This article was originally published by Forbes Technology, which Numeracle's Head of Product & Strategy, Anis Jaffer, is a council member of amongst other industry leaders and experts.
Illegal robocalls have been giving heartburn to both consumers and enterprises alike. On one side, we as consumers have almost all faced annoying "car warranty" calls and, worse, "this is the IRS" scam calls. On the other side, legitimate enterprises have been struggling to reach consumers who have become less likely to answer calls from caller IDs they don't recognize or trust. To mitigate this, the FCC mandated that telecommunications service providers implement the STIR/SHAKEN authentication framework by June 30, 2021.
This framework is now live, and although it does not guarantee 100% of illegal calls will be wiped out immediately, it sets a new standard for traceability and due diligence across the service provider ecosystem.
As carriers work to support ongoing robocall mitigation efforts, the next wave of innovation to improve trust and caller recognition is already emerging: rich call data (RCD). It aims to improve the ability to identify the calling party, but as with STIR/SHAKEN, authentication will be a key element in ensuring this new technology does not open up the possibility for brand identity theft, fraud and spoofing.
Wireless devices and networks enabled for a fully branded RCD experience will present a caller name, brand logo and even a custom call reason displayed on incoming calls. However, where RCD compatibility is limited, the branding experience will include only the caller name field. To enable, when the call is originated, the originating carrier attaches the RCD information to the call on behalf of the brand. At the destination of the call, the terminating carrier then consumes that RCD information and chooses how to render it through a presentation display layer.
There are two ways RCD information can be captured at this time. The first is via a delegated certificate or an end-entity certificate, which allows the delivery of information within the telecom network. The proposed implementation of this certificate is to use it as an extension to the STIR/SHAKEN framework. The second is through an out-of-band solution, such as Verified Calls by Google, which renders RCD on Google-enabled devices like Pixel phones and compatible Android devices. Several models are still being tested and developed to figure out how to best deliver and present branded communications as the technology becomes more widely adopted.
However, there are limitations when it comes to the delivery and presentation of RCD. Despite living in an increasingly smartphone-based world, analog phones like landlines do not have the visual display interface needed to present branded content. Plus, not all smartphones display the same data in a unanimous way. Within a fragmented industry, smartphones operate on different networks, and apps used to display branded content may either be carrier-specific deployed apps or subscriber-installed apps on the device. Currently, there are no common standards that devices and apps can use to have a uniform implementation.
Branded calling does not guarantee that every call will be answered live; it's still important for brands to appropriately structure their campaigns to be delivered at the right time to the right called parties. However, when implemented successfully, branded calling can give the consumer the confidence boost needed to answer the call by establishing instant recognition in the calling party's identity.
According to Hiya's 2020 "State of the Call Report," 94% of unidentified calls go unanswered, whereas in a similar study done by First Orion, 90% feel comfortable answering a branded call. From this, we can infer that calls with brand identifiable information have a better chance of contact with called parties. Businesses that are early to adopt an RCD solution by elevating a call with branded elements, whether it is just a brand name or brand name and logo, may experience a variety of benefits. Aside from improvements to answer rates, branded calling may also lead to increased callbacks, conversion rates, improved agent productivity and elevated brand reputation.
One of the main challenges in implementing RCD is establishing an authentication framework to establish the validity of the logo image to be displayed. How do you make sure the service provider originating the call received the authorization to display the logo on behalf of the brand? There is a real possibility that logos may be spoofed much in the same way phone numbers are, ultimately forfeiting the trust that this solution aims to establish.
STIR/SHAKEN set an excellent precedent across the service provider ecosystem, strengthening the Know Your Customer-based vetting of entities to verify "good actor" traffic. This entity authentication and due diligence need to remain the prerequisite for service providers enabling RCD displays as well. This then ensures that the appropriate rights and consent have been obtained to use the branded assets to be displayed.
This is especially true when it comes to scenarios where a call center is making calls on behalf of another entity or multiple brands. How will consent be obtained from within the brand itself? This brings up another question that needs its own set of authentication — what kinds of logos will be allowed, and who will decide what is appropriate for display?
There is still no universal model, implementation framework or standardized authentication of branded assets, but that hasn't stopped solution providers from innovating and pushing RCD to the consumer. With this and other new communications technologies actively being released to the market, it is clear that a new set of standards will be needed to ensure the proper vetting and validation of branded assets to ensure we uphold a trustworthy network used by us all.
The telecom industry has taken a giant step by adding a new layer of trust through STIR/SHAKEN and the introduction of call branding. In light of this giant industry step, we must also remain vigilant of who is using these technologies and how we're joining together to protect the recipients of these calls as well as the legitimate brands that originate the calls.