U.K. progress on central number database for STIR/SHAKEN

A new standards document has been published in the U.K. for a common telephone numbering database. This is expected to be a component in the U.K. deployment of CLI authentication—the U.K. version of STIR/SHAKEN.

Calling Line Identification (CLI)

In the U.K., the caller is identified by CLI (Calling Line Identification). This is why they refer to the call authentication framework they’re building as “CLI authentication.”

There are two CLIs conveyed on calls:

1. The Network Number unambiguously identifies the point of entry into the public telephone network. In the U.K. SIP standards, the Network Number is carried in the P-Asserted-Identity header field.
2. The Presentation Number is used for display. The Presentation Number may be the same as the Network Number. In the U.K. SIP standards, the Presentation Number is carried in the From header field.

CLI authentication plans

Ofcom, the communications regulator in the U.K., recently described their vision for how CLI authentication could work in a consultation document they published on 28 April 2023, Calling Line Identification (CLI) authentication: a potential approach to detecting and blocking spoofed numbers.

The U.K. approach is different than STIR/SHAKEN in the U.S. We won’t detail all the differences here, but we will focus on the U.K. plan to use a central number database in CLI authentication. There’s no counterpart for this in the U.S. STIR/SHAKEN ecosystem.

Common number database

The U.K. vision is that the common numbering database will enable terminating providers to check that CLIs are being used properly.

NICC Standards Ltd, the U.K. technical forum for communications interoperability standards, published ND1214 – UK Requirements for a Common Database on 14 August 2023. It’s a technical document that describes the requirements for the common database (CDB) in detail.

The CDB would provide independent confirmation that the Network Number associated with a call is allocated to and in use by the originating provider that authenticated the call.

Let that sink in for a moment.

In the U.S., terminating providers have seen many instances of improper attestation, for example, calls with invalid calling numbers and full A-level attestation. The STI Governance Authority has published guidance on improper attestations to warn of the consequences. Terminating providers check for invalid and unallocated caller ID numbers. Unused is more difficult.

In the U.K., the CDB would make these checks easy. Independent confirmation of authentication claims.

What about Do-Not-Originate (DNO) numbers? In the U.S., terminating providers check separate DNO lists. Examples include the ITG DNO list and the Somos RealNumber DNO solution. In the U.K., the ND1214 standard provides a DNO Status field in the database.

The Ofcom has not yet required a common number database; it asked for feedback on the concept in its consultation. Reading the new standards document, it’s easy to see that such a database would provide substantial benefits to telephone service providers for CLI authentication and other purposes.

TransNexus solutions

TransNexus is a leader in developing innovative software to manage and protect telecommunications networks. The company has over 20 years’ experience in providing telecom software solutions including toll fraud prevention, robocall mitigation and prevention, TDoS prevention, analytics, routing, billing support, STIR/SHAKEN and SHAKEN certificate services.

Contact us today to learn more.