Guaranteed Caller® Service Provider
The Challenge
American consumers receive over 200,000 unwanted and/or fraudulent calls every minute, many of which use spoofed caller IDs to increase the likelihood that the called party will answer. Both the FCC in the USA — through the TRACED Act — and the CRTC in Canada have mandated that service providers implement the STIR/SHAKEN set of standards as a solution to the widespread use of caller ID spoofing in fraudulent calls.
The netnumber Global Data Services Solution
Guaranteed Caller® is our family of STIR/SHAKEN solutions, providing proactive and IETF/ATIS-compliant caller ID validation solutions for all common calling scenarios.
Guaranteed Caller® Service Provider uses credentials and certificates from the national level to sign and verify consumer calls within an operator network. It fully meets all current FCC/CRTC mandates for IP STIR/SHAKEN standards, and it includes STI-AS, STI-VS (with included CRc certificate cache), SP-KMS, SKS and STI-CR. An optional CVT capability is available.
Guaranteed Caller® Service Provider provides three unique functional sets:
- Service Provider Certificate Management (SPCM) generates new public/private key sets on a regular basis and then interacts with the STI-CA to request and receive STI-CA signed certificates. SPCM requests fixed-duration certificates that have a minimum lifetime of 24 hours and a maximum lifetime of 365 days. Signed certificates received from the STI-CA are pushed to the Guaranteed Caller® STI-CR. The associated private key is pushed to the Guaranteed Caller® SKS. At the end of their lifetime, certificates are automatically refreshed by SPCM until Guaranteed Caller® Service Provider service is canceled by the service provider.
- Service Provider Call Signing (SPCS) is used to sign calls on behalf of customers. Access SPCS is via the ATIS 1000082 HTTPS/JSON API (or other technically feasible API approved by netnumber , including SIP Redirect) using a netnumber-generated security token and/or customer-sourced IP address(es). API queries received by SPCS with a valid authorization receive back a cryptographically signed SHAKEN PASSporT.
- Service Provider Signature Verification (SPSV) is used to verify call signatures on behalf of customers. Access to SPSV is via the ATIS 1000082 HTTPS/JSON API (or other technically feasible API approved by netnumber , including SIP Redirect) using a netnumber-generated security token and/or customer-sourced IP address(es). API queries received by SPSV include a valid authorization and a cryptographically signed SHAKEN PASSporT. Received SHAKEN PASSporTs are verified by SPSV, and the results of that verification are returned via the ATIS 1000082 HTTPS/JSON API to the query source.
Key Features
IETF/ATIS Compliant
The Guaranteed Caller® family is fully compliant with all relevant IETF/ATIS standards for STIR/SHAKEN.
Fully Cloud Native, Containerized Implementation
Guaranteed Caller® is fully cloud native and containerized, providing effectively unlimited capacity via a highly elastic and dynamic scaling capability.
Support for TDM-SHAKEN
Guaranteed Caller® Service Provider includes full support for TDM-SHAKEN. The in-network Cloud Connect node optionally supports TDM/SS7 physical interfaces.
Configurable Selection of Calls to be Signed
Not all calls need to be signed to be free from caller ID spoofing. Unnecessary call signing may equate to unnecessary OPEX. The Guaranteed Caller® in-network Cloud Connect node provides configurable call signing selection rules, saving service providers unnecessary spend by only selecting calls that need to be signed.
Configurable Call Attestation Rules
STIR/SHAKEN relies on accurate call attestation. The Guaranteed Caller® in-network Cloud Connect node provides configurable rules for setting attestation levels, ensuring that this critical value is set in compliance with local network policy.
Configurable OrigID Values
The STIR/SHAKEN OrigID value supports the traceback of calls that incorrectly received an “A” attestation. The Guaranteed Caller® in-network Cloud Connect node provides configurable rules for setting OrigID as local network policy dictates.
Benefits
- Fully comply with FCC and CRTC mandates for STIR/SHAKEN
- Increase customer satisfaction by ending fraudulent caller ID spoofing
- Minimize spend to implement STIR/SHAKEN in the network
- Minimize network impact from STIR/SHAKEN compliance
- Control CAPEX expenditure necessary to comply