The robocalls come when you are driving and they bother you at night. It doesn’t matter if you’re in bed or in a meeting.
Here’s the worst news: There is really no way for you to stop them.
I know this because for the past few years, I have been bombarded with robocalls alerting me that I owe student loans, or that I won a free vacation, or that I am being audited by the Internal Revenue Service.
Like many people, I have tried the available solutions. I added my cellphone number to the Do Not Call Registry and installed apps that purport to block spam calls. Yet many of those calls still came through.
Since this column is called Tech Fix and not Tech Rage, I have been waiting for real solutions to recommend before writing about robocalls. I’m still waiting, but I have some good news. Technologists have been working on technical protocols for blocking the calls before they come through. If they succeed, you won’t even notice when scammers or bots try to call you.
For now, robocalls are on the rise. By some estimates, nearly 50 percent of calls made this year will be spam. That means phone calls are reaching a point similar to the one email got to about 20 years ago. Remember when email spam was so bad that we thought that method of communication would become unusable? The problem put pressure on tech companies to find ways to catch the vast majority of spam mail before it reached your inbox.
The telecommunications industry is now working toward a similar solution for robocalls.
“We should make sure that every consumer gets all the communication they want — every company and person that they communicate with, those should rise above the noise and all the bad people out there, and that’s the goal,” said Jeff Lawson, the chief executive of Twilio, a communications company that is working with carriers on eliminating illegitimate calls.
More on that later. Here’s why today’s robocall blockers are incomplete, and what to look forward to.
Why you are losing the fight against robocalls
In the past few years, carriers and others have offered various products to block spam calls. A sampling of the apps includes RoboKiller, Verizon’s CallFilter, AT&T’s CallProtect and T-Mobile’s NameID.
They all generally work the same way: The apps rely on a blacklist of phone numbers deemed to be spam callers that was compiled by multiple parties and data sources. Companies continually update the lists, adding more numbers associated with scammers or spammers. So if you have one of these apps and a call comes in from a number that has been flagged, it may be blocked.
But while the apps are helpful to an extent, they aren’t sufficient to put an end to robocalls. The problem: Scammers can use internet apps to “spoof” calls, manipulating phone networks to ring your phone from numbers they actually aren’t calling from — including numbers that belong to honest people like you, your doctor or your pharmacist. Spoof calls usually get past the filters.
After activating the RoboKiller app on my iPhone, for instance, I received calls from five phone numbers known to be robocallers. One of the numbers successfully rang my phone without being blocked.
Ethan Garr, chief product officer of TelTech, which makes RoboKiller, said that when robocalls get through, it may be because they came from numbers unfamiliar to the app. Other apps I experimented with produced similar results.
Another solution is signing up for the Do Not Call Registry, which is managed by the Federal Trade Commission. At this site, you register your cellphone or land line number to opt out of receiving calls from telemarketers. People who try to spam numbers on the list risk hefty fines from the federal government.
While everyone should add their phone number to the Do Not Call Registry as a preventive measure, it’s an incomplete solution. Robocallers don’t care if you are on the list because they can hide their identities by spoofing numbers, so they will call you anyway.
See what I’m getting at? Spoofed calls, and the inability to verify that a call is truly from the person or business it appears to be from, are a major problem. It’s a problem the phone industry is now working to address.
Why can calls be spoofed?
As far back as the 1970s, phone companies allowed numbers to be spoofed because there were legitimate purposes for doing so.
Businesses benefited from the practice. If a customer service representative from your power company called you, the call would appear to be from the company’s general 800 number and not the direct line for that customer service representative. The feature was intended to protect the privacy of people like that customer service representative.
But this became a weakness that now allows robocallers to spoof numbers, which they can easily do using internet calling apps. The calls could actually be coming from a scammer in Nigeria or India, but your phone will say it’s coming from someone domestically.
What comes next
The next step is a mouthful, but bear with me. Phone companies are working on a technology called Stir/Shaken, an industry-coined acronym for a method of authenticating phone numbers. (You don’t want to know what it stands for.)
The gist is that phone companies are upgrading their networks to attach digital signatures to each phone call. The signatures ensure that the calling party is authorized to use that phone number. So if a call is coming from Joe, the phone company can analyze the signature and verify that Joe is calling. If someone other than Joe is using his number, the lack of a signature could indicate that the number is being spoofed.
Phone companies are experimenting with letting calls ring your phone and telling you whether or not the token has been “signed,” or verified as coming from the actual caller. Depending on which smartphone you own, a verified call could appear on your screen with a check mark or a message like “call authenticated.”
Phone carriers hope to eventually reach a point where they can prevent unverified numbers from ringing your phone at all, said Joseph Russo, a senior vice president of network operations for Verizon.
“At this point, the strategy is to display it to the customer and allow them to have the choice as to what they want to block and not block,” he said. “The end goal is to not let the calls come through in the first place.”
A lot needs to happen for the effort to succeed. Service providers, handset makers and others in the telecom industry must all work together, Mr. Russo said. The solution wouldn’t be as useful if Verizon authenticated numbers only between its own customers, for example. All carriers need to use the same methodology to cooperate and pass the information along to one another.
The collaborations are just beginning. This year, T-Mobile, AT&T and Verizon announced successful experiments with Stir/Shaken. Comcast also unveiled partnerships with those carriers for authenticating calls made between its voice customers and their networks.
Mr. Lawson of Twilio said he was optimistic that robocalling could be reduced. Carriers have a history of working together on technical standards and protocols to ensure that their networks succeed, he said.
“Carriers, in particular, are well situated to be able to solve the problem,” he said.
So you and I can’t do much to fight robocalls. But hopefully, someday soon, we won’t have to.
Orignially published in NYT.