scams
Auto Added by WPeMatico
Auto Added by WPeMatico
Two major U.S. carriers, AT&T and T-Mobile, announced this morning a plan to team up to protect their respective customer bases from the scourge of scam robocalls. The two companies will today begin to roll out new cross-network call authentication technology based on the STIR/SHAKEN standards — a sort of universal caller ID system designed to stop illegal caller ID spoofing.
Robocalls have become a national epidemic. In 2018, U.S. mobile users received nearly 48 million robocalls — or more than 150 calls per adult, the carriers noted.
A huge part of the problem is that these calls now often come in with a spoofed phone number, making it hard for consumers to screen out unwanted calls on their own. That’s led to a rise in robocall blocking and screening apps. Even technology companies have gotten involved, with Google introducing a new AI call screener in Android and Apple rolling out Siri-powered spam call detection with iOS 13.
To help fight the call spoofing problem, the industry put together a set of standards called STIR/SHAKEN (Secure Telephony Identity Revisited / Secure Handling of Asserted information using toKENs), which effectively signs calls as “legitimate” as they travel through the interconnected phone networks.
However, the industry has been slow to roll out the system, which prompted the FCC to finally step in.
In November 2018, FCC Chairman Ajit Pai wrote to U.S. mobile operators, asking them to outline their plans around the implementation of the STIR/SHAKEN standards. The regulator also said that it would step in to mandate the implementation if the carriers didn’t meet an end-of-2019 deadline to get their call authentication systems in place.
Today’s news from AT&T and T-Mobile explains how the two will work together to authenticate calls across their networks. By implementing STIR/SHAKEN, calls will have their Caller ID signed as legitimate by the originating carrier, then validated by other carriers before they reach the consumer. Spoofed calls would fail this authentication process, and not be marked as “verified.”
As more carriers participate in this sort of authentication, more calls can be authenticated.
However, this system alone won’t actually block the spam calls — it just gives the recipient more information. In addition, devices will have to support the technology, as well, in order to display the new “verification” information.
T-Mobile earlier this year was first to launch a caller verification system on the Samsung Galaxy Note9, and today it still only works with select Android handsets from Samsung and LG. AT&T meanwhile, announced in March it was working with Comcast to exchange authenticated calls between two separate networks — a milestone in terms of cooperation between two carriers. T-Mobile and Comcast announced their own agreement in April.
The news also follows a statement by Chairman Pai that says the FCC will sign off to approve a T-Mobile/Sprint merger, as has been expected.
Powered by WPeMatico
Google today announced that Chrome will soon get a new feature that aims to stop mobile subscription scams. Those are the kind of sites that ask you for your phone number and that then, unbeknownst to you, sign you up for a mobile subscription that’s billed through your carrier. Starting with the launch of Chrome 71 in December, Google will pop up a prominent warning when a site doesn’t make it clear that users are signing up for a mobile subscription.

To make sure that developers who are legitimately using this flow to offer users a subscription don’t get caught up in this new system, Google also published a set of best practices for mobile billing today. Generally, developers are expected to make their billing information visible and obvious to users, display the actual cost and have a simple and straightforward fee structure.
If that information is not available, Google will throw up a prominent full-page warning, but users can always opt to proceed. Before throwing up the warning page, Google will notify webmasters in the Search Console when it detects a potential scam (there’s always a chance for false positives, after all).
This new feature will be available on both mobile and desktop, as well as in Android’s WebView.

Powered by WPeMatico