Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            June 30th, 2022 Deadline!

            Modified on Fri, 3 Jun, 2022 at 1:09 AM

            FCC’s JUNE 30 DEADLINE - LATEST 

            There is a lot of attention to the June 30th date right now, with a deadline coming up for intermediate carriers to be ‘fully compliant’ with the FCC’s stir/shaken regulations.

             

            If you haven’t started, you probably aren’t going to make it.

             

            Contact us, we can do the process for you, and both before you are complaint, and after you are compliant, we can help provide your stir/shaken operating systems. info@callconnect.net

            or to contact our Stir/Shaken division directly call: 310-909-8709 (Option# 3)

             

            Here is the compliant process:

             

            JUNE 1ST - BOTTOM LINE 

            Non-Facilities-Based VSPs (NFVSPs) must be fully STIR/SHAKEN compliant by June 30, 2022.

             

            A NFVSP is a small VSP that offers voice service to end-users solely using connections that are not sold by the provider or its affiliate. In other words, if a VSP’s upstream carrier(s) is not affiliated with the VSP, it must implement STIR/SHAKEN in the IP portion of its network by June 30, 2022.

             

            There are several steps that must be followed to become fully STIR/SHAKEN compliant.

             

            BUT FIRST, A BRIEF HISTORY OF ROBOCALL MITIGATION

            In 2019 Congress passed the TRACED Act, requiring the FCC to promulgate rules to ensure that voice service providers (VSPs) implement STIR/SHAKEN in the IP portions of their networks to prevent illegal robocalls. 

             

            STIR/SHAKEN requires VSPs to verify that the caller ID information transmitted with a particular call matches the caller’s number, monitor traffic patterns, trace calls back to their sources, and block illegal robocalls before they reach the called party.

             

            In 2020, the FCC mandated STIR/SHAKEN rules, requiring full compliance by June 30, 2021. The Commission later granted a two-year extension for small VSPs (those with 100,000 or fewer subscriber lines) as long as those VSPs filed robocall mitigation plans by the original deadline. 

             

            In December 2021, the FCC shortened the full STIR/SHAKEN deadline for a certain class of small VSPs to June 30, 2022.

             

            STEP ONE Obtain an OCN

            Step One: Operating company number (OCNs) are distributed by the National Exchange Carrier Association (NECA). NECA has an application process that requires the applicant to list administrative information, pick the applicable service class (most VSPs will choose the IPES category), and provide the following materials for an IPES OCN: 

            • Articles of Incorporation (with state seal) 
            • Interconnection agreement with upstream provider
            • Proof of customers (typically a sample invoice)
            • NECA may request additional information 
            • Fees are $475 for 10-day service or $600 for 3-day service.

             

            STEP TWO 

            Step Two: Register with the STI-PA 

             

            After receiving the OCN, the next step is to register with the Secure Telephone Identity Policy Administrator (STI-PA), iconectiv, to become an authorized carrier and receive a service provider code (SPC) token. Iconectiv requires the following information:

             

            • OCN
            • Current FCC Form 499A 
            • Billing contact

             

            When the first portion of the application is submitted, iconectiv will send an email to the billing contact, requesting authorization and additional information. Most of the questions pertain to simple administration issues, but there are some arcane questions such as:

             

            The desired token expiry date. The minimum value is one day and the maximum is two years. Most VSPs choose two years, but others choose much shorter periods for security purposes (i.e., a rogue employee could use a VSP’s two-year token for his/her own purposes; but, since tokens automatically renew, that employee could not misappropriate a one-day token). 

             

            Whether the VSP is working with an STI-PA approved software vendor and that vendor’s IP address for whitelisting purposes.

             

            STEP THREE

            Step Three: Obtain a Token 

             

            Most VSPs will choose to work with an approved software provider to upgrade their software platforms to make them fully STIR/SHAKEN and act as a certification authority (“CA”). The eight approved software providers are: TransNexus, Neustar, Metaswitch, NetNumber, Sansay, Ribbon, GBDSTech, and Peering Hub. 

             

            Any of these CAs will complete the process of obtaining a token from iconectiv. The CAs typically charge $450 - $500 per month for their services, but for “atypical” software systems, the fees could be more. 

             

            If a VSP chooses to obtain a token on its own, it will need to run tests with iconectiv, upgrade its own software, and finish the STI-PA application process. Iconectiv has published Guidelines as a reference for VSPs to complete the token process

             

            STEP FOUR AND FIVE

            Steps Four & Five: Obtain a Certificate & Confirm STIR/SHAKEN Compliance

             

            To get a certificate, VSPs need to submit a certificate signing request “(CSR”) and send it with their token to the CA. If the application is approved, the CA issues a STIR/SHAKEN certificate to the VSP. 

             

            Even if a VSP chooses to upgrade its software and obtain a token on its own, it will still need to work with one of the eight approved CAs to obtain a certificate 

             

            Once a certificate is issued, the VSP will be fully STIR/SHAKEN compliant. 

             

            The final step is for a VSP to sign into the FCC’s Robocall Mitigation Database and upgrade its status to “Full STIR/SHAKEN Compliant.”

             

            When these steps are completed, the requirements for the June 30 deadline will be met. 

             

            If a VSP cannot meet the deadline, it must file a request for extension of time with the FCC before June 30. In order for such a request to be granted, the VSP must prove that circumstances beyond its control requires an extension. The FCC will not grant extension for other reasons.

             

            FCC COMPLIANCE RULES

            Once a VSP has implemented STIR/SHAKEN into the IP portion of its network, the network should authenticate and/or verify caller ID information, which is the crux of the FCC’s robocall mitigation rules. The rules are found at 47 C.F.R. §§ 64.6300 – 64.6308. 

            Two specific requirements are important to remember:

            All VSPs must respond in a timely manner to traceback requests by the Industry Traceback Group (ITG). ITG has published a Policies and Procedures Manual, which should be read by all VSPs. 

            VSPs are not permitted to recover STIR/SHAKEN expenses from consumer or small business customers. 

            A small business has no more than 1,500 employees and less than $38.5 million in average annual revenue.

             

            CONSEQUENCES OF NONCOMPLIANCE 

            The FCC will impose very severe sanctions on VSPs that are not STIR/SHAKEN by the June 30 deadline. 

             

            The FCC has authorized other network operators to block calls from noncompliant VSPs.

             

            The Commission has imposed massive fines against entities that have engaged in illegal spoofing and robocalling: $225 million fine against Texas based health insurance telemarketers for making illegally spoofed robocalls; $120 million fine for illegal “neighbor” spoofing by a Florida-based time-share marketing operation; an $82 million fine against a North Carolina-based health insurance telemarketer, and a $37.5 million fine of an Arizona marketer which made millions of spoofed calls that appear to come from consumers. While those sanctions were imposed against the robocallers themselves, the FCC could impose similar fines against non-compliant VSPs for facilitating illegal robocalling.

             

            OTHER AREAS OF ROBOCALL ENFORCEMENT 

            The FCC is not the only entity that enforces laws and regulations against illegal robocalls and VSPs who violate them. The states, Federal Trade Commission, and private companies are also actively involved.

             

            All state attorneys general are partnering with the FCC to establish information sharing and cooperate in investigations of illegal robocalling, including non-compliant VSPs. 

             

            State robocall laws are often more stringent than those of the FCC. For example: 

             

            Vermont prohibits “knowingly routing illegal robocalls or consciously avoiding knowledge of doing the same.” Sanctions include $10,000 per violation, restitution to consumers, and paying the cost of the investigation.

             

            Michigan will prosecute any entity who “makes or causes to be made an illegal robocall,” including VSPs that “accept” such calls into their networks. Penalties are similar to those of Vermont. 

             

            Vermont, Michigan, and other states are actively enforcing their robocall laws. 

             

            The FTC recently filed a complaint against a VoIP in federal court, alleging violation of the Telecom Sales Rule because, among other things, the VOIP failed to block illegal robocalls. The FTC seeks an injunction and substantial monetary sanctions. 

             

            Marriott recently amended its federal multimillion dollar lawsuit against robocallers who made fraudulent calls and misused its name to include various VOIPs, alleging that they furthered the robocall scam by enabling telemarketers to conduct their calls.

             

            1 Call Connect is here to help navigate you through STIR/SHAKEN Compliance and Implementation.

            For more information, click here or to contact our Stir/Shaken division directly call: 310-909-8709 (Option# 3)

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0