14
It is also intended to support cases of legitimate spoofing of telephone numbers where an End-User
that is authorized to use a telephone number through a particular TNSP relationship may want to also
use that telephone resource(s) with another communications service.
8
One example of legitimate
spoofing is where a school district has a telephone number associated with its main switchboard
supported by one service provider, which it also wants to use as the TN-based caller identity with the
snow-day robocalling application service supported by another service provider.
3.4.1 TN Validation for Toll-Free Resp Orgs
Where the Resp Org, or in some cases the reseller SP who obtained the Toll-Free Number (TFN) for the
End-User, is not the Service Provider for the End-User, on a call(s) the relationship between the OSP
and the End-User for the TFN is indirect. A TN Validation process (see 3.4 above) may be used in
advance of call placement. For TFNs, the Resp Org or, in some cases, the reseller SP who obtained the
TFN for the End-User is the entity with the knowledge of which End-User has been assigned the TFN.
The End-User, which has the right-to-use a TFN, may authorize a third party to use the TFN for the
calling party number. In this case, another mechanism would be needed to provide proof the third party
is allowed to use the TFN —e.g., one of the mechanisms mentioned in section 3.3 being worked on by
the industry. For more information regarding Resp Org requirements, see Appendix B.
3.5 Identification of international subscribers
For internationally originated calls, there is a desire for other countries to adopt corresponding
STIR/SHAKEN, STI-GA and STI-PA ecosystems that provide authorized digital signatures, endorsed by
local regulatory agencies and coordinated through cross-border efforts being discussed in the Joint
ATIS/SIP Forum IP-NNI Task Force and other forums. This is similar to what is happening between the
US and Canada, where there is coordination of providing authorized root certificates specific to a
country or region.
In the United States, it is a long-standing problem that international gateway traffic is a significant
source of fraudulent traffic. However, both how and where that traffic is coming from is not well
defined. Traditionally, an “international gateway” is defined as a network element that specifically
translates international call signaling from country specific standards to US provider compatible
protocols. As VoIP services have evolved, the use of the term “international gateway” has unfortunately
become less well defined. VoIP does not have as many geographic restrictions as non-IP services, which
has enabled international entities to send VoIP traffic easily around the world including traffic that may
terminate into a US-based provider’s network. Today, it is understood that most of the fraudulent
internationally-sourced traffic is coming through domestic telephone application providers and VSPs.
Often, this occurs through underground or backdoor types of operations that mainly cater to malicious
entities (either international or domestic) that want to terminate traffic with illegally spoofed NANP
8
See also ATIS-1000089, Study of Full Attestation Alternatives for Enterprise and Business Entities with Multi-Homing and
Other Arrangements, or other processes, including processes in development but not yet published.