHAKEN is actually a throwback to the pre-Internet age of telephone directories, where every bill paying subscriber was directly connected to their service provider. In those days the telephone network itself was a closed environment, where every call could be trusted to come from the caller it said it came from.
Today’s public telephone networks are based on very open technology, and fraudsters have exploited that openness to their profit and consumers’ loss.