Calling Line Identity (CLI) seems innocuous, but when you look at it, it is central to so many areas of telecoms that we all need to be on top of this topic.

At the most basic level, CLI informs a person of who is calling them. Still, we also use it to identify where calls originate within the network, and many billing systems rely on it for correct call charging. Some systems even use it to make intelligent call routing decisions.

When everything works and CLI is used legitimately, this is widely accepted as a reliable industry standard. However, the challenge comes when there are technical issues or nefarious users.

Since many networks have migrated to IP, we have found a variety of use cases that don’t comply with UK standards, most of which are getting ironed out by cooperation between carriers and service providers, thankfully, but for a while, it wasn’t unusual to discover that a CLI flagged for withholding by the caller was in fact passed on to the called party, or that a ‘network’ CLI has been used for presentation instead of the separate number provided for that purpose. In fact, the number of interoperability issues we uncovered led to the creation of our Mag-Hub solution, an interconnected platform that manages the variations between carrier networks meaning far fewer issues are experienced by the called or calling parties.

Whilst these technical challenges are starting to be far less frequent, thanks to networks undertaking better testing and greater awareness of standards, the arguably much larger concern is that of scam and nuisance calls. With a spotlight on this from the highest ranks here in the UK, Ofcom find themselves under pressure to stamp out this age-old misuse of our telephony network.

We all appreciate the ease of use and flexibility that comes with a modern IP telephony network. However, with that flexibility comes simplicity for the less honest in our society to manipulate CLI data to improve their chances of having calls connect or to convince people of their identity.

Common scams include callers pretending to be from banks, insurance companies and the like, and by presenting a legitimate-looking CLI, the caller is frequently duped into believing everything is genuine. The end result is they give out more information than they safely should, with sometimes dire consequences for the individual concerned.

Nuisance calls, on the other hand, often arrive with genuine-looking CLI to improve the chance of them being answered. Still, then when the called party tries to return the call or raise a complaint, we discover the CLI was, in fact, ‘spoofed’ and is either invalid or belongs to an entirely different organisation. In these scenarios, the only way currently to trace the source of the call is to work backwards through the call path to discover the call originator. This step is rarely taken as it can be costly and time-consuming even if you do get all parties to co-operate.

Part of the challenge here in the UK is that we don’t have a simple way of validating the legitimacy of a CLI after the call leaves the originating network. Obviously, we can all do basic checks such as making sure it ‘looks and feels’ like a real number and of course, we can ensure all suppliers and client contracts include an obligation to use only CLI in accordance with the regulations. But this doesn’t appear to be enough to significantly reduce the number of scam and nuisance calls. According to Ofcom, the problem is as serious as ever, and this has caused them to consult again on further steps we can take as an industry.

This latest consultation is now closed with a statement expected in the Autumn, but we can be fairly certain the measures suggested will be introduced. The key change to the regulations will be the inclusion of words that mean if the CLI does not uniquely identify the caller, we must block the call from reaching the called party. The guidance is also expected to be updated with a requirement to carry out more extensive checks on the number used as CLI, including the length of the number and that it has been allocated by Ofcom.

Another key addition to this latest proposed update to the General Conditions is the requirement to block calls that originate outside of the UK but have a UK ‘network’ CLI. Aware that a considerable number of scam calls originate overseas, this new requirement was proposed by NICC last year, and Ofcom has already asked networks to implement it on a voluntary basis. Of course, there needs to be exceptions for legitimate use cases, and hopefully, they will be decisively agreed and documented by the time this becomes mandatory.

However, despite additional checks, we can be confident that those that want to perpetrate scams via telephone calls will continue to find a way. Even in the US, where they have introduced STIR/SHAKEN, something that is expected to land here in the coming years (or a variation of) hasn’t been the silver bullet that people thought it might be. Scams can still be delivered using entirely valid CLI that will pass all the checks, so another step Ofcom will require us all to take is raise awareness amongst the public to try and reduce the impact and increase the number of scam attempts that get reported and investigated.

Meanwhile, as with all Ofcom intervention, the question of proportionality has to be addressed. Here at Magrathea, we have a strong suspicion that the introduction of reciprocal surcharging for internationally originated calls has, in fact, had a rather unexpected knock-on effect.

The way networks have implemented surcharging has meant that any call, regardless of country of origin, that has an invalid or malformed CLI is surcharged at a considerable per minute rate, often around £2 per minute. This appears to have encouraged most to clean up their act and at least ensure most calls have a valid CLI attached to them, which in turn is highly likely to have had some impact on complaints. We have asked Ofcom for feedback on this and hope to see more detail in the statement.

So, whilst surcharging was not intended to be a tool for CLI cleansing – love it or hate it – it does, at least for now, appear to have done a better job at it than the industry has ever managed before!



from UC Today https://ift.tt/ShygZuI