Scam Likely

The most common caller on my Android phone is Scam Likely. I am sure that most of you are in a similar situation.

Last week we were driving and two calls came into The Gotham Gal’s phone which was bluetoothed into our car and she declined both. I asked her why she did that. She said they were likely robo calls. I told her that they looked to be legit numbers to me. Later on she found out that both calls were from people she knew, but for some reason those names were not showing up on the car dash and so she declined the calls.

That led to a discussion of why spam filtering for email has gotten so good and robocall filtering for phone calls is still not great. I brought up the great work the email industry has done over the last twenty years with email signing protocols like DKIM and SPF, and the email industry’s adoption of DMARC protocol which operationalizes DKIM and SPF. We decided that the telephony industry needs similar solutions.

Well, it turns out that the telephony industry is working on them.

Jeff Lawson, founder and CEO of Twilio, a company that was a USV portfolio company and which The Gotham Gal and I are still large shareholders in, is writing a series of blog posts about how the telephony industry can fix the robo call problem.

In Jeff’s first post in the series, he explains that the telephony industry is developing their own versions of DKIM and SPF and DMARC:

Some very smart people have been working on new ways of cryptographically signing calls – a digital signature – proving ownership of a phone number before the call is initiated. One example of this is a new protocol called STIR/SHAKEN, which the communications ecosystem is working on now. Before any authentication method can be impactful at scale, it needs to be adopted by a broad swath of the ecosystem. Twilio is fully committed to efforts to authenticate calls so the identity of callers can be proven, and it looks like STIR/SHAKEN is a good candidate to do just that.

In Jeff’s next post, he will address the role that identity (of the caller and the recipient) and reputation will play in solving the robo call epidemic. I look forward to reading it.

If you want to make sure to get Jeff’s posts, you can follow him on Twitter, like I do.