To fight against telephone scams, telco operators assure that they will strengthen their arsenal of tools with a call authentication protocol.
The president of the French Telecoms Federation explains to Le Parisien that this call authentication protocol must limit number theft (a scam known as “spoofing”).
After an initial test phase, operators will cut off communications that do not meet the authentication conditions provided for by the protocol from this fall.
A system set out by a 2020 law, the Naegelen law
The idea is not new: it is a provision initially set out by a 2020 law, the Naegelen law, which forces operators to put in place call authentication systems intended for their customers, and to cut communication when this authentication is not complete.
The objective is to fight against fraudulent calls, in particular those which exploit vulnerabilities in the telephone system to spoof, for example, the telephone number of a bank.
End of break-in
This authentication protocol, called Number Authentication Mechanism (MAN) in France, is based on an American protocol known as STIR/SHAKEN.
It was implemented in the United States from 2019. This protocol allows authentication of telephone numbers by verifying in particular their compliance with the telephone numbering plan established by Arcep.
In cases where the call authentication conditions are deemed insufficient, the protocol makes it possible to stop the communication.
Implemented since the summer of 2023, this system was currently in a “running-in” period among the various French operators: calls not meeting the authentication conditions were not interrupted, but came to feed databases. data shared between operators grouping together information on these spoofed calls.
From September, operators therefore want to start cutting unauthenticated calls.
The technique should limit certain telephone frauds, but does not constitute an unstoppable tool either, specifies the director of the FFT: frauds rely on computer hacking to take control of an organization’s systems and impersonate it. , or those using a legitimate telephone number specific to the scammer should not be stopped by the activation of this device.