DOCSLIB.ORG

March 10, 2020 FACT SHEET* Mandating STIR/SHAKEN And

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
March 10, 2020 FACT SHEET* Mandating STIR/SHAKEN And March 10, 2020 FACT SHEET* Mandating STIR/SHAKEN and Proposing Additional Measures to Combat Illegal Spoofing Report and Order and Further Notice of Proposed Rulemaking – WC Docket Nos. 17-97, 20-67 Background: Each day, Americans receive millions of unwanted phone calls, including calls that “spoof” or falsify caller ID information with a malicious intent. These spoofed calls are not simply an annoyance—they result in billions of dollars lost to fraud, degrade consumer confidence in the voice network, and harm public safety. This Report and Order and Further Notice of Proposed Rulemaking would take a critical step in the Commission’s multi-pronged approach to ending illegal caller ID spoofing by requiring voice service providers to implement caller ID authentication technology. Known as STIR/SHAKEN, this technology enables voice service providers to verify that the caller ID information transmitted with a particular call matches the caller’s number—and provides valuable information to detect illegally spoofed calls. Widespread implementation of STIR/SHAKEN will reduce the effectiveness of illegal spoofing, allow law enforcement to identify bad actors more easily, and help voice service providers identify calls with illegally spoofed caller ID information before those calls reach their subscribers. Most importantly, it will help restore Americans’ trust in the voice network, which has been eroded by the prevalence of illegal caller ID spoofing. What the Order Would Do: • Require originating and terminating voice service providers to implement the STIR/SHAKEN caller ID authentication framework in the Internet Protocol (IP) portions of their networks by June 30, 2021, a deadline that is consistent with the TRACED Act, which was recently passed by Congress. What the Further Notice Would Do: • Propose to extend the STIR/SHAKEN implementation mandate to intermediate providers. • Propose to implement caller ID authentication and other provisions of the TRACED Act, including through proposals to: o Grant an extension for compliance with the STIR/SHAKEN implementation mandate for small voice service providers so long as those providers implement a robocall mitigation program. o Require voice service providers using non-IP technology to either (i) upgrade their networks to IP to enable STIR/SHAKEN implementation, or (ii) work to develop non-IP caller ID authentication technology and implement a robocall mitigation program in the interim. o Establish a process by which a voice service provider may be exempt from the STIR/SHAKEN implementation mandate if the provider has achieved certain implementation benchmarks. o Prohibit voice service providers from imposing additional line item charges on consumers and small businesses for caller ID authentication. * This document is being released as part of a “permit-but-disclose” proceeding. Any presentations or views on the subject expressed to the Commission or its staff, including by email, must be filed in WC Docket Nos. 17-97 and 20-67, which may be accessed via the Electronic Comment Filing System (http://www.fcc.gov/ecfs/). Before filing, participants should familiarize themselves with the Commission’s ex parte rules, including the general prohibition on presentations (written and oral) on matters listed on the Sunshine Agenda, which is typically released a week prior to the Commission’s Meeting. See 47 CFR § 1.1200 et seq. Federal Communications Commission FCC-CIRC2003-01 Before the Federal Communications Commission Washington, D.C. 20554 In the Matter of ) ) Call Authentication Trust Anchor ) WC Docket No. 17-97 ) Implementation of TRACED Act Section 6(a) — ) WC Docket No. 20-67 Knowledge of Customers by Entities with Access ) to Numbering Resources ) ) ) REPORT AND ORDER AND FURTHER NOTICE OF PROPOSED RULEMAKING∗ Adopted: [] Released: [] Comment Date: May 15, 2020 Reply Comment Date: May 29, 2020 By the Commission: TABLE OF CONTENTS I. INTRODUCTION .................................................................................................................................. 1 II. BACKGROUND .................................................................................................................................... 4 III. REPORT AND ORDER ...................................................................................................................... 24 A. Mandating the STIR/SHAKEN Framework .................................................................................. 25 1. STIR/SHAKEN Implementation Requirements ...................................................................... 32 2. Legal Authority ....................................................................................................................... 42 B. Summary of Costs and Benefits ..................................................................................................... 45 1. Expected Benefits .................................................................................................................... 46 2. Expected Costs ........................................................................................................................ 53 C. Other Issues .................................................................................................................................... 54 IV. FURTHER NOTICE OF PROPOSED RULEMAKING ..................................................................... 57 A. Caller ID Authentication Requirements Definitions and Scope .................................................... 58 B. Extending the STIR/SHAKEN Implementation Mandate to Intermediate Providers .................... 61 C. Assessment of Burdens or Barriers to Implementation ................................................................. 72 D. Extension of Implementation Deadline.......................................................................................... 75 ∗ This document has been circulated for tentative consideration by the Commission at its March 2020 open meeting. The issues referenced in this document and the Commission’s ultimate resolution of those issues remain under consideration and subject to change. This document does not constitute any official action by the Commission. However, the Chairman has determined that, in the interest of promoting the public’s ability to understand the nature and scope of issues under consideration, the public interest would be served by making this document publicly available. The FCC’s ex parte rules apply and presentations are subject to “permit-but-disclose” ex parte rules. See, e.g., 47 C.F.R. §§ 1.1206, 1.1200(a). Participants in this proceeding should familiarize themselves with the Commission’s ex parte rules, including the general prohibition on presentations (written and oral) on matters listed on the Sunshine Agenda, which is typically released a week prior to the Commission’s meeting. See 47 CFR §§ 1.1200(a), 1.1203. Federal Communications Commission FCC-CIRC2003-01 E. Caller ID Authentication in Non-IP Networks .............................................................................. 95 F. Voluntary STIR/SHAKEN Implementation Exemption .............................................................. 101 G. Prohibiting Line Item Charges for Caller ID Authentication....................................................... 118 H. Benefits and Costs ....................................................................................................................... 120 I. Access to Numbering Resources ................................................................................................. 121 V. PROCEDURAL MATTERS .............................................................................................................. 129 VI. ORDERING CLAUSES ..................................................................................................................... 137 APPENDIX A – Final Rules APPENDIX B – Draft Proposed Rules APPENDIX C – Final Regulatory Flexibility Analysis APPENDIX D – Initial Regulatory Flexibility Analysis I. INTRODUCTION 1. Each day, Americans receive millions of unwanted phone calls.1 These include “spoofed” calls whereby the caller falsifies caller ID information that appears on a recipient’s phone to deceive them into thinking the call is from someone they know or can trust.2 And these spoofed calls are not simply an annoyance—they result in billions of dollars lost to fraud,3 degrade consumer confidence in the voice network, and harm our public safety.4 2. The Commission, Congress, and state attorneys general all agree on the need to protect consumers and put an end to illegal caller ID spoofing.5 Over the past three years, the Commission has taken a multi-pronged approach to this problem—issuing hundreds of millions of dollars in fines for violations of our Truth in Caller ID rules;6 expanding those rules to reach foreign calls and text messages;7 enabling voice service providers to block certain clearly unlawful calls before they reach 1 One source indicates that Americans received over 58 billion such calls in 2019 alone. YouMail, Historical Robocalls by Time, https://www.robocallindex.com/history/time (last visited Jan. 17, 2020). 2 Spoofing has legal and illegal uses. For example, medical professionals calling patients from their mobile phones often legally spoof the outgoing phone number to be the office phone number for privacy reasons, and businesses often display a toll-free call-back number. Illegal spoofing, on the other hand, occurs when a caller transmits
Load more

Recommended publications
  • Microsoft Azure Essentials Azure Machine Learning
    Azure Machine Learning Microsoft Azure Essentials Jeff Barnes Visit us today at microsoftpressstore.com • Hundreds of titles available – Books, eBooks, and online resources from industry experts • Free U.S. shipping • eBooks in multiple formats – Read on your computer, tablet, mobile device, or e-reader • Print & eBook Best Value Packs • eBook Deal of the Week – Save up to 60% on featured titles • Newsletter and special offers – Be the first to hear about new releases, specials, and more • Register your book – Get additional benefits Hear about it first. Get the latest news from Microsoft Press sent to your inbox. • New and upcoming books • Special offers • Free eBooks • How-to articles Sign up today at MicrosoftPressStore.com/Newsletters Wait, there’s more... Find more great content and resources in the Microsoft Press Guided Tours app. The Microsoft Press Guided Tours app provides insightful tours by Microsoft Press authors of new and evolving Microsoft technologies. • Share text, code, illustrations, videos, and links with peers and friends • Create and manage highlights and notes • View resources and download code samples • Tag resources as favorites or to read later • Watch explanatory videos • Copy complete code listings and scripts Download from Windows Store PUBLISHED BY Microsoft Press A division of Microsoft Corporation One Microsoft Way Redmond, Washington 98052-6399 Copyright © 2015 Microsoft Corporation. All rights reserved. No part of the contents of this book may be reproduced or transmitted in any form or by any means without the written permission of the publisher. ISBN: 978-0-7356-9817-8 Microsoft Press books are available through booksellers and distributors worldwide.
    [Show full text]
  • Data Localization Requirements Across Different Jurisdictions 70
    The Localisation Gambit Unpacking Policy Measures for Sovereign Control of Data in India 19th March, 2019 By ​Arindrajit Basu, Elonnai Hickok, and Aditya Singh Chawla Edited by ​Pranav M Bidare, Vipul Kharbanda, and Amber Sinha Research Assistance ​Anjanaa Aravindan The Centre for Internet and Society, India Acknowledgements 2 Executive Summary 3 Introduction 9 Methodology 10 Defining and Conceptualizing Sovereign Control of Data 11 Mapping of Current Policy Measures for Localization of Data in India 13 The Draft Personal Data Protection Bill, 2018 13 Draft E-commerce Policy (s) 17 RBI Notification on ‘Storage of Payment System Data’ 19 Draft E-Pharmacy Regulations 20 FDI Policy 2017 20 National Telecom M2M Roadmap 21 Unified Access License for Telecom 21 Companies Act, 2013 and Rules 21 The IRDAI (Outsourcing of Activities by Indian Insurers) Regulations, 2017 22 Guidelines on Contractual Terms Related to Cloud Services 22 Reflecting on Objectives, Challenges and Implications of National Control of Data 24 Enabling Innovation and Economic Growth 24 Enhancing National Security and Law Enforcement Access 34 Law Enforcement Access 34 Protecting Against Foreign Surveillance 36 Threat to fibre-optic cables 37 Widening Tax Base 40 Data Sovereignty and India’s Trade Commitments 41 A Survey of Stakeholder Responses 48 Data Localisation Around the World 49 Conclusions and Recommended Approaches 61 Annexure I 70 Mapping Data Localization Requirements Across Different Jurisdictions 70 Annexure 2 75 A survey of stakeholder responses 75 1 Acknowledgements The authors would like to thank Pranav MB, Vipul Kharbanda, Amber Sinha, and Saumyaa Naidu for their invaluable edits and comments on the draft.
    [Show full text]
  • Supplies and Services Contracts, Dated July 2010
    1. Caption Page of Pages SOLICITATION, OFFER, AND AWARD DOC Offender Management System 1 93 2. Contract Number 3. Solicitation Number 4. Type of Solicitation 5. Date Issued 6. Type of Market Sealed Bid (IFB) Open Sealed Proposals (RFP) 11/07/17 Set Aside Doc350609 Sole Source Open Market with Set-Aside Emergency CBE Designated Category 7. Issued By 8. Address Offer to: Office of Contracting and Procurement Office of Contracting and Procurement 441 - 4th Street, N.W., Suite 700 South 441 - 4th Street, N.W., Suite 700 South Washington, D.C. 20001 Washington, D.C. 20001 NOTE: In sealed bid solicitations “offer” or “offeror” means “bid or “bidder” SOLICITATION 9. Sealed offers in original and __1__ copies for furnishing the supplies or services in the Schedule will via electronic format via the on-line solicitation software __2:00 p.m. local time December 7, 2017 _ (Hour) (Date) CAUTION: Late submission, Modifications and Withdrawals: See 27 DCMR chapters 15 & 16 as applicable. All offers are subject to all terms & conditions contained in solicitation. 10. For Information A. Name B. Telephone C. E-mail Address Contact (Area Code) (Number) (Ext) Nicole Smith-McDermott 202 724.4587 [email protected] 11. Table of Contents (X) Section Description Page (X) Section Description Page No. No. PART I – THE SCHEDULE PART II – CONTRACT CLAUSES X A Solicitation/Contract Form 1 X I Contract Clauses 66 X B Supplies or Services and Price/Cost 2 PART III – LIST OF DOCUMENTS, EXHIBITS AND OTHER ATTACHMENTS X C Specifications/Work Statement 5 X J List of Attachments 76 X D Packaging and Marking 46 PART IV – REPRESENTATIONS AND INSTRUCTIONS X E Inspection and Acceptance 46 Representations, certification and other 77 X F Deliveries or Performance 47 X K statements of offerors X G Contract Administration Data 51 X L Instructions, conditions & notices to Offerors 78 X H Special Contract Requirements 58 X M Evaluation factors for award 88 12.
    [Show full text]
  • Federal Register/Vol. 85, No. 77/Tuesday, April 21, 2020/Rules
    Federal Register / Vol. 85, No. 77 / Tuesday, April 21, 2020 / Rules and Regulations 22029 and-comment requirements of the FEDERAL COMMUNICATIONS Synopsis Administrative Procedure Act, see 5 COMMISSION I. Introduction U.S.C. 553(b)(A). 7. Implementation. As a temporary 47 CFR Part 64 1. Each day, Americans receive transition measure, for 90 days after millions of unwanted phone calls. One source indicates that Americans publication of this document in the [WC Docket Nos. 17–97, 20–67; FCC 20– received over 58 billion such calls in Federal Register, U.S. Bank will 42; FRS 16631] continue to process payments to P.O. 2019 alone. These include ‘‘spoofed’’ Box 979088. After that date, forfeiture Call Authentication Trust Anchor; calls whereby the caller falsifies caller payments must be made in accordance Implementation of TRACED Act— ID information that appears on a with the procedures set forth in each Knowledge of Customers by Entities recipient’s phone to deceive them into forfeiture order and on the With Access to Numbering Resources thinking the call is from someone they Commission’s website, www.fcc.gov/ know or can trust. Spoofing has legal licensing-databases/fees. For now, such AGENCY: Federal Communications and illegal uses. For example, medical payments will be made through the Fee Commission. professionals calling patients from their Filer Online System (Fee Filer), mobile phones often legally spoof the accessible at https://www.fcc.gov/ ACTION: Final rule. outgoing phone number to be the office licensing-databases/fees/fee-filer. As we phone number for privacy reasons, and assess and implement U.S.
    [Show full text]
  • Managing Unsolicited Communication Leveraging STIR/SHAKEN and Blockchain
    Managing Unsolicited Communication Leveraging STIR/SHAKEN and Blockchain Tech Mahindra and IBM POV STIR/SHAKEN BLOCKCHAIN POV 1 Table of Contents Introduction 3 STIR/SHAKEN Framework 3 Secured Telephony Identity Revisited (STIR) 3 Signature-based Handling of Asserted information using toKENs (SHAKEN) 4 How do STIR/SHAKEN work in a telecom network? 4 Limitations of STIR/SHAKEN Framework 5 How is India resolving the Great '1 Bn Subscriber Problem" by adopting Blockchain? 5 Benefits of DLT UCC Solution 6 Architecture for implementation of UCC ecosystem based on DLT 6 Ledgers for DLT UCC Solution 7 Performance of the DLT UCC Solution 8 Platform To Curb RoboCalls and Caller ID Spoofing for US Operators: 8 A Use Case for Integration of DLT UCC Solution with the STIR/SHAKEN framework 8 Call flow with integrated STIR/SHAKEN and DLT UCC Solution 9 Why the IBM Blockchain Platform for the DLT? 10 Conclusion 10 STIR/SHAKEN BLOCKCHAIN POV 2 Introduction The Federal Trade Commission (FTC) is a bipartisan federal agency with a dual mission to protect consumers and promote competition. Federal Communications Commission (FCC) regulates interstate and international communications by radio, television, wire, satellite, and cable in all 50 states. The District of Columbia and US territories regularly cite “unwanted and illegal robocalls" as their top complaint category. The FTC got more than 1.9 million complaints filed in the first five months of 2017 and around 5.3 million in 2016. The FCC has stated that it gets more than 200,000 complaints about unwanted telemarketing calls each year. The consumers are increasingly the targets of unsolicited and often fraudulent robocalls, which are enabled by caller ID spoofing.
    [Show full text]
  • Henning Schulzrinne FCC 7/16/14 ITIF 2
    7/16/14 ITIF 1 TECHNOLOGY TRANSITION: NUMBERING Henning Schulzrinne FCC 7/16/14 ITIF 2 Overview • Technology transition overview • The role of telephone numbers • The future of telephone numbers 7/16/14 ITIF 3 Technology Transitions application TDM voice VoIP (incl. VoLTE) transport network TDM circuits & IP packets analog fiber physical coax copper twisted-pair layer wireless copper twisted-pair (and combinations) 7/16/14 ITIF 4 The universe of IP transitions cable video PSTN satellite video numbers 911 7/16/14 ITIF 5 The three transitions From to motivation issues Copper fiber capacity competition maintenance cost (“unbundled network elements”) Wired wireless mobility capacity cost in rural areas quality Circuits packets flexibility line power (IP) cost per bit VoIP, VoLTE 7/16/14 ITIF 6 Dividing the problem space universal reach power intra network reliability consumer protection Tech transition interconnection inter network 911 numbering 7/16/14 ITIF 7 Interstate switched access minutes 7/16/14 ITIF 8 Lines are disappearing, but maintenance costs are constant 100 JSI Capital Advisors projection 80 voice only (DSL: 20 M) 60 40 20 Residential 0 Business per-line monthly maintenance $2.72 $17.57 cost voice revenue/line: dis $50 7/16/14 ITIF 9 Switches are ageing 1979 Nortel DMS-100 http://www.phworld.org/switch/ntess.htm 7/16/14 ITIF 10 Engines for tech transition • Consumer-induced • Landline cellular • uneven by geography, income, ethnicity • but decreasing rate • why do household keep or abandon landlines? • ILEC DSL cable company
    [Show full text]
  • YGH 50Th Anniversary Exhibit Booklet
    The world is a fascinating place. Over the last 50 years we have had the honor and good fortune to build rich relationships and partner with colleagues and clients in the Northwest and over 40 countries around the globe. Here’s to 50 years of captivating, challenging, award-winning and just plain fun projects. 64 70 80 BUILDING A UNIQUE PRACTICE GROWTH & CHANGE Campbell Yost Grube “As in nature, the aesthetic qualities in architecture are derived from the way things work.” CAMPBELL YOST GRUBE ARCHITECTS YOST GRUBE HALL ARCHITECTS 90 2000 EVOLUTION & POSSIBILITY “Projects in the developing world have taught us to focus on the essential...” “... to produce architecture of excellence in service to our clients and society.” YGH ARCHITECTURE “From the Northwest, across the U.S. and to the Sudan...It’s been quite an adventure.” -Joachim Grube Building a Unique Practice Consider this: 50 years ago there were no computers. A GPS system was a well-worn map that folded 60 nicely in your back pocket. The level of communication we take for granted today didn’t exist. That didn’t make it any less exciting to be a small, young architecture fi rm hungry to make a difference. The fi rm’s focus on creative “problem seeking” led to signifi cant projects for the State of Oregon and the Oregon Board of Higher Education, as well as a national building program and work overseas. 70 60 -70’s Portland State University Campus Master Plans YGH developed three major campus plans for Portland State University from 1970 to 1985.
    [Show full text]
  • GAO-20-153, Fake Caller ID Schemes
    United States Government Accountability Office Report to Congressional Committees December 2019 FAKE CALLER ID SCHEMES Information on Federal Agencies’ Efforts to Enforce Laws, Educate the Public, and Support Technical Initiatives GAO-20-153 December 2019 FAKE CALLER ID SCHEMES Information on Federal Agencies’ Efforts to Enforce Laws, Educate the Public, and Support Technical Initiatives Highlights of GAO-20-153, a report to congressional committees Why GAO Did This Study What GAO Found Unwanted phone calls, which may also Transmitting fake caller ID information with a phone call, also referred to as involve spoofing, consistently rank “spoofing,” is in many cases illegal—and is used in schemes to obtain money among the top consumer complaints to and personal information or generate telemarketing leads. Complaints submitted FCC and FTC. In recent years, to the Federal Communications Commission (FCC) and the Federal Trade consumers have lost millions of Commission (FTC), both of which work to protect consumers from spoofing, dollars—and been deceived into suggest that spoofing is a growing issue. providing financial or other sensitive information or purchasing falsely FCC, FTC, and the Department of Justice (DOJ) identified 62 enforcement cases advertised products—due to schemes they have brought since 2006 involving spoofing. Enforcement can be using these calls. FCC, FTC, and DOJ challenging, as it can be difficult to identify the source of spoofed calls, and have efforts aimed at combatting the scammers may be based overseas. Nevertheless, GAO found that the agencies fraudulent use of caller ID spoofing. prioritize their spoofing-related enforcement actions based in part on the level of harm perpetrated against the public and generally follow key practices identified Recently enacted federal legislation included a statutory provision for GAO by GAO for effective collaboration.
    [Show full text]
  • April 13, 2021 TLP: WHITE Report: 2021041313000
    Health Sector Cybersecurity Coordination Center (HC3) Analyst Note April 13, 2021 TLP: WHITE Report: 2021041313000 Vishing and Phishing Campaigns Targeting the HPH Sector Executive Summary In late March 2021, security researchers revealed details of a malicious campaign targeting the healthcare and public health (HPH) sector by leveraging call centers to distribute malware to its targets. Numerous campaigns in the past year have successfully leveraged voice-changing software, Voice over IP (VoIP) software, caller ID spoofing, and social engineering techniques to obtain sensitive information or install malware on targeted systems. HC3 assesses that these trends will continue due to previous successful exploitation. Report HC3 has observed numerous phishing and vishing campaigns in the last year, with an uptick of recent activity targeting the HPH sector. Voice phishing, also known as vishing, is the practice of eliciting information or attempting to influence action via the telephone. Threat actors often leverage VoIP services to conduct social engineering attacks. These attacks enable hackers to appear to be originating from a trusted telephone number by spoofing the caller ID. Attackers may even leverage voice-changing software to further convince victims and obscure their identity. The objectives of these attacks are to obtain sensitive information or distribute malware. Some relevant threat activity observed by the HC3 over the past year includes the following: • In April 2021, the Molerats cyberespionage group was discovered using voice-changing software to pose as women when social engineering its targets to install malware. This group is also believed to hack VoIP systems which could allow them to appear to be coming from a trusted phone number.
    [Show full text]
  • Image- and Point Cloud-Based Detection of Damage in Robotic And
    IMAGE- AND POINT CLOUD-BASED DETECTION OF DAMAGE IN ROBOTIC AND VIRTUAL ENVIRONMENTS By CALVIN DOBRIN A thesis submitted to the School of Graduate Studies Rutgers, The State University of New Jersey In partial fulfillment of the requirements For the degree of Master of Science Graduate Program in Mechanical and Aerospace Engineering Written under the direction of Aaron Mazzeo And approved by _________________________________ _________________________________ _________________________________ _________________________________ New Brunswick, New Jersey May, 2021 ABSTRACT OF THE THESIS IMAGE- AND POINT CLOUD-BASED DETECTION OF DAMAGE IN ROBOTIC AND VIRTUAL ENVIRONMENTS By CALVIN DOBRIN Thesis Director: Aaron D. Mazzeo Repair procedures are vital to maintain the integrity of long-term structures such as bridges, roads, and space habitats. To reduce the burden of manual inspection and repair of long- term environments, the proposed solution is an autonomous repair system used for damage detection and damage repair with very little human intervention. The primary purpose of this thesis is to lay the groundwork for the introductory steps related to detection of damage and creation of a virtual map for navigation in this system. It covers the process of initial detection of damage on a structure, confirmation of damage with detailed red-green-blue-depth (RGB-D) scanning, and development of a virtual map of the structure for navigation and localization of important features. We begin by reviewing numerous damage detection methods and establishing a case for optical 2D stereo imaging and 3D scanning. We performed image-processing and point cloud-processing methods to isolate damage in image and point cloud data. The potential of automating operation and data processing without human intervention is also discussed.
    [Show full text]
  • End-To-End Detection of Caller ID Spoofing Attacks
    End-to-End Detection of Caller ID Spoofing Attacks Hossen Mustafa, Member, IEEE, Wenyuan Xu, Member, IEEE Ahmad-Reza Sadeghi, Member, IEEE and Steffen Schulz Abstract—Caller ID (caller identification) is a service provided by telephone operators where the phone number and/or the name of the caller is transmitted to inform the callee who is calling. Today, most people trust the caller ID information and some banks even use Caller ID to authenticate customers. However, with the proliferation of smartphones and VoIP, it is easy to spoof caller ID information by installing a particular application on the smartphone or by using service providers that offer Caller ID spoofing. As the phone network is fragmented between countries and companies and upgrades of old hardware is costly, no mechanism is available today to let end-users easily detect Caller ID spoofing attacks. In this article, we propose a new approach of using end-to-end caller ID verification schemes that leverage features of the existing phone network infrastructure (CallerDec). We design an SMS-based and a timing-based version of CallerDec that works with existing combinations of landlines, cellular and VoIP networks and can be deployed at the liberty of the users. We implemented both CallerDec schemes as an App for Android-based phones and validated their effectiveness in detecting spoofing attacks in various scenarios. Index Terms—End-user Security; Caller ID Spoofing; ! 1INTRODUCTION the US government passed the legislation Truth in Caller ID Act of 2009 [5] making it illegal to transmit “What’s worse than a bad authentication system? misleading or inaccurate caller ID information with A bad authentication system that people have the intent to defraud.
    [Show full text]
  • FPL Florida Power & Light Company FPSC Florida Public Service Commission FPUC Florida Public Utilities Company FRCC Florida Reliability Coordinating Council F.S
    I. Meeting Packet State of Florida Public Service Commission INTERNAL AFFAIRS AGENDA Tuesday, November 29, 2016 Following Special Commission Agenda Room 105 - Gerald L. Gunter Building 1. “Update from the Federal Communications Commission” by The Honorable Mignon Clyburn, FCC Commissioner 2. Draft Review of the 2016 Telecommunications Regulatory Assessment Fee Report (Attachment 1) 3. Draft Review of the 2016 Annual Report on Activities Pursuant to the Florida Energy Efficiency and Conservation Act (Attachment 2) 4. Draft Review of the 2016 Lifeline Report to the Legislature (Attachment 3) 5. Draft Review of the 2016 Ten-Year Site Plans for Florida’s Electric Utilities (Attachment 4) 6. General Counsel’s Report 7. Executive Director’s Report 8. Other Matters BB/ks OUTSIDE PERSONS WISHING TO ADDRESS THE COMMISSION ON ANY OF THE AGENDAED ITEMS SHOULD CONTACT THE OFFICE OF THE EXECUTIVE DIRECTOR AT (850) 413-6463. Attachment 1 REPORT ON THE EFFORTS OF THE FLORIDA PUBLIC SERVICE COMMISSION TO REDUCE THE REGULATORY ASSESSMENT FEE FOR TELECOMMUNICATIONS COMPANIES As of December 2016 REPORT ON THE EFFORTS OF THE FLORIDA PUBLIC SERVICE COMMISSION TO REDUCE THE REGULATORY ASSESSMENT FEE FOR TELECOMMUNICATIONS COMPANIES As of December 2016 Office of Telecommunications Introduction During the 2011 Legislative Session, House Bill CS/CS/HB 1231, the “Regulatory Reform Act” (Act), was passed and signed into law by the Governor, effective July 1, 2011. Under the Act, the Legislature eliminated most of the Florida Public Service Commission’s (FPSC’s or Commission’s) retail oversight authority for the telecommunications wireline companies, yet maintained the FPSC’s authority over wholesale intercarrier issues.
    [Show full text]