Secure telephone networks: Combating fraud using digital certificates
Voice fraud, scam calls, and number spoofing have become a familiar part of today’s digital landscape, affecting people, businesses, and governments alike. Fraudulent telephone activities mainly aim at illegally acquiring personal or financial information through social engineering or robocalls.
Caller ID spoofing enables criminals to impersonate trusted entities, such as banks or law enforcement, and deceive victims with financial scams.
Telephone fraud often happens due to inherent vulnerabilities in network signalling protocols, which do not require mandatory validation of the caller’s number.
Introducing caller validation at the signalling level can be an effective countermeasure, according to experts in signalling requirements and protocols at the International Telecommunication Union (ITU), the United Nations specialized agency for information and communication technologies.
If all calls had to be authenticated by the network before reaching the recipient, spoofing and phone deception would be considerably reduced.
ITU experts respond
To address this critical issue, ITU-T Study Group 11 (Protocols, testing and combating counterfeit telecommunication/ICT devices) is developing a series of standards for integrating and validating digital public-key certificates at the signalling level. The ITU standards Q.3057, Q.3062 and Q.3063 offer Calling Line Identification (CLI) signature mechanisms for existing and future networks, as well as those based on the legacy Signalling System No.7.
This standards-based approach to fraud prevention can enhance the reliability and trustworthiness of voice communications globally.
In parallel, ITU-T Study Group 2 (Operational aspects) is supporting these Study Group 11 activities by developing assignment criteria for registration authorities to issue digital public certificates, while ITU-T Study Group 17 (Security) is responsible for the public-key and attribute certificate frameworks defined by ITU standard X.509.
Learn more about ITU’s work on signalling security.
Upcoming workshop: Securing telephone networks
A workshop at ITU headquarters in Geneva, Switzerland, on 17 November explores the issue of “Securing telephone networks: Toward a collaborative approach for combating fraudulent communications using digital certificates.”
The workshop aims to:
- Raise awareness of the growing threats posed by fraudulent communications.
- Present current ITU initiatives related to the use of digital public-key certificates to authenticate calling line identification (CLI).
- Facilitate international collaboration to address this global issue.
A dedicated roundtable will bring together government agencies, telecom operators, financial institutions, standards bodies, and cybersecurity experts for an open, solutions-oriented dialogue.
The session aims to help establish ITU signalling security standards and promote the creation of a trusted global framework for secure interconnection. Ultimately, such steps will reinforce global telecommunications infrastructure against fraud.
Header image credit: Adobe Stock
