Plivo’s Latest Safeguards Against Telecom Fraud and Spam
- Fraud Prevention
- 26 Apr 2021
Telecom fraud and scams are a fast-growing problem — Americans were hit by almost 46 billion robocalls in 2020 alone, costing $10 billion annually. As more businesses turn to IP telephony for their communications needs, and with mobile communication becoming an integral part of our lives, the obligation to address fraudsters and scammers has become increasingly urgent.
Telecom fraud comes in various forms — PBX hacking, toll fraud, robocalling, subscription fraud — and it’s detrimental to businesses and individuals alike. In recent months, the telecom industry has begun deploying new technologies to combat the surge of spam phone calls at scale, and CPaaS providers like Plivo are joining the fight.
Here are some policies and actions the telecom industry is taking to minimize the risk of telecom fraud, along with information about how Plivo plans to support these initiatives for its customers.
To help prevent unwanted robocalls, the FCC has begun implementing the STIR/SHAKEN protocols. STIR (Secure Telephone Identity Revisited) and SHAKEN (Signature-based Handling of Asserted Information Using Tokens) encompass a framework of standards that aim to address the accuracy of caller ID information. They help consumers authenticate calls they receive by digitally validating calls passing through carrier networks. The FCC has directed carriers to implement robust call authentication by adopting STIR/SHAKEN standards by June 30, 2021.
Plivo is working on an authentication process to comply with the STIR/SHAKEN protocols. We’re already testing calls, and we expect to complete our implementation well before the June 30 deadline. This means that we’ll be able to start signing outgoing calls on customers’ behalf and ensure their calls get the right attestation so that call recipients can feel confident answering them. In the coming weeks, our customers will be able to submit to us their business information and the phone numbers they own and use as caller IDs so we can verify them.
Google Verified SMS and Verified Calls
Meanwhile, Google is adding a couple of security-focused features to its Android Messages app, including Verified SMS and Verified Calls, two tools to combat fraudulent text messages and phone calls. Verified text messages and incoming calls will display a business’s name, their logo, and a verification symbol that indicates that the communication has been verified by Google. For phone calls, Google takes it a step further by indicating why the business is calling.
Now that mobile communications is so popular and widely used, businesses need to stand out and provide messages and call recipients with greater confidence that their brand is reputable. Verified SMS and Verified Calls are great ways for businesses to enhance customers’ trust in their brands.
Plivo is partnering with Google to register businesses and implement the back-end technology to support the services through both our messaging and voice API products. Our customers will be able to enroll via Plivo. Implementation requires no additional engineering efforts and offers organizations a richly branded profile including the business name, description, and logo. We expect support for Verified SMS and Verified Calls to be available in beta sometime this year.
On yet another front in the battle against spam, A2P 10DLC has shifted the landscape of business text messaging, providing new routes dedicated to high-volume text messaging in the form of 10-digit long codes. The objective for 10DLC is to provide stability, reliability, and security to both businesses and their customers. But before telecom customers can take advantage of these sanctioned routes, carrier networks such as AT&T and T-Mobile require an in-depth qualification process that verifies the legitimacy of the business. (Verizon doesn’t require businesses to submit themselves for qualification.) The qualifying process takes into consideration both business details and the use case of a messaging campaign, and yields a result that dictates the number of messages the business can send within a given day.
Plivo customers can register their brand — the business they’re creating a campaign for — through the Plivo website. Once the brand has been approved and has been assigned a “trust score,” campaign and throughput details for the AT&T network will be passed over to us, which we will then confirm with you via email. At this time, T-Mobile hasn’t disclosed throughput details; once this information is available, we’ll make it known to all customers via email.
A new verification tool to help give customers confidence
Through all of these scenarios you’ll notice the common theme of confirming that a business is who they say they are. To streamline this qualification process across the different protocols and features, we’ll be enabling a verification tool in the Plivo console, which will comprise of two parts:
The first part will be dedicated to the verifying business details. Plivo will confirm the legitimacy of an organization’s submitted details and apply approval at the account level, giving customers access to the products highlighted above.
The second part will be product-specific, with dedicated pages on our left-side menu detailing requirements for each (STIR/SHAKEN, Google Verified SMS, 10DLC), where you can submit the appropriate information.
We expect to roll out this tool sometime in 2021, and we’ll share more details once they’re available.
Brands that value building trust with their customers are likely to outperform those that don’t. Plivo is eager to help our customers implement measures to safeguard against telecom fraud. We believe that all of these initiatives will help businesses strengthen their conversations with users, build trust, prevent scams, and provide a safer space for mobile communications globally.