Identity Assurance

To assist our customers with the integration of identity assurance into how they handle calls, Ribbon Call Trust has been designed as a holistic solution to determine caller identity, intent, and reputation. With this information it is possible for a network operator to determine if a call is from a legitimate person, for a legitimate purpose, and without malicious intent. And directly affects how they terminate the call.

To properly provide identity assurance on a real-time, per-call basis, three attributes need to be known:

  • Identity – who is the originator?
  • Reputation – is this someone I want to talk to?
  • Trust context – where did the call originate?

Ribbon Call Trust Solution Brief

Why You Need an Identity Assurance Solution

Identity Assurance in Real-Time

Identity

The good news is there is a tremendous amount of information available that can be used to sanity check identity. These include sources such as:

  • Known subscriber numbers - identified by the originating network operator
  • Do Not Originate Lists – known numbers that will never originate calls
  • Un-assigned numbers - from industry databases and from individual network operator databases
  • Invalid calling numbers – based on national/international telephone numbering plans, these are numbers that can be screened out in call processing
  • STIR/SHAKEN attestation – information provided by the originating network provider signing the identity of originating caller

The bad news is caller identity does not address caller intent, so it is possible to have legitimate numbers with a valid identity, but still have calls with malicious intent.

Reputation

In the United States, everyone with a US-issued credit card has likely heard of a FICO score, a measure of consumer credit risk that is a fixture of consumer lending. Imagine a reputation score that measures caller intent, that would be the equivalent of a FICO score. The better the score, the more reputable the call is likely to be.

To use a reputation as part of identity assurance, it is paramount to be accurate. If you get the reputation of caller wrong, the value of the score might be worthless. This applies in both directions – too good and too bad. What happens when the reputation is too good, but it should be worse, you might not know when to reject calls from that source? Or what happens when the reputation is too bad, but it should be better, so the terminating end knows they want to accept calls.

stir-shaken-reputation-phone

Trust Context

Simply put, trust context is a measure of the match between the call origination information how the call enters the terminating service provider’s network. To understand trust context you need to know about the originator’s location, where the call enters your network, and what information you have about the originating caller.

For example, is the call coming from:

  • A known subscriber on a local network interface? These should always be verified as trusted
  • A known subscriber from a peering partner? These might be trusted or they might be spoofed
  • An unknown subscriber from an international carrier? This will not be verified and could be spoofed

Ribbon Call Trust Video

Ribbon Call Trust

As part of Ribbon Call Trust, our session border controllers, gateways, centralized policy server, and our call controllers have additional features to support STIR/SHAKEN. In addition, one new product and two new Ribbon hosted services have been introduced:

  • Ribbon Secure Telephone Identity (STI) This is a complete call authentication, signing, and verification solution to prevent caller ID spoofing in real-time. It is compliant with ATIS-1000082 and RFC8224/8225/8226 that can be deployed in a service provider’s network
  • Ribbon hosted services for STIR/SHAKEN and Reputation Scoring. Both of these services are enabled by Ribbon Identity Hub, our cloud-native SaaS platform.
    • STIR/SHAKEN as a Service. A complete call authentication, signing, and verification solution to prevent caller ID spoofing in real-time. It is compliant with ATIS-1000082 and RFC8224/8225/8226
    • Reputation Scoring. Provides multi-dimensional reputation scores and guidance for call treatment in real-time, on a per-call, basis to mitigate telephony fraud, nuisance, and robocalls. Reputation scoring can be provided for call termination in both IP and TDM networks
    • These hosted services are offered by Ribbon in a standard SaaS model where the service is consumed on a usage basis

Ribbon Call Trust is comprised of the following Ribbon products and services:

dns

Session Border Controller

Session Border Controller Handle SIP-based session control, in the originating and terminating networks in support of STIR/SHAKEN

dehaze

Gateways

TDM to IP gateways handles SIP-based session control, in the originating and terminating networks for supporting STIR/SHAKENtize subscriber behavior and traffic patterns

storage

Call Controllers

Provides call processing to tag (attest) originating caller ID and handle call termination with verification information by interworking with SBC/Gateways in support of STIR/SHAKEN

lock

Secure Telephone Identity (STI)

A STIR/SHAKEN-compliant call authentication, signing, and verification solution. Ribbon STI can be deployed in a service provider’s network or provided by Ribbon as a cloud-based, managed STIR/SHAKEN as a Service

pie_chart

Analytics

Behavioral analytics or incident detection algorithms deployed in a CSP network to collect network data, such as call records and traffic KPIs, to identify potential robocalls or fraud. Robocall and fraud information is ingested by the Ribbon Identity Hub for reputation scoring

api

Identity Hub

A Ribbon service offer, providing multi-dimensional reputation scoring to service provider to prescribe call validation treatment. Ribbon Identity hub is based on machine learning models with open APIs to integrate both real-time and off-line data from Ribbon and 3rd partiesing Controller (DSC) functionalities on the same platform. 

alt_route

Policy and Routing (PSX)

Handles interworking between SBCs/Gateways and the Ribbon Secure Telephone Identity (STI), or any third-party STI solution, in support of STIR-SHAKEN. In the terminating network, the PSX can send and receive reputation scoring and call validation treatment responses from, Ribbon Identity Hub