FCC new rules for gateway providers—would they work?

The FCC’s proposed rule changes for gateway service providers would have them significantly raise their game in SHAKEN call authentication and robocall mitigation. But would this be enough, or do the proposed rules leave loopholes? Let’s have a look.

Proposed rules

The Commission described these proposed rules to bring gateway providers up to the same level of responsibility as domestic providers originating or transiting calls within the U.S.

In these rules (Further Notice of Proposed Rulemaking, or FNPRM), a gateway provider is the first U.S.-based intermediate provider in the call path of a foreign-originated call that transmits the call directly to another intermediate provider or terminating voice service provider in the U.S. A provider’s identity as a gateway provider would be determined on a call-by-call basis, not as a class of provider.

The proposed rules would apply to calls with a U.S. calling number.

  1. Authenticate unsigned SIP calls using SHAKEN.
    1. Compliance deadline: March 1, 2023
  2. Implement a robocall mitigation program and use it with all calls. The program would include:
    1. 24-hour traceback response
    2. Mandatory blocking of calls highly likely to be illegal based upon reasonable analytics
    3. Compliance deadline: 30 days after publication of any order adopting these rules.

Right away, there’s an obvious difference between the level of responsibility proposed for gateway providers versus domestic providers. In these rules, gateway providers would have to do both SHAKEN and robocall mitigation. Domestic voice service providers aren’t held to that that level of responsibility.

Furthermore, domestic intermediate providers currently don’t have to do either SHAKEN or robocall mitigation. Only voice service providers originating calls for end users must do that, and Terminating Serivce Providers (TSPs) must verify signed calls they receive.

Clearly the FCC intends to bring gateway providers to a higher level of diligence in preventing unlawful robocalls. Why? Because of the unique role of gateway providers in bringing foreign-originated illegal robocalls onto U.S. networks.

global network

Potential loopholes

Are there any potential loopholes in the proposed rules? Here are a few.

For example, the new rules require that SHAKEN would be done on SIP calls only. A gateway provider could receive robocalls over SIP and route them to a TDM tandem interconnection. There goes the SHAKEN requirement—the FCC has not yet removed the non-IP SHAKEN extension. This gives gateway providers an incentive to route illegal robocalls over TDM.

In their FNPRM, the Commission asked if they should mandate that gateway providers with non-IP implement a SHAKEN-for-TDM solution, such as Out-of-Band SHAKEN? That would remove this loophole and the incentive to route bad calls to TDM interconnections.

ATIS has approved two new standards for SHAKEN for TDM. Gateway providers should be required either to use these methods or route calls over IP networks. With these options available, providers should be required to bring non-IP calls into the SHAKEN ecosystem too.

Here’s another potential loophole: gateway provider is defined as the first U.S.-based intermediate provider that sends calls to another intermediate or terminating provider. But what if the gateway provider terminates calls? The proposed rules would not apply.

The FCC realize this too. In their FNPRM, they ask if they should broaden the definition to include the first U.S.-based provider that also terminates the call.

There would be benefits to the robocall mitigation program rules in such cases. Subscribers of TSPs that are the first U.S.-based provider in the call path would benefit from this protection. Of course, there wouldn’t be any need for gateway providers to sign a call they are going to terminate, so the SHAKEN requirement should not apply.

TransNexus solutions

We offer STIR/SHAKEN and robocall mitigation solutions in our ClearIP and NexOSS software platforms. We can make your STIR/SHAKEN deployment a smooth process.

We provide an STI-CPS, the TransNexus CPS, which is available to any SHAKEN-authorized service provider free of charge. It’s part of the national network of STI-CPSs. We can also provide a private STI-CPS, either hosted or on-premises, to service providers.

Contact us today to learn more.

Request information

* required

This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.