Wangiri is a global scourge that costs service providers $1.82 billion (€1.53 billion) annually, making it one of the top five fraud types, says John Haraburda, principal solutions engineer director, iconectiv. In this type of robocall scam, fraudsters call but hang up after the first ring hence the name wangiri, which is Japanese for “one (ring) and cut.”
When victims call back, they don’t realise that it’s a premium telephone number, and they’re hit with steep toll charges. The scam initially targeted consumers with wangiri but have expanded to businesses, including call centres. Fraudsters will call customer service centres or use online customer service portals and leave a premium telephone number when instructed to provide a callback number. The automated call centre dialer then unknowingly calls that premium number.
Like a growing number of countries, the U.S. is taking steps to help service providers protect their customers and their bottom lines against one-ring fraud. Recently, the Federal Communications Commission (FCC) further confirmed that voice service providers will be given safe harbour when blocking calls from telephone numbers that are highly likely to be associated with one-ring robocall scams without fear of liability. This applies to domestic and international calls terminating in the U.S.
Five red flags
It is important for service providers and contact centres that are based outside of the U.S. to understand the new FCC rule regarding call-blocking. They also should adopt these underlying “good hygiene” principles so their legitimate cross-border telecommunications traffic continues to reach its intended recipient.
Here are five common scenarios that can result in blocked calls:
- Using caller ID from premium or unallocated numbers.
- Calling with a foreign number from a foreign network without cryptographic signing to show authenticity.
- Frequent repeat calls to the same numbers, which analytics engines will flag.
- Using North American caller ID for calls originating abroad without first registering with the FCC’s robocall mitigation certification database, which is anticipated to go live before June 30 2021.
- Large volume of calls to a wide range of numbers, which are flagged if the caller is unknown.
Call signing is the future, and the future is now
The Secure Telephone Identity Revisited/ Signature-based Handling of Asserted information using toKENs (STIR/SHAKEN) framework is designed to minimise illegal robocalls, scams and caller ID by giving service providers the tools needed to sign and verify calling party information. The U.S. was the first country in the world to implement STIR/SHAKEN, but it’s helpful for non-U.S. service providers to understand how the system works.
STIR/SHAKEN uses cryptographic signing to create a framework that helps establish trust between service providers. The Alliance for Telecommunications Industry Solutions (ATIS) manages the Secure Telephone Identity Governance Authority (STI-GA), which defines the rules governing the SHAKEN certificate management infrastructure. iconectiv serves as the Secure Telephone Identity Policy Administrator (STI-PA), which applies and enforces those rules.
As of March 2021, iconectiv has authorised more than 100 service providers, which highlights the broad, rapidly growing industry support for STIR/SHAKEN. Canada has announced plans to begin using STIR/SHAKEN, while the UK is among the countries considering adopting the STIR/SHAKEN model. “We think it has the prospect of making a very significant contribution to providing assurance about the identity of the caller,” Ofcom says.
All of this activity means that STIR/SHAKEN and underlying concepts such as digital signatures for authenticating callers will be increasingly important worldwide for mitigating illegal robocalls and other spam including for cross-border calls. U.S. service providers then would be able to accept signed calls from international community members.
Accurate, trusted data enables informed decisions
Finally, service providers will also need access to accurate, continually updated information about telephone numbers worldwide. This information enables them to block calls from high-risk, unallocated and suspicious premium-rate numbers so they are not inadvertently passed on to U.S. service providers.
Besides helping to mitigate wangiri scams, this information also helps service providers thwart additional types of fraud and suspicious activity, including PBX hacking fraud, international revenue share fraud (IRSF), interconnection-related revenue leakage and fraudulent roaming calls to premium-rate services.
Robocall mitigation is a journey as well as a destination. It’s not too early to start thinking about how to get signed calls into the U.S. In addition to understanding the STIR/SHAKEN model and the FCC one-ring R&O, non-U.S. service providers also need to implement good hygiene best practices to proactively ID and block nefarious calls.
All of these concepts and initiatives will go a long way toward mitigating the wangiri scourge and other illegal robocall and robotext scams that annoy and defraud consumers worldwide.
The author is John Haraburda, principal solutions engineer director, iconectiv.
Comment on this article below or via Twitter: @VanillaPlus OR @jcvplus
