The Lightning Review of Every Method Currently Proposed for Authenticating Phone Calls

I have the privilege today of speaking at the 35th forum of the Global Solutions Council (GSC), a nonprofit organization that brings together many of the world’s most important carriers including Telstra, Telenor, Tata Communications, PCCW Global, Orange, BTS, BICS and Arelion, the new name for Telia Carrier. My goal is simple: to give them a fully-rounded discussion of the various ways our planet may authenticate international phone calls and limit the potential abuse of services by machines that can make large numbers of unwanted and harmful calls. The Global Solutions Council provides a fitting forum for a topic that only makes sense when understood globally. Authentication needs to work worldwide in order to be effective, though our industry has so far shown itself incapable of making relevant decisions at a higher level than that of a national regulator. International carriers can exercise a crucial casting vote in determining the future of authentication, if they can reach a consensus amongst themselves.

International direct dialing is just 60 years old; previously a human operator would have to be involved in connecting each call. Apart from a few exceptions, any phone user can currently call any other phone user if they know their number, with the result that an astonishing share of the world’s population is now able to talk directly to each other. This is in jeopardy. It is threatened by spammy and often dangerous voice traffic that drives consumers to stop answering their phones. It will also be threatened if authentication is imperfectly implemented, with the result that some legitimate calls may no longer be connected. A joined-up international telecoms system requires a joined-up approach to call authentication, or else the authentication will prove as pointless as one country issuing passports that a bordering country refuses to recognize.

It is simple to state the goal of my presentation, but achieving that goal is complicated. This is because:

  • There are more potential methods than most people know about, or are willing to explain, or are willing to have described to them in one sitting.
  • It is easy to get bogged down in technical details whilst explaining these methods.
  • Focusing too much on technology leads many to ignore the factors that really determine which methods will be implemented.

They say that history is written by the victors, and this is especially true of the history of technology. Every technology that is rejected is also dismissed as inferior but politics, culture, commercial factors and network effects also influence which technologies we use, alongside the relative merits or weaknesses of those technologies. Well-known examples include the battles between Edison, Westinghouse and Tesla over the best way to distribute electricity, the competition between VHS and Betamax to become the dominant video tape format, or the intertwining struggle between IBM, Apple and Microsoft over whose hardware and operating systems would define personal computing. The very fact that most people now take telephony for granted is why the importance of the competition between technologies to authenticate calls is so poorly appreciated despite the number of complaints about nuisance calls from consumers in rich countries.

News journalists explain this topic to the public as if control over the quality of inbound calls rests solely with the phone companies whose names the public knows. They would not be so naïve as to suggest that the safety of a passenger jet was solely within the control of the airline that operates it, or that the safety of the food we eat is solely within the control of the supermarket where we shop. Safety in air transportation and food supply chains depends on actions taken by multiple businesses and government agencies working across disparate countries. The telecoms industry is paradoxical in treating the safety of international calls as if it can be delivered solely by one business at one end of those calls. The future safety of phone calls will not be decided by individual telcos or nations working in isolation, but by the extent to which there is agreement to apply common safety standards end-to-end.

The beginning of the process that will determine how international calls are authenticated represents an interesting and unusual point in history. It will likely prove impossible to tell the full story until we can look back upon this moment with the benefit of hindsight. I certainly do not have full visibility of how this process is unfolding, because it doubtless involves many private and some ill-informed conversations between politicians, regulators, telcos, vendors, consultants and miscellaneous lobbyists across a growing variety of countries. However, I seek to give as complete and objective an account of the current state of play as possible. Here is the slide pack for today’s presentation. If you cannot make sense of everything I would like to tell you, then please forgive me because it is bloody hard to explain it all.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.