Since November 30, 2021, the CRTC has required Canadian telecommunications service providers to implement the STIR/SHAKEN standards. James Bond enthusiasts initially raised eyebrows at this acronym, but what does Agent 007, who prefers his martinis “shaken, not stirred,” have to do with the fight against unwanted calls? Let’s look at the story behind these new standards.
A “geek” moment
Unsolicited calls, whether made for business or fraudulent reasons, have been a nuisance for years. In the 1990s, the introduction of call displays made it possible for customers to better recognize unwanted telephone calls. Who has not already sent to voicemail a number that looks like it comes from abroad, for fear of answering another robocall? As with all scams, fraudsters have adapted their practices over time. It’s now pretty easy for them to fool your call display with a fake phone number that looks trustworthy (from your community, for example). This phenomenon is calledcaller identity spoofing.
With the growth of this technique and increase in unwanted calls—nearly 2.5 billion robocalls are made every month in the United States—industry players have taken action. According to Jim McEachern, senior technology consultant for the Alliance for Telecommunications Industry Solutions, it is against this backdrop that the STIR/SHAKEN acronym was created.
The first verification system proposed by the industry was called STIR, which is the Secure Telephone Identity Revisited. McEachern, a James Bond fan, picked up the ball: “STIR already existed, so we knew we had to call the new system SHAKEN. We tortured the English language until we came up with an acronym,”he told the Los Angeles Times. The framework for the implementation of the STIR protocol was therefore titled Signature-based Handling of Asserted Information Using TokENs. A bit far-fetched? Perhaps, but the reference to the famous secret agent is nice. The consultant himself admits that “it was a geek moment!”
How does it work?
The STIR/SHAKEN standards are used to authenticate and verify caller identity. In short, the caller’s telecommunications service provider authenticates their identity by assigning an electronic signature to the call. The recipient’s service provider then verifies the signature. If valid, a green checkmark and the word “Verified” appear on the recipient’s display when the call is received.
The CRTC anticipates that this technological verification framework will help deter fraudsters and reduce the number of unsolicited calls received by the public. In the meantime, you can still register your number on theNational Do Not Call List. If you have a recent device, you may soon see a small green checkmark on your display when you receive calls from a verified number. You can then thank James Bond for your peace of mind!