October 31, 2024

An In-Depth Look at Tracebacks

Tracebacks are the telecommunications industry's answer to the surge in illegal robocalls, tracing calls back to their origin to identify responsible parties. Initiated by the TRACED Act of 2019, Tracebacks have become a crucial tool for combating scam and abusive calls. The Industry Traceback Group (ITG) spearheads these efforts, working with service providers and law enforcement to pinpoint the sources of suspicious call traffic.

Blog
An In-Depth Look at Tracebacks

An In-Depth Look at Tracebacks

In the context of this article, a Traceback describes the process of identifying the party or parties ultimately responsible for the initiation of an illegal prerecorded call, more commonly known as a robocall. A relatively recent introduction to the telecommunications landscape, Tracebacks have become an indispensable tool in the struggle to stem the tide of illegal, abusive, and scam robocalls.

Tracebacks and the TRACED Act

Tracebacks as we know them today got their start in 2019 with the enactment of the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act, better known as the TRACED Act.

The TRACED Act was implemented in the wake of a massive surge in illegal automated voice message calls (aka robocalls) that started in 2000’s and snowballed in the 2010’s as telecommunications networks evolved to incorporate Voice Over IP (VoIP) services, which made the task of placing automated calls to US numbers much easier, and far cheaper, than ever before.

Although most unwanted robocalls are not placed with criminal intent, a sizable portion of them facilitate criminal scams against unsuspecting consumers, such as calls that attempt to collect a payment by falsely informing someone that they owe money to the IRS or another government agency. Scam robocalls often originate from overseas and are accompanied by a spoofed number belonging to the government agency the message appears to come from, which greatly enhances their credibility.

After several years in which scam robocalls topped the FCC’s complaint list, in 2019 Congress passed the TRACED Act to give the FCC, law enforcement agencies, and consumers additional tools to combat illegal robocalls and the spoofed Caller IDs that often come with them. While the TRACED Act is quite complicated, it basically concerns two major initiatives for curbing illegal robocalls: (1) call authentication; and (2) Tracebacks.

Call Authentication

The call authentication provisions in the TRACED Act compel voice service providers (VSPs) to develop and implement authentication technologies to help determine whether a call is legitimate or a potential scam. They decided upon what is essentially a two-part solution known as the STIR/SHAKEN framework.

The STIR part stands for Secure Telephony Identity Revisited, and it adds a digital certificate to the Session Initiation Protocol (SIP) data used to initiate and route calls in VoIP communications networks. The originating VSP accepting a call from a customer to be distributed through the networks first examines the caller ID to ensure that it matches those assigned to the customer, and then attaches an encrypted certificate to the SIP header that includes the VSP’s identity and an alphabetical trust value, otherwise known as an attestation, of either A, B, or C.

Full Attestation (A): Calls signed with an “A” attestation indicates that the VSP has authenticated the calling party, and they are authorized to use the caller ID. A VSP would be able to sign calls from its direct customers with an “A” attestation but would not be able to do so for wholesale customers like dialing platforms.

Partial Attestation (B): If a call is signed with a “B” attestation, it means the VSP has authenticated the provider that originated the call but cannot verify the party placing the call is authorized to use the caller ID.

Gateway Attestation (C): Calls signed with a “C” attestation indicates only that the source sent the call to the VSP’s network, but it cannot authenticate the originating provider. An example of this case would be a call received from an international gateway.

VoIP software on the receiving end can check the authenticity of the message by decrypting STIR using the provider's public key.

STIR works for VoIP calls because they are transmitted through the Internet, but it will not suffice for calls directed through landline and cellular networks, because the SIP header data cannot be sent to the receiving provider. The SHAKEN aspect of the solution addresses calls directed through landline and cellular networks. Short for Signature-based Handling of Asserted information using toKENs, SHAKEN is a set of guidelines that instruct non-VoIP service providers on how to deal with calls that have incorrect or missing STIR information.

Tracebacks

In addition to the STIR/SHAKEN call authentication method, the TRACED Act established a framework for an industry-led call tracing program to ascertain the likely source of illegal robocalls. The Traceback concept did not originate with the TRACED Act, however. In the years leading up to 2019, several telecommunications companies had undertaken efforts to trace the origin of calls traversing their respective networks, but because they had no functional means to coordinate their efforts, they often fell short of success.

Section 13(d) of the TRACED Act called for the establishment of “a single consortium that conducts private-led efforts to trace back to the origin of suspected unlawful robocalls.” The FCC selected the USTelecom Industry Traceback Group (ITG) as the single registered consortium to conduct private-led traceback efforts.

The Industry Traceback Group

The ITG is essentially an association of hundreds of telecommunications service providers led by major players like AT&T, Comcast, T-Mobile, Verizon, and Cox. Since it was first selected by the FCC on July 27, 2020, the ITGs mission has been to conduct tracebacks on behalf of the communications industry, and to assist domestic and foreign voice service providers and governmental agencies by tracing illegal robocalls to their origin point.

Tracing a call to its origin point is a far bigger challenge than it may seem. Voice service providers only know the identity of the customer or provider they received a call from and where they routed it. A call is usually passed through the networks of at least four, and sometimes as many as 9 or 10 service providers before it rings the phone of its intended recipient, and billions of calls traverse the networks of hundreds of interconnected service providers in any given day.

Prior to the TRACED Act, the identity of a party that initiated a call was a complete mystery to everyone except the originating service provider. The limited insights available to a single service provider made it difficult to determine whether any illegal robocalls were traversing its network, and if so, who was ultimately responsible for them. The creation of the ITG and the Traceback process it employs forever changed that dynamic.

Operating in accordance with a strict set of written policies and procedures, the ITG works with federal and state law enforcement agencies seeking the origin of suspected illegal robocall traffic. Although it coordinates with the FCC, the Federal Trade Commission (FTC), the Department of Justice, and state attorney generals’ offices, the ITG itself is a private entity, and not a law enforcement agency.

That doesn’t mean the ITG lacks clout, however. FCC rules require all voice service providers to respond to ITG traceback requests within 24 hours, but the ITG expects a response within four hours if possible. Any provider that fails to timely cooperate with an ITG traceback request runs the risk of the FCC removing it from the Robocall Mitigation Database. If that happens, other providers must refuse to accept the recalcitrant provider’s traffic, which will effectively shut down that company as a going concern.

In light of this power to end their very existence, service providers disregard an ITG traceback request at their own peril.

How Calls Are Identified for Tracebacks

The ITG identifies suspicious calls to be traced back in the following ways:

ITG Steering Committee Member Referrals: Members of the ITG Steering Committee are voice service providers responsible for managing the ITG and refer suspicious calls for Tracebacks that have been reported by their subscribers as potentially fraudulent.

Analytics Companies: The ITG partners with call analytics companies like Nomorobo and YouMail to help identify Traceback candidates. These companies use scoring algorithms to identify suspected fraudulent robocall traffic to their subscribers and deliver suspicious call data to the ITG for investigation.

Law Enforcement Agencies: The ITG initiates Tracebacks on behalf of local, state, and federal law enforcement agencies, and provides them with actionable leads on active suspicious traffic campaigns.

Organizations Dealing With Abusive or Scam Calls. Public and private organizations subject to abusive or scam calls, including businesses whose brands are being illegally hijacked for use in in robocall campaigns may submit requests to the ITG to initiate Tracebacks for such calls. The ITG may require a fee in these situations.

Tracebacks may also be initiated as a result of the ITG’s internal analysis of voice traffic across multiple networks. It identifies calling campaigns to select for Tracebacks by analyzing data submitted by its partners to identify call patterns that bear the hallmarks of abusive, unlawful, or fraudulent practices, such as missing header information, volumetric anomalies, and a high volume of consumer complaints.

Prior to initiating a Traceback, the ITG conducts due diligence to ensure that the nature of the suspicious traffic is serious enough to warrant utilization of its resources. It generally targets ongoing high-impact and/or high-volume illegal robocalling campaigns as well as other high-impact illegal spoofing scams.

While the ITG’s primary focus is high-volume illegal robocall campaigns, it also conducts tracebacks on lower volume, but equally or even more harmful campaigns, such as telephony denial of service (TDoS) attacks, social engineering attempts, and credible threats of harm.

The Traceback Process

Once the ITG elects to initiate a Traceback, it enters the incident data associated with the suspicious call into its secure Traceback portal, which can include the following elements:

  • The originating phone number;
  • The originating IP address;
  • The called phone number;
  • The called IP address;
  • SIP header anomalies;
  • Evidence of Caller ID or Automatic Number Identification (ANI), number spoofing;
  • Call volume data, including call detail record (CDR) file information;
  • Call time and date; and
  • Information about voice service providers in the call path.

Once the information required for a Traceback has been entered in the portal, a notification is sent to the terminating service provider that passed the suspicious call to its intended recipient. As a call is systematically traced through networks, semi-automated email notifications are sent via the portal to voice service providers in the call path.

Each provider in the call path then determines the identity of the upstream provider from whom it received the call and enters the information into the portal. If an upstream provider is not listed in the online portal, the downstream provider supplies contact information for it so that the portal can be appropriately updated (all voice service providers are expected to have current and correct contact information for those from whom they accept traffic).

The process continues until the originating voice service provider is identified or a dead end is reached. All communications from upstream and downstream providers concerning a Traceback are automatically logged in the portal. If a provider does not respond promptly to a Traceback request, the Traceback is automatically closed.

Traceback Results

Once the originating voice service provider has been identified and informed about the suspicious traffic that triggered the Traceback, it must thoroughly investigate the matter to determine whether the customer who initiated the suspicious calls did so unlawfully. If the results of the investigation indicate that the calls did not violate the law, the provider must provide the ITG with the information provided by its customer that led to that conclusion.

However, if the investigation reveals that the customer violated applicable statutes, rules, or regulations, the provider will be required to undertake steps to mitigate any further illegal robocalls, which includes terminating that customer’s account.

The TRACED Act and FCC rules require all voice service providers to take affirmative steps to stop or prevent abusive, harmful, fraudulent, and otherwise illegal voice calls, and the FCC has repeatedly demonstrated its willingness to shut down providers that fail or refuse to follow its rules.

Tracebacks
Tracebacks
Put an end to spam flags!
Reclaim control of your caller IDs and make sure your customers pick up your calls.
Start Free Trial

Recent Posts

April 19, 2023
The Ultimate Guide to Ensuring Your Calls are Displayed as "Verified Calls" by Carriers
April 19, 2023
Explaining Caller ID: What It Is and How It Works

TOPICS

Best Practices
Call Center
Caller ID Monitoring
Caller ID Remediation
Compliance
Industry Regulations
STIR/SHAKEN
STIR/SHAKEN
Telecom Technologies

Enjoy the article? Check out some related reading.

Number Verifier fixes Spam Likely
December 11, 2024
New California Law Addresses Digital Purchase Disclosures
Starting January 1, 2025, California's AB 2426 will enforce stricter Digital Purchase Disclosures, requiring sellers to clearly state when consumers are merely obtaining a revocable license rather than full ownership of digital goods. This law aims to eliminate misleading advertising practices and ensure transparency in digital transactions.
Number Verifier fixes Spam Likely
December 2, 2024
Supreme Court to Further Examine Agency Authority in TCPA Case
The Supreme Court is set to resolve a critical question regarding the Hobbs Act's requirement for district courts to defer to the FCC’s interpretation of the TCPA. This decision could reshape agency authority and impact TCPA-related litigation significantly. Businesses should stay alert as this ruling may alter compliance requirements across jurisdictions.
Number Verifier fixes Spam Likely
November 15, 2024
FTC Takes Action Against Sitejabber for Misleading Consumer Reviews
The FTC has taken action against Sitejabber, an AI-driven review platform, for publishing misleading consumer reviews. Allegedly, Sitejabber allowed businesses to inflate their star ratings and review counts through deceptive means. This case emphasizes the importance of transparency in AI-managed consumer feedback systems.
Untitled UI logotext
Join our newsletter to stay up to date on features and releases.
We care about your data in our privacy policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
INFO
Pricing
Signup
SUPPORT
Email
Phone
Privacy Policy
Terms of Use
SOCIAL
© Copyright Number Verifier | All Rights Reserved.