SIPNOC 2023 Session Recap – The Future of Trusted Communications: Building a Framework for Authorization, Authentication and Action
Recently, at SIPNOC 2023, leading authorities in the telecom ecosystem convened to discuss the state of call authentication and ongoing efforts to combat fraud. From proper vetting standards and “Know Your Customer” (KYC) solutions to next steps for STIR/SHAKEN, the 12th annual SIPNOC conference offered a unique opportunity for service providers, vendors and more to discuss prevailing topics such as call authentication solutions for enterprises and Rich Call Data (RCD).
When it comes to STIR/SHAKEN and call authentication (especially authentication for calls originating from enterprises), one of the largest gaps is proper vetting for attestation determination. While it’s true that, when properly implemented and adopted, STIR/SHAKEN call authentication can help minimize telecom fraud; attestation alone was never meant to be thelong-term solution.
But why is that?
Chris Wendt, Vice President, Systems Engineering, at Somos, Co-Chair of the IP-NNI Task Force, Co-Chair of the STI-GA Technical Committee, and Director, SIP Forum, and co-author of many of the STIR/SHAKEN specifications; and Jaime Zetterstrom, Vice President, Product Management at Somos, and Director, Communications Fraud Control Association (CFCA), aimed to answer that question and more during the SIPNOC 2023 session:
The Future of Trusted Communications:
Building a Framework for Authorization, Authentication and Action
Specifically, they looked both at what’s happening now in telecom current practices as well as what needs to be done moving forward. While today, service providers vet their customers and sign attestation at trunk levels (in compliance with SHAKEN mandates), to help drive trust in telecom, especially for enterprise calling use-cases, proper attestation determination should be made at the call level AND associated to the phone number. Furthermore, Chris and Jaime suggested that a phone number’s Right to Use (RTU) must be validated at the certificate level if trust is to be maintained.
Continuing the topic of vetting, Chris next stressed the critical link between proper vetting and enforcement of those vetting determinations. Trust and truth can only be achieved when there is a robust feedback loop between the continuous vetting process and input from, monitoring of and reinforcement of compliance. In fact, many (at least Chris and Jaime!) would say that vetting doesn’t achieve its full potential without robust enforcement; they truly go together like peanut butter and jelly!
To close out their presentation, Chris and Jaime issued their own set of calls to action to service providers, carriers, solution providers and other members of the robocall, robotext and caller ID spoofing prevention ecosystem:
Continue to evolve KYC policies.
Promote vetting and behavioral analysis at the phone number level.
Prioritize end to end enterprise identity proof and trust.
Foster industry collaboration.
Interested in learning more about call authentication as well as other hot topics in telecom such as the trust framework, digital identity, business messaging and more? If so, make sure to register now to attend the 2023 Somos Summit.
Don’t miss the perfect opportunity to connect, collaborate and continue the conversation!