bringing certification-based authentication to voice
For decades, SSL certificates have helped authenticate websites. Now, the telecom industry is using a similar approach to fight illegal robocalls and Caller ID spoofing with an industry-standard protocol for authenticating calling numbers. The solution lies in the implementation of the industry’s specifications known as SHAKEN (Signature-based Handling of Asserted information using toKENs). SHAKEN provides a framework for Certification Authorities to issue Secure Telephone Identity (STI) digital certificates to authorized service providers, which are used to verify the integrity and accuracy of calling number data.
Clearly, the process for evaluating, vetting and monitoring the integrity of this system is vital. In fact, both service providers and Certification Authorities play a pivotal role in the initiative to win back the public’s trust that the calling number is authenticated. The solutions requires that the calling party’s service provider use the certificates to secure the authenticated calling party information in the call signaling. The called party’s service provider can then verify that the calling number is genuine and its use has been authenticated.
As the Secure Telephone Identity Policy Administrator (STI-PA), iconectiv verifies, confirms, manages and supports the issuance of digital certificates for use in the SHAKEN framework and ensures that only authorized service providers are able to obtain Secure Telephone Identity Certificates from authorized Certification Authorities. These Certification Authorities are vetted, verified and approved by a Policy Management Authority (PMA) to perform the security functions necessary to maintain the integrity of the SHAKEN framework. iconectiv serves as the director of the PMA, which is comprised of industry stakeholders, including members of the STI-GA technical committee.
iconectiv manages the list of approved Certification Authorities available to service providers via a REST interface query. The SHAKEN Secure Telephone Identity Verification Service (STI-VS) can then use this list to validate a call was signed by a Service Provider using a STI certificate from an approved Certification Authority. iconectiv also maintains Service Provider Code tokens, which represent the credentials and validation of service providers. Service Providers will then use this token when requesting issuance of STI certificates from an approved Certification Authority.