Spoofing Detection FAQ

What is spoofing detection?

The SHAKEN/STIR standard provides a way to “sign” or “verify” calls, so the receivers know that the call is from the phone number displayed on the caller ID.

With SHAKEN/STIR, the service provider can guarantee a call’s validity within three different levels:

  • Full attestation - A:  The highest level, meaning that the caller is known, and has the right to use the phone number that is making that call.
  • Partial attestation - B:  The second level where the call is from a customer known to this provider, but the right to use the phone number cannot be verified.
  • Gateway attestation - C: The lowest level where both the caller and the calling number cannot be authenticated, but the call is going through a known gateway.

 

Do all service providers have to comply?

The largest voice service providers are now using STIR/SHAKEN caller ID authentication standards in their Internet Protocol (IP) networks, in accordance with the June 30, 2021, deadline set by the Federal Communications Commission (FCC).

Carriers with 100,000 or fewer customers were given until June 30, 2023, to comply.

 

How is Talkdesk Identity leveraging SHAKEN/STIR for “Spoofing Detection”?

Talkdesk Identity leverages the SHAKEN/STIR call attestation metadata placed by the carriers in inbound calls and translates them into the following classification:

  • Safe: Matches a call attestation A.
  • Suspicious:  a call attestation B.
  • High risk: Matches a call attestation C.

If no call attestation is present in the inbound call metadata, Talkdesk Identity classifies the call as:

  • “N/A”: Corresponds to no call attestation.

The following table displays the full relationship between SHAKEN/STIR call attestation levels, and how those are translated into Talkdesk Identity “Spoofing Detection” classifications.

SHAKEN/STIR

Call attestation

Talkdesk Studio

Flow Variable

Talkdesk Identity

Classification

Description

Full attestation - A

TN-Validation-Passed-A

Safe

The service provider has fully authenticated that the customer initiating the call is authorized to use the calling number.

TN-Validation-Failed-A

Save (Unable to verify)

The service provider has fully authenticated that the customer initiating the call is authorized to use the calling number.

Although the call was attested with a particular status, the final carrier could not confirm that the attestation was the one presented.

Partial attestation - B

TN-Validation-Passed-B

Suspicious

The carrier can authenticate its relationship with the calling customers, but cannot verify if the consumer is authorized to use the number.

TN-Validation-Failed-B

Suspicious (Unable to verify)

The carrier can authenticate its relationship with the calling customers, but cannot verify if the consumer is authorized to use the number.

Although the call was attested with a particular status, the final carrier could not confirm that the attestation was the one presented.

Gateway attestation - C

TN-Validation-Passed-C

High risk

The initiating service provider has authenticated that it placed the call on its network, but has no relationship with the caller.

TN-Validation-Failed-C

High risk (Unable to verify)

The initiating service provider has authenticated that it placed the call on its network, but has no relationship with the caller.

Although the call was attested with a particular status, the final carrier could not confirm that the attestation was the one presented.

N/A

No-TN-Validation

N/A

The carrier is unable to verify the caller for this phone number country or region.

N/A

TN-Validation-Failed

N/A

The carrier is unable to verify the caller for this phone number country or region.

 

 

What could be the reasons for a Talkdesk Identity classification of “N/A”?

Identity classifies a call as “N/A” when the inbound call does not have any attestation appended to its metadata, either because of the following reasons:

  • Is a call placed outside the US or Canada where SHAKEN/STIR standard is not required yet.
  • Tampering was done to the call.
  • The Telco service provider is non-compliant with SHAKEN/STIR.

 

How is “Spoofing Detection” used in Talkdesk Identity?

To leverage “Spoofing Detection,” users have to deploy the Validate Phone Studio component into the voice interaction flow.

Once placed into a Studio flow, the “Spoofing Detection” card inside the Identity tab in the Conversations app, will populate as soon as the next flow is published, and a call flows through it.

It is possible to perform conditional-based routing in Talkdesk Studio by exposing the “Call attestation” variable, available in the Validate Phone Studio component.

All Articles ""
Please sign in to submit a request.