Groups Back Third-Party Caller ID Authentication Solution

Allowing providers to use third-parties for performing caller ID authentication "will aid robocall mitigation efforts by enabling providers who are otherwise unable to implement the FCC’s Stir/Shaken protocols to authenticate calls transmitted on their networks without imposing additional burdensome costs," said the New York Public Service Commission. The PSC asked the FCC to end the Stir/Shaken implementation extension for providers unable to obtain a service provider (SPC) token, saying the "inability of providers to obtain an SPC token is no longer a barrier to fulfilling Stir/Shaken requirements because of the allowed use of third-party authentication methods."

The FCC should allow third-party signing on behalf of an originating provider "so long as the call is signed using the provider's token," said USTelecom. Signing calls with an originating provider’s token will provide any information needed to act "should an originating provider prove to routinely originate and authenticate illegal robocalls," the group said. TransNexus urged the FCC to issue a declaratory ruling to "clarify its existing rules" on originating service provider non-participation with Sir/Shaken implementation.

Allow third-party authentication of toll-free numbers by responding organizations, said Somos. Doing so would 'strengthen the reliability of the Stir/Shaken framework," it said. Prohibit providers from renting numbers "with specific exceptions permitted for appropriate business reasons," said the National Consumer Law Center and Electronic Privacy Information Center in joint comments. The temporary rental of phone numbers is "a tactic widely used by callers ... to render the display caller ID information meaningless," the groups said.

Third-party caller ID authentication "has proven to be an effective means for many smaller voice service providers and their customers to get timely and efficient access to the benefits of Stir/Shaken," said ACA Connects. The group cautioned the FCC to "not assume that all third party caller ID authentication solutions merit the same treatment." It asked the FCC to "affirm the permissibility of third-party call authentication arrangements between wholesale providers and reseller customers." Numeracle asked the FCC to "allow third-party signing only if third-party vendors are using the certificate of the voice service provider for whom they are a signing agent."

Require all originating service providers using third-party arrangements to register with the Secure Telephone Identity (STI) policy administrator and STI certificate authority "to procure their own tokens and certificates," said NTCA. The group said it opposes prohibiting or limiting the use of third-party authentication services "of any kind." NCTA asked the FCC to allow for an "appropriate transition period" for third-party vendors to "make any necessary adjustments to their call authentication services and to enable providers relying on these services to switch to new or updated platforms as needed." Don't impose additional requirements for identifying third-party solutions in the robocall mitigation database, said Incompas, adding they're "unnecessary and may deter providers from trying these solutions."

"Eliminating or restricting third party authentication would disrupt current ATIS-compliant arrangements requiring the expenditure of time and resources," said the Cloud Communications Alliance: "Should the commission take such action, it should adopt a reasonable transition period of at least six months." There "must be one and only one originating voice service provider, and their A- or B-level signature with their name" for every call, said ZipDX. Improper attestations "are far too common in the current ecosystem," said Transaction Network Services. The FCC could "increase enforcement efforts in this space, such as by facilitating referrals to the Enforcement Bureau and encouraging industry self-policing," it said.