Rebekah Johnson: Welcome to Tuesday Talks, a live discussion series where we bring truth and shed light across the brand identity and communications industry. I'm Rebekah Johnson, Founder and CEO of Numeracle, and I'll be co-hosting today's session with Richard Shockey, Chairman of the Board of Directors at SIP Forum. It's great to have you today, Richard. Thanks for coming.
Richard Shockey: It's a delight, an absolutely pleasure. It was great having you at SIPNOC.
Rebekah Johnson: Yes, that's why we are here! Last year in our previous season, Anis Jaffer and I did a recap of our SIPNOC webinar because there was a lot of great content and we thought what better topic this year than to have Richard join us and share some of his insights for the benefit of the team who maybe weren't able to attend the event.
The event that we're talking about happened last month. The SIP Forum hosted its annual SIPNOC conference which consists of a series of week-long webinars that are presented by the experts. It really is stacked with experts and the people that you should be listening to. These are the leading experts in the development of the STIR/SHAKEN call authentication framework, Robocall Mitigation initiatives, and other critical topics that are impacting the call delivery ecosystem.
Numeracle did get the opportunity to lead a discussion on trust and branded calling, identifying a number of topics for follow-up activities. Today, we'd like to give Richard the opportunity to share what he views as some of the biggest discoveries and greatest momentum coming out of the event.
Richard Shockey: Thank you, Rebekah. Let me point out that we had a very successful event. We had nearly 1000 discreet participants over the five days and looking at the attendee list, there were a lot of truly notable folks. Certainly, all the major US carriers were participating, AT&T, Verizon, Lumen, etc. We had very solid participation from our regulatory friends, certainly at the FCC, and folks from the CRTC in Canada. Oddly enough, we got about six participants from ComReg, which is the Irish regulator, who I've been in touch with privately trying to see how the Robocall contagion is spreading in the Republic of Ireland. That's the basics of it and will certainly be talking about our plans and actions either this year or early next year.
Some of the things we could begin to highlight here are specifically from the enterprises. There has been a substantial amount of work done on what is known as 608/607 and 603, which is a tactical means by which the network signals the originating party that the call has been blocked. This is something that, particularly in the financial services industry, has been deeply concerned about. These are banks, insurance companies, credit unions, loan processing firms, etc. They want to know when their call has been blocked and they want to know how to engage the originating provider of the data analytics folks in some form of remediation to stop this.
There's a very open docket about this at the FCC that I've participated in with the American Bankers Association, the American Association of Hospital Management, because this is clearly an issue for the healthcare industry as well, and we the engineers basically said 608 sounds good, but it's a pain in the neck to implement because of its requirements to encrypt the jaycard in the response. What we proposed was using the existing 603 code and augmenting it with open text response codes.
Last Friday, I was on a call with all of these folks saying that they're going to work on this and will probably have something ready for trialing early this summer. We're that far along on this one way or the other. The associations are going to provide us with a letter or a memorandum about what they expect to see but the actual progress in this has gone quite a bit from a purely technical perspective. That's one of the things that is going to really help enterprises in the future.
Rebekah Johnson: Richard, for our audience, not everyone is familiar with 603 and 607/608, so can you kind of touch on what they are, I know that gets very confusing.
Richard Shockey: Sure, it's geek-speak. What the 6-X series is, is a series of response codes that are part of the SIP standards for any number of things, including 'Network Busy' we would get in the TDM world. It's a response code. 603 has a multiplicity of uses, but I won't necessarily get into the gory details here. 607 is a specific code that indicates that the user or the called party directly blocked the call. 608 was designed in part to allow the calling party to know that the network blocked it.
Typically data analytics would be involved by AT&T, Verizon, Lumen, or whoever would then send a 608 code back. Some service providers have played with it and ran into all sorts of problems that we run into there. We are going to be able to do this but the challenge for enterprises is we'll send them the 603+ but what are they going to do with it? That is going to be a challenge for the session border controller folks, also as third-party contact center platforms because a lot of financial institutions don't run their own contact centers and they contract that out. We certainly see opportunities for Numeracle and others to help the enterprise interpret the response the terminating provider gives.
Rebekah Johnson: Just to confirm, I know we say it but it's really nice to have an industry expert on our podcast to state that carriers are implementing 603 blocking and that was due to requirements that I believe they started January, is that correct?
Richard Shockey: Correct. There have been some reports of wild and willy 608 floating around that were not encrypted and they call it 'naked 608' for some ridiculous reason. The reports I get back from the network engineers at the major service providers, and it's clearly the mobile operators, by the way, is that they're seeing it and they are actually starting to process it.
As soon as ATIS and the SIP Forum, our joint venture network-to-network interface task force, have a finalized document, we definitely understand that the vendors, this would be Ericsson, Nokia, Metaswitch, they're already starting the general coding process as we speak.
Rebekah Johnson: That's good to hear that progress and that's definitely something that Numeracle will continue to watch. Richard, you're a good source for keeping the industry updated on that progress. I think we definitely want to do a follow-up to understand what the results were with the banks that you mentioned and the hospital management as well.
Richard Shockey: Of the folks that I've talked to, they are brand names that you would instantly recognize. Again, in my discussions with credit unions, they're going to be looking for third parties to assist them because they're just not going to hire FTEs to deal with this. They can't do it. I do want to try, given the time constraints, to touch on a couple of other items.
There's one issue that has not been resolved yet with the regulators, which is this idea of labeling calls coming in through gateway providers. This would be, potentially, an internationally originated call using a North American Number. We have different kinds of attestations in the STIR/SHAKEN process: A-Attestation is full, this is my customer and this is my number so you can trust this call. B-Attestation would be something where the call would go essentially through an intermediary such as transit providers. Then there's C-Attestation, which is really the gateways themselves, and it's at the Traceback Consortium run by USTelecom and others where the problem has arisen.
And the problem is enterprises cannot see what the level of attestation actually is and the SIP invite that is delivered at call termination, the famous verstat parameter. There's been quite a bit of discussion, and filing, and we had a long session about this at SIPNOC and it has yet to be resolved. Enterprises need to know the information the carrier actually has because a major bank or a brokerage firm has a very different kind of data analytic requirements than a telecom carrier has. The liability of a financial service provider is an order of magnitude greater.
There's been a little back and forth between the usual suspects on Wall Street and the major carriers about telling each other what they've got because it's not like they don't trust AT&T or Verizon, but then again, they're on the hook with the financial regulators. Again, orders of magnitude because they're trying to stop account takeovers and that's their number one problem.
I know, Rebekah, what your experience has been that the people who are worried about this are brand management folks, the people who try and protect the brand, and the fraud management teams and they've got budgets to be able to invest in this. I think that's certainly what we're going to be seeing throughout the summer and fall this year.
Rebekah Johnson: We can't miss the fact that while banks with deep pockets can cover this problem, there are a lot of other businesses, industries, and verticals that struggle. I think that's the challenge of this space. The ones who are developing the standards, the ones who are regulating, and the ones who are putting out the mandates, are understanding that there have to be methods for legal callers at all levels to be able to manage their brand on the communication network. Otherwise, we'll start to see a shift in who can actually use the communication network and maybe it becomes just an elite group that is not affordable.
Richard Shockey: Yes, of course. I have another job, amongst other things, I am a member of the Federal Communications Commission North American Numbering Council, which is the technical advisory board to the FCC on numbering policy, and basically, all of STIR/SHAKEN falls within that group. Who gets phone numbers and why is going to become an increasing issue, especially for those third-party contact centers that run campaigns simply by rotating a block of numbers endlessly. Some of them may actually have to change over time, but that's another story for another podcast.
Rebekah Johnson: We've got two more topics that we want to address so let's shift over to RCD (rich call data). How will RCD integrate with branded calling after the IETF approves it? For those also listening, can you cover what the IETF is and how it relates to this.
Richard Shockey: This is going to be very important on a forward-looking basis. The Internet Engineering Task Force (IETF) has been working with the ATIS SIP Forum IP-NNI to produce what they call rich call data. This would be when the consumer could see not just a phone number, not just CNAM data or the verbose text.
With RCD they also can have things like logos, theme songs, or pictures. So when your doctor actually calls you, it could be the picture of your physician signaling you to answer this phone call because they've got your blood work done. The telephone tag between the healthcare industry and consumers is at a point where nobody answers the phone. This is a tremendous financial burden on an annoyance to physicians.
Where we've seen the problems on the inbound side for enterprises, this is the reverse. This is outbound, which is creating a secure identity that an enterprise, or other institution, could basically signal on the handset, who are you? There are a lot of people obviously looking at this, and the IETF should be able to finalize this certainly in the next 90 days. This was authored by Chris Wendt, who is now with Somos and 800 numbers, so they've got a highly proprietary interest in seeing something like this deploy. But it's actually going to be, for both consumers and enterprises alike, a big deal.
Even companies like Dominos, they're going to signal you via call or text to confirm your pizza is at the door so please answer at the door. Package delivery folks will also be very interested in this kind of branded calling and using rich call data to fight the porch pirates. This brings Federal Express, the US Postal Service, and others into the call authentication ecosystem.
Rebekah Johnson: What do you still see as one of the biggest challenges for the adoption of RCD? This is definitely standards-based, but once the standards and recommendations get approved, what do you see as the next big challenge for adoption in the marketplace?
Richard Shockey: Well, that's really easy, talk to Tim Cook. If you can get Tim Cook on the phone and ask if they can implement this in your handset and put some engineering cycles to this. There's some interest among the folks at Samsung about this and if you can get Apple and Samsung on board to help all of us by bringing them into the ecosystem, we could actually make significant progress in branded calling and trusted calling across the board.
Rebekah Johnson: Agreed. One of the last topics that you brought to our attention is issues impacting rural carriers regarding the IP SIP interaction.
Richard Shockey: Right, and this is my personal hobby, which is the problems of interconnection. We lose everything in the trusted call system if the call drops to TDM and signaling system seven. Something's got to give here, one way or the other. Rural carriers, in particular, they're trying to negotiate an all SIP interconnection agreement with certain companies, who shall remain nameless, which has proven to be a challenge. Watch this space.
Watch this space because the thing is so complex now and so interconnected that we're going to have trouble until the larger issue of all IP comes to some fruition. We're just about there, but things are going well in Canada. Their adoption of STIR/SHAKEN is doing fine. Oddly enough, we anticipate France is next for a number of reasons. The UK wants to do this but can't, but that's for another podcast, and now we're going to check in with Ireland.
Rebekah Johnson: To reiterate the value that I see from the program that you've put together for these webinars is that it's a good place where a lot of talking points are birthed and then those topics are picked up and activities and initiatives are implemented. It's more than just listening to a lot of people.
For those who didn't attend, it really is the place where new ideas are introduced, new concepts, and a great way to kind of find out where the market is and what all the industry leaders are thinking. You have to attend all the different sessions to pull that big picture together, which is what we love doing, but just as a recommendation for those who didn't participate, you should in the next one.
Usually, there are a lot of hot topics at these events like things that are not yet finished or things that are going to introduce challenges. But I don't want to miss the opportunity for some of the successes that were identified. What did you see as some of those successes from the event, from your perspective, that are great and are positive so we know we're moving in the right direction?
Richard Shockey: First of all, let me emphasize that all of the presentations are still online, just go to SIPNOC 2022. They're still free, you just have to register to download them. I think the successes are if you look at the numbers that are coming out from some of the analytics that the growth in robocalls has stalled.
Unfortunately, it's shifting to robotexts now, and that's another webinar right there, but we've seen a stall begin. Anecdotally, when I talk to the network engineers the deployments are getting into the network and the rural carriers now have been mandated and they've only got until June 30 across the board. The smaller operators who have resisted adoption now no longer have any choice.
Rebekah Johnson: One thing we also discussed, and this is what I'm seeing as well, is that there's much more engagement from the enterprise side. I would say a few years ago the perspective was that it wasn't their problem and that it is really a telecom group's problem. But they didn't realize that you had to be a part of the solution as well. I think that's one of the things where you can see the progression of the SIPNOCs with how the enterprise voice has been not just heard, but it's now a participant. You had a lot of different enterprise representatives on the panels that hadn't been there.
Richard Shockey: A notable one was Kaiser Permanente and engagement with the American Bankers Association, the loan processing folks, and health care providers. Unfortunately, engineers like me tend to operate in a vacuum and we're always asking 'What do you really want? We can code anything you'd like, just tell us what you want.' At least until recently, getting engagement from enterprises has been very tough.
Of course, my carrier friends are a little annoyed because they're filing their complaints with the FCC and then the FCC doesn't know what to do with all this. Again, last Friday was a very good example with all the major carriers involved, all the wireless carriers, and a whole bunch of folks from the enterprise side, finally able to talk to the guys that are writing standards. They're talking to them and tell us what they want and we will see if there are gaps in what we're producing to make this easier for them. They promised to get back to me within 10 days to 2 weeks with a memorandum or a letter or something that will give our folks guidance on what to produce.
Rebekah Johnson: Richard, looking forward, what can we expect for the next SIPNOC event? Considering the timing, how you're going to deploy it, and then what are the expectations of what will happen?
Richard Shockey: We will definitely do it. The question for us is, is there enough subject matter to justify doing it in, for instance, early December? Or wait 12 months and do it again sometime in March or April? There are a number of determining factors here and we've hit on all of them like the idea of rich call data and how will that deploy and who's going to deploy it because there are issues involved with interconnection.
I think one of the things we will hear more about is the situation in Canada, for instance. My friends in Canada politely declined to participate because it's not that they didn't want to do it, it's that they're in round one of the deployments even as we speak. Their mandate did not kick in until November 30 of last year and they're working through all the issues that we're still struggling with. I think what we may see is a linkage finally between the STI-GA here in the United States and the CICA, the Canadian route in Canada. By the way, I have heard that STIR/SHAKEN tokens are being passed between Canadian operators and US operators even now.
Rebekah Johnson: That's great.
Richard Shockey: A call that would originate on Rogers Network, Shaw, or Cogeco, that would terminate on Comcast Network is getting the tokens because they already have IP interconnection agreements amongst each other and have for years. I think that's also true for Charter, certainly for Cox, and the rest of them.
Rebekah Johnson: I think it would be a great topic to have at the next one including the lessons learned and that should be a platform for what this now means for cross-border communications. There will have been enough learnings at that point for a really good discussion on that.
Richard Shockey: The cross-border topic is going to be a major milestone and we'll also probably have considerable data from the French because they're moving as rapidly as they possibly can. I just don't see Ofcom and the operators deploying even in 2023. Again, there's a whole multitude of issues there that they need to sort out among themselves.
Rebekah Johnson: Richard, we really appreciate you taking the time to participate in Tuesday Talks. I know that just in our planning session alone we came up with more talks that we think our audience would absolutely love to hear, so we look forward to having you as a reoccurring guest on our series this year, for sure.
We'd also like to thank everyone for joining us on another episode of Tuesday Talks and we hope to see you all again on Tuesday, May 10th. Take care.