Which calls from unregistered providers should you block?

The FCC Second Report and Order says intermediate and terminating service providers should not accept traffic directly from unregistered voice service providers. Seems simple enough, but there are some serious complications hidden beneath the surface. Let’s have a look.

Second Report and Order

There are a few important pieces to this puzzle, and we must put them on the table before we can make sense of it.

First, here’s the important statement from paragraph 86 of the Second Report and Order on SHAKEN:

We prohibit intermediate providers and terminating voice service providers from accepting voice traffic directly from any voice service provider that does not appear in the database, including a foreign voice service provider that uses NANP resources that pertain to the United States to send voice traffic to residential or business subscribers in the United States.

For this discussion, let’s call this the unregistered provider rule.

Definitions

There are some important terms in this rule:

Directly: The rule only applies to the next upstream voice service provider, not providers several hops back toward origination.

Voice service: The TRACED Act and subsequent FCC orders defined voice service as “a service that is interconnected with the public switched telephone network and that furnishes voice communications to an end user.”

Notice the end user part. That’s important. If the service isn’t to and end user, then it isn’t a voice service, and the entity that delivered that service isn’t a voice service provider. In this context, an intermediate provider is not a voice service provider.

Voice service provider: a provider of voice service.

There’s one more term we must grapple with: call-by-call basis. This means that the rules apply based upon the provider’s role for a particular call. A provider isn’t always a voice service provider or always an intermediate provider. It depends on what they’re doing for a particular call.

We have the puzzle pieces we need. Now, let’s try to put this together.

Scenarios

Let’s use a simple illustration to show how these rules and definitions are applied.

Call Path with Four Providers

In this illustration, we have four providers: an Originating Service Provider (OSP) and a Terminating Service Provider (TSP), separated by two intermediate providers.

In this scenario, only the OSP and TSP are providing voice service to end users. Therefore, only the OSP and TSP are voice service providers.

Provider 2, an intermediate provider, receives the call directly from the OSP. Therefore, the unregistered provider rule is in effect with intermediate provider 2. If the OSP does not have a registration in the Robocall Mitigation Database (RMD), then intermediate 2 must refuse the call.

If the OSP is unregistered, then the call should never make it to providers 3 and 4. But even if it did, the unregistered provider rule would not be in effect for providers 3 and 4, because neither provider would have received the call directly from a voice service provider. Providers 3 and 4 would have received the call from an intermediate provider, which does not serve an end user.

On second thought, this rule isn’t so simple. But wait, it gets better.

Complications

Remember the call-by-call basis rule? This is important, because a provider might act as an intermediate for some calls and as an OSP for other calls.

Suppose that provider 2 also originates some calls for its end user customers. It also sends these calls downstream to provider 3. For some calls, provider 2 was the OSP; for others, it was an intermediate.

The unregistered provider rule only applies to those calls for which provider 2 was the OSP. It does not apply to calls for which provider 2 was an intermediate.

If provider 2 does not have a registration in the RMD, then provider 3 must not accept calls for which provider 2 was the OSP. However, provider 3 is not required to refuse calls for which provider 2 was an intermediate.

How is provider 3 supposed to know which calls from provider 2 are subject to the unregistered provider rule?

The Commission asks for comment

The FCC recently issued their Fifth Further Notice of Proposed Rulemaking CG-17-59 and Fourth Further Notice of Proposed Rulemaking WC 17-97 (FNPRM) to discuss a variety of questions related to SHAKEN and robocall prevention. Some of their questions were about this not-so-simple problem.

The Commission is especially worried that these complications might thwart their efforts to combat robocalls originated by foreign service providers and transited by foreign intermediate providers and gateway providers.

Here are a few key points the FCC raised in the FNPRM:

• The unregistered provider requirement “is limited by the fact that the prohibition applies only to traffic received directly from a foreign voice service provider not listed in the Robocall Mitigation Database.”
• A foreign voice service provider is not currently required to file if it always routes traffic destined for U.S. consumers over intermediate provider networks before they reach the U.S. gateway.
  • A bad actor could easily exploit this loophole. (¶ 24)
• This rule does not require U.S.-based providers to reject foreign-originated traffic carrying U.S. NANP numbers that is received by a U.S. provider directly from a foreign intermediate provider.
  • At present, the prohibition only applies to traffic received directly from the originating foreign provider. (¶ 104)

The Commission asked whether they should change the unregistered provider rule, so that it applies to any foreign provider, originating or intermediate. They will discuss the FNPRM at their Open Commission Meeting on September 30, 2021.

Meanwhile, providers are caught in a tough situation. Some might want to refuse all calls received directly from an unregistered provider, simply because they cannot tell whether the provider was acting as an OSP or intermediate.

Let’s see what the Commission comes up with on September 30.

TransNexus solutions

We offer STIR/SHAKEN and robocall mitigation solutions in our ClearIP and NexOSS software platforms. We can make your STIR/SHAKEN deployment a smooth process.

In addition, we help service providers with all aspects of STIR/SHAKEN deployment, including registering with the Policy Administrator and filing their certification with the FCC.

We also offer robocall mitigation solutions for non-U.S. service providers. These solutions will enable you to have your calls accepted by U.S. service providers in compliance with FCC rules.

Contact us today to learn more.