Latest

US Caller ID Verification Body Seeks Certificate Authorities

By Rob Chapman 25 Jul 2019

The USA’s Secure Telephone Identity Governance Authority (STI-GA) recently announced that it is seeking interest from organizations that would like to serve as Certificate Authorities. The primary function of these authorities will be to assign, renew and revoke STI operator certificates. This brings the US telecoms sector another step closer to the implementation of SHAKEN and STIR protocols to prevent the spoofing of caller IDs.

Mid-December 2019 has been adopted as the target for having the STIR/SHAKEN ecosystem fully operational in the US. There is a still a lot of work to do in order to meet that deadline by assigning suitably capable organizations to play all the critical roles in the US model.

The approach that has been adopted sees the STI Policy Administrator (STI-PA) role sit beneath STI-GA’s SHAKEN governance structure. Network and operations management specialists iconectiv were appointed to be the STI-PA in May. The role of the administrator is to apply and enforce the rules set by the STI-GA, hence making the SHAKEN framework operational. The STI-PA will approve the STI Certificate Authorities (STI-CAs) that will actually issue the digital certificates to service providers so their traffic is authenticated.

Linda Vandeloop of AT&T (pictured speaking during the anti-robocalling panel at RAG Kansas 2018) also serves as the Chair of the STI-GA. She welcomed the appointment of iconectiv, saying:

The industry-led STI-GA Board is excited to announce the selection of iconectiv as the Policy Administrator. iconectiv has an excellent reputation within the industry and we felt they were the right choice to advance the work to implement SHAKEN this year.

Though the US is the birthplace of SHAKEN and STIR, the problem of caller ID spoofing also affects Canada. In May 2019, the STI-GA hosted an update webinar introducing the Canadian Governance Authority, which will replicate the governance structure being rolled out in the US, to ensure that the protocols are effective ‘cross-border’.

The Canadian telecoms regulator, the Canadian Radio-television and Telecommunications Commission (CRTC) will oversee adoption in their country. The associated governance framework will be called the Canadian Secure Token Governance Authority (CSTGA) and will be led by Executive Director Marian Hearn.

The STI-GA press release about certification authorities can be found here.

About the Author

Rob Chapman
Rob Chapman
Rob is the Chief Operating Officer of the Risk & Assurance Group (RAG). He is responsible for the planning and execution of each RAG event. Rob's goal is to bring together professionals from across the industry and drive RAG's agenda forward.

Rob started working for RAG full time in 2018, having served as Chair on a voluntary basis for the previous four years.

Before joining RAG, Rob was a senior consultant at Cartesian. He has worked in revenue assurance and billing roles for TalkTalk, Verizon Business, Energis and Hutchinson 3G.

Related Articles