New ‘STIR/SHAKEN’ method attaches a certificate to each phone number

The days of being bombarded with robocalls may soon be over. 

Experts in the telecommunications industry have developed a new system that could make it harder for fraudsters to bother you with incessant phone calls. 

Called the ‘STIR/SHAKEN’ system, it would attach a certificate of authenticity to each phone number, adding an extra layer of verification. 

Robocalls have gotten drastically worse in recent years, with the FTC receiving 7.1 million consumer complaints about robocalls in 2017, up from 5.3 million in 2016

The system is rolling out slowly among carriers and other organizations, with Verizon pledging to add it to some parts of its mobile network, according to New York Magazine. 

However, it’s only available in the US for now, despite robocalls being a global nuisance.

Robocalls have gotten drastically worse in recent years, with the FTC receiving 7.1 million consumer complaints about robocalls in 2017, up from 5.3 million in 2016.

What’s more, robocall blocking service YouMail recently estimated there were 3.4 billion robocalls placed in April 2018 — a significant increase from 2.5 billion in the same period last year. 

The advent of cheap and easy-to-use technologies has spurred a rise in robocalls, overpowering Federal Communications Commission rules that were meant to protect the consumer. 

Many popular services like Google Voice and Skype use Voice over Internet Protocol (VoIP), which allows users to call people around the globe for cheap. 

A new system called 'STIR/SHAKEN' would attach a certificate of authenticity to each phone number, adding an extra layer of verification. In order for it to work, all carriers have to adopt it

A new system called ‘STIR/SHAKEN’ would attach a certificate of authenticity to each phone number, adding an extra layer of verification. In order for it to work, all carriers have to adopt it

Savvy users can then create a setup where tons of computers can all make calls at once. 

Another technology called ‘spoofing’ allows users to create a fake number that shows up on your phone’s caller ID. 

WHAT AREAS ARE MOST AFFECTED BY ROBOCALLS?

YouMail, a company that collects and analyzes calls through its robocall blocking service, reported an estimated 3.4 billion of the calls in April. The worst affected areas were:

1. Atlanta, GA (404) Calls: 63,838,000

2. Houston, TX (832) Calls: 48,556,100

3. Dallas, TX (214) Calls: 48,043,400 

4. Atlanta, GA (678) Calls: 41,454,500

5. New York, NY (917) Calls: 36,706,700

6. Miami, FL (954) Calls: 36,657,700

7.New York, NY (347) Calls: 34,939,900

8. L.A, CA (310) Calls: 34,306,600

9. Chicago, IL (773) Calls: 32,835,200

10. Dallas, TX (817) Calls: 31,589,700 

An unsuspecting user may see a spoofed phone number from their area code and think it’s not a scam. 

A robocaller may even try to contact you using a spoofed version of your own phone number, New York Magazine noted. 

More and more often, cybercriminals are using the technique to pose as your bank, the IRS or other organizations where people typically give sensitive financial details or other personal information.   

With VoIP technology unlikely to go away, engineers and phone carriers are now trying to put a stop to spoofing with the STIR/SHAKEN method. 

STIR, or Secure Telephone Identity Revisited, and SHAKEN, or Signature-based Handling of Asserted information using Tokens, is currently being trialed by several companies.

When someone places an outgoing call, it contains a certificate verifying that the call is truly coming from a certain number. 

That phone call is transferred to the incoming carrier, which then makes sure that the certificate matches a ‘highly encrypted’ private key, according to New York Magazine. 

An administrator that’s overseen by the FCC and telecom industry hands out the certificates. 

The system would operate not unlike SSL certificates on the web or PGP encryption, a technology used in popular end-to-end encryption apps like WhatsApp or Telegram.

More and more cybercriminals are using 'spoofing' to pose as your bank, the IRS or other organizations where people give sensitive financial details or other personal information

More and more cybercriminals are using ‘spoofing’ to pose as your bank, the IRS or other organizations where people give sensitive financial details or other personal information

 ‘The telephone network we have now is laughably nonsecure,’ Jim Dalton, CEO of software firm TransNexus, told New York Magazine.

‘This is applying the lessons of data networks to telephone networks’. 

In order for STIR/SHAKEN to work, carriers on both ends of the call have to be willing to participate.  

It’s unclear what incoming phone calls will look like after being verified by the STIR/SHAKEN system. 

One solution might involve adding a Twitter-like verification check mark to phone numbers. 

STIR/SHAKEN could also come at an additional price for consumers as it may create new overhead for phone companies. 

Experts also caution that it doesn’t ensure that robocalls will go away forever.

Instead, it may mean that consumers see fewer robocalls, making it much less lucrative for fraudsters and eventually leading to a gradual decline in robocall activity. 



Read more at DailyMail.co.uk